fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.fraud.net/
Effective URL:
https://fraud.net/
Submission: On October 31 via manual (October 31st 2023, 4:05:22 pm UTC) from CH — Scanned from CH

Summary HTTP 249 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 59 IPs in 7 countries across 39 domains to perform 249 HTTP transactions. The main IP is 199.16.172.83, located in United States and belongs to AUTOMATTIC, US. The main domain is fraud.net. The Cisco Umbrella rank of the primary domain is 139085.
TLS certificate: Issued by R3 on October 3rd 2023. Valid for: 3 months.

This is the only time fraud.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	199.16.172.83 199.16.172.83	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
88	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1 5	2600:9000:261... 2600:9000:2611:fa00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.161.119.41 3.161.119.41	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.59.128.196 148.59.128.196	33561 (LUNAVI-WY) (LUNAVI-WY)
1	2606:4700:440... 2606:4700:4400::ac40:90e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.44 18.66.112.44	16509 (AMAZON-02) (AMAZON-02)
9	188.166.193.169 188.166.193.169	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	169.150.247.38 169.150.247.38	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:589a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7e0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4dba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a05:d018:cc3... 2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
6	134.122.57.141 134.122.57.141	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	54.189.11.195 54.189.11.195	16509 (AMAZON-02) (AMAZON-02)
4	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
2	52.72.38.254 52.72.38.254	14618 (AMAZON-AES) (AMAZON-AES)
1	52.30.245.118 52.30.245.118	16509 (AMAZON-02) (AMAZON-02)
3	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.217.225.11 34.217.225.11	16509 (AMAZON-02) (AMAZON-02)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	134.122.60.49 134.122.60.49	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.33.163.81 3.33.163.81	() ()
1	75.2.91.175 75.2.91.175	() ()
1	3.161.119.14 3.161.119.14	() ()
2	54.163.187.81 54.163.187.81	() ()
2 2	185.89.210.141 185.89.210.141	() ()
1	18.66.97.76 18.66.97.76	() ()
249	59

16 199.16.172.83 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

onsite.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-account.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-renderer.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
editor-upload-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

88 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149360532.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2611:fa00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.119.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-41.vie50.r.cloudfront.net

media.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.59.128.196 (Canada)

ASN33561 (LUNAVI-WY, US)

track.cbdatatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:90e1 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-44.fra56.r.cloudfront.net

s.opensend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.166.193.169 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:589a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 134.122.57.141 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

app.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.leadconnect.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.leads.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
testpage.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.189.11.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-11-195.us-west-2.compute.amazonaws.com

os.aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.38.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-38-254.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.245.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-245-118.eu-west-1.compute.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.217.225.11 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-225-11.us-west-2.compute.amazonaws.com

alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.60.49 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.events.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn-asset.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.163.81 (None, )

ASN- ()

aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.91.175 (None, )

ASN- ()

nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.119.14 (None, )

ASN- ()

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.163.187.81 (None, )

ASN- ()

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.76 (None, )

ASN- ()

cdn.nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	pressablecdn.com 149360532.v2.pressablecdn.com	5 MB
22	gstatic.com fonts.gstatic.com www.gstatic.com	898 KB
22	optimonk.com onsite.optimonk.com — Cisco Umbrella Rank: 40662 cdn-account.optimonk.com — Cisco Umbrella Rank: 40537 front.optimonk.com — Cisco Umbrella Rank: 25181 gs-cdn.optimonk.com — Cisco Umbrella Rank: 30580 jfapiprod.optimonk.com — Cisco Umbrella Rank: 27649 cdn-asset.optimonk.com — Cisco Umbrella Rank: 46281 cdn-renderer.optimonk.com — Cisco Umbrella Rank: 58639 editor-upload-cdn.optimonk.com — Cisco Umbrella Rank: 59895	495 KB
17	fraud.net 1 redirects www.fraud.net fraud.net — Cisco Umbrella Rank: 139085 media.fraud.net — Cisco Umbrella Rank: 156884 device.fraud.net Failed	72 KB
9	aggle.net os.aggle.net — Cisco Umbrella Rank: 126997 aggle.net	6 KB
9	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3510 i.vimeocdn.com — Cisco Umbrella Rank: 3345 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3471	310 KB
9	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	115 KB
8	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 3056 d.adroll.com — Cisco Umbrella Rank: 1356 ipv4.d.adroll.com — Cisco Umbrella Rank: 12317	31 KB
5	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4294 forms-na1.hsforms.com — Cisco Umbrella Rank: 6733 perf-na1.hsforms.com — Cisco Umbrella Rank: 5955	6 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 5485 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 5222 track.hubspot.com — Cisco Umbrella Rank: 2298 forms.hubspot.com — Cisco Umbrella Rank: 4747	26 KB
4	convolo.ai app.convolo.ai api.leads.convolo.ai api.events.convolo.ai testpage.convolo.ai	51 KB
3	gcprivacy.com p.gcprivacy.com p2.gcprivacy.com	13 KB
3	leadconnect.cc app.leadconnect.cc	430 KB
3	google.ch www.google.ch — Cisco Umbrella Rank: 30247	669 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	63 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1959 vimeo.com — Cisco Umbrella Rank: 1878	22 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
2	adnxs.com 2 redirects ib.adnxs.com	1 KB
2	nytrng.com nytrng.com cdn.nytrng.com	808 B
2	alocdn.com 1 redirects alocdn.com — Cisco Umbrella Rank: 6868	710 B
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 27023	4 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4607 forms.hscollectedforms.net — Cisco Umbrella Rank: 4689	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	175 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	20 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4568	88 KB
1	opensend.com s.opensend.com — Cisco Umbrella Rank: 129256	4 KB
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8571	1 KB
1	cbdatatracker.com track.cbdatatracker.com — Cisco Umbrella Rank: 109773	180 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4272	2 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6454	178 KB
249	39

	Domain	Requested by
88	149360532.v2.pressablecdn.com	fraud.net 149360532.v2.pressablecdn.com
15	fraud.net	fraud.net 149360532.v2.pressablecdn.com
11	www.gstatic.com	f.vimeocdn.com www.google.com www.gstatic.com
11	fonts.gstatic.com	fonts.googleapis.com
9	front.optimonk.com	fraud.net front.optimonk.com
8	www.google.com	fraud.net js.hsforms.net www.gstatic.com www.google.com
6	os.aggle.net	s.opensend.com
5	s.adroll.com	1 redirects www.googletagmanager.com fraud.net s.adroll.com
4	editor-upload-cdn.optimonk.com	fraud.net
4	i.vimeocdn.com	player.vimeo.com fraud.net
4	f.vimeocdn.com	player.vimeo.com
3	aggle.net	s.opensend.com p.gcprivacy.com aggle.net
3	app.leadconnect.cc	app.convolo.ai fraud.net
3	jfapiprod.optimonk.com	gs-cdn.optimonk.com
3	forms.hsforms.com	js.hsforms.net fraud.net
3	px.ads.linkedin.com	3 redirects
3	www.google.ch	fraud.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fraud.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	fraud.net app.leadconnect.cc front.optimonk.com
2	ib.adnxs.com	2 redirects
2	p2.gcprivacy.com	p.gcprivacy.com
2	track.hubspot.com
2	cdn-asset.optimonk.com	front.optimonk.com
2	alocdn.com	1 redirects fraud.net
2	secure.gaug.es	fraud.net
2	d.adroll.com	1 redirects s.adroll.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	fraud.net connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	player.vimeo.com	fraud.net
2	www.googletagmanager.com	fraud.net www.googletagmanager.com
1	cdn.nytrng.com	nytrng.com
1	p.gcprivacy.com	fraud.net
1	nytrng.com	aggle.net
1	forms.hubspot.com	js.hsleadflows.net
1	cdn-renderer.optimonk.com	front.optimonk.com
1	testpage.convolo.ai	fraud.net
1	api.events.convolo.ai	app.leadconnect.cc
1	api.leads.convolo.ai	app.leadconnect.cc
1	vimeo.com	f.vimeocdn.com
1	perf-na1.hsforms.com	fraud.net
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	forms-na1.hsforms.com	fraud.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	ipv4.d.adroll.com	fraud.net
1	app.convolo.ai	fraud.net
1	www.facebook.com	fraud.net
1	px4.ads.linkedin.com	fraud.net
1	www.linkedin.com	1 redirects
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	region1.analytics.google.com	www.googletagmanager.com
1	gs-cdn.optimonk.com	fraud.net
1	s.opensend.com	fraud.net
1	tracking.g2crowd.com	fraud.net
1	track.cbdatatracker.com	fraud.net
1	ws.zoominfo.com	fraud.net
1	media.fraud.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn-account.optimonk.com	fraud.net
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.hsforms.net	fraud.net
1	onsite.optimonk.com	fraud.net
1	www.fraud.net	1 redirects
0	device.fraud.net Failed	media.fraud.net
249	72

This site contains links to these domains. Also see Links.

Domain
api-docs.fraud.net
releasenotes.fraud.net
portal.fraud.net
www.linkedin.com
www.facebook.com
convolo.ai

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
onsite.optimonk.com R3	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-09-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdn-account.optimonk.com R3	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.fraud.net Amazon RSA 2048 M02	`2023-10-11` - `2024-11-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-09` - `2023-11-07`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
track.cbdatatracker.com RapidSSL TLS RSA CA G1	`2023-04-05` - `2024-04-04`	a year	crt.sh
opensend.com Amazon RSA 2048 M01	`2023-09-29` - `2024-10-27`	a year	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G4	`2023-06-12` - `2024-07-13`	a year	crt.sh
gs-cdn.optimonk.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
api.leads.convolo.ai R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
aggle.net Amazon RSA 2048 M01	`2023-07-30` - `2024-08-27`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2023-03-02` - `2024-04-01`	a year	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2023-09-16` - `2023-12-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-09-08` - `2023-12-07`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
api.events.convolo.ai R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
cdn-asset.optimonk.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
cdn-renderer.optimonk.com R3	`2023-10-21` - `2024-01-19`	3 months	crt.sh
editor-upload-cdn.optimonk.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
nytrng.com Amazon RSA 2048 M02	`2023-03-25` - `2024-04-22`	a year	crt.sh
*.gcprivacy.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-01`	10 months	crt.sh
*.nytrng.com Amazon RSA 2048 M03	`2023-08-15` - `2024-09-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://fraud.net/
Frame ID: 99C6DE4F41964BEFC1342EC473F23493
Requests: 218 HTTP requests in this frame

Frame: https://player.vimeo.com/video/235637953
Frame ID: EDC2E07ED69FE8BF45278C08B8C0D643
Requests: 14 HTTP requests in this frame

Frame: https://cdn-renderer.optimonk.com/ssr/177110/6529c6cc923ed50023d05b4f.html?v=1697680740
Frame ID: 04862FA49243C120917D92363F5D42B3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&badge=inline&cb=2updys44200p
Frame ID: E07A8F7325D5E65E2C230D6A63E6F2DD
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: A586CD61DC9C576C2A53A552A9464683
Requests: 11 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=TLSS1RUA&_=0.5293790024828063
Frame ID: 136C8CAB9FB222AD83CDA39750E9E10C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AI Fraud Detection for Enterprises | Fraud.net

Page URL History Show full URLs

https://www.fraud.net/ HTTP 301
https://fraud.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

249
Requests

97 %
HTTPS

53 %
IPv6

39
Domains

72
Subdomains

59
IPs

7
Countries

7810 kB
Transfer

15163 kB
Size

54
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://api-docs.fraud.net/
Title: Developers

Search URL Search Domain Scan URL

URL: https://releasenotes.fraud.net/
Title: Product Release Notes

Search URL Search Domain Scan URL

URL: https://portal.fraud.net/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fraud-net/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fraudnet/

Search URL Search Domain Scan URL

URL: https://convolo.ai/leads?utm_medium=link&utm_campaign=&utm_source=original%20viral
Title: powered by

Search URL Search Domain Scan URL

URL: https://convolo.ai/leads?utm_medium=link&utm_campaign=fraud.net&utm_source=original%20viral
Title: powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fraud.net/ HTTP 301
https://fraud.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 105

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1698768308342%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQK0096CY0EVxQAAAYuGe0y79j1ctclHC7oHM-9UtD-J1Jhc97Tc8_37j42kB_Bsj4PDWc6dwQ

Request Chain 134

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=2c77f37ce89295bff492fc69f6801540-1698768309096&pv=75681924162.34943&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adroll_s_ref=&keyw=&p0=1237 HTTP 302
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

Request Chain 191

https://alocdn.com/c/9rgi64bf/a/xtarget/p.json HTTP 302
https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F

Request Chain 250

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3D8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fid%253D%2524UID%2526gcid%253D8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0 HTTP 302
https://p2.gcprivacy.com/v3/id/xandr?id=1961535623846157979&gcid=8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0

249 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fraud.net/
Redirect Chain

https://www.fraud.net/
https://fraud.net/

155 KB
26 KB

1172ms
1102ms

Document
text/html

199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f1e5fe9acb1332184dc06dfb30ea20fa113063a0b147d01da1e85ff3b0304bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: origin
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 16:05:06 GMT
host-header: Pressable
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/89913>; rel="alternate"; type="application/json" <https://fraud.net/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.ams _atomic_ams BYPASS
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 162
content-type: text/html
date: Tue, 31 Oct 2023 16:05:05 GMT
location: https://fraud.net/
server: nginx
strict-transport-security: max-age=31536000
x-ac: 4.ams _atomic_ams BYPASS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 254 KB
89 KB 98ms
44ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78735831fdb0a0de118985ece8a65c36b3718c834ac0ceb75d47b14e8fed5e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90465
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 16:05:07 GMT

GET
H2 200 script.js Show response
onsite.optimonk.com/ 169 KB
53 KB 311ms
135ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://onsite.optimonk.com/script.js?account=177110

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a35b2643c9d2fd4f622d2fbf8117a04f27c748d3d68161799c73bd2433adea55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 1082
x-dns-prefetch-control: off
cdn-cachedat: 10/31/2023 16:05:07
cdn-pullzone: 950289
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2a245-thKzS1wkioMse/X/7jNArvP403M"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: EXPIRED
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=180
cdn-requestid: 0dd2c81d218aaa117fcf02b4dd168464
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/plugins/gutenberg/build/block-library/ 108 KB
15 KB 168ms
38ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=16.9.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8566b5839e309fd46ee7189f1af0337ffce13dc6f751a148ac589164f89e9de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 4.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 25 Oct 2023 15:46:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/gutenberg/build/block-library/style.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.css
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/ 19 KB
3 KB 168ms
38ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css?ver=2.2.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fa8273933101146ea0678f1d44ffdde8630c02280e33d4ab052d61bfdb7dbb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 encyclopedia.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 1 KB
822 B 166ms
36ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css?ver=6.3.2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0091e95e8c3756b1468ac8063de5c5551df6dfdeda001d0e67271e59507e37f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 9 KB
2 KB 166ms
37ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css?ver=6.3.2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 54 KB
2 KB 92ms
34ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.7.10

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

202a1fc83e30957471b122cce8067410ba5287bf36afe68d86138976a822f0b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 15:59:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 16:05:07 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/ 6 KB
2 KB 165ms
37ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/style.css?ver=7.9.5

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b628ff95829edd2fcb3fc5e787206ff4c9f5a0ef262f05ec2349575de01ed8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:30:53 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/newsletter/style.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 795 KB
97 KB 165ms
37ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

54649f2c87a9870c4b0418427a5bb33fa58d694e0f4c830b025056528ce55b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/style.css>; rel="canonical"
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 uncode-icons.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 60 KB
13 KB 165ms
38ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fc3585334db84f341ccd0e9ad6a28ef86f709d833adfe532fbb5e82f77623293

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/uncode-icons.css>; rel="canonical"
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 style-custom2.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 300 KB
28 KB 165ms
39ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style-custom2.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

54786406759517e62b3fab9b70b28ef7f144227e353623c86cf5ee67ac924861

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 06 Oct 2023 01:26:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/style-custom2.css>; rel="canonical"
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 main.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 16 KB
5 KB 215ms
89ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.css?ver=1.19.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 85 KB
31 KB 216ms
90ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 13 KB
5 KB 213ms
90ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ai-uncode.min.js Show response
fraud.net/wp-content/themes/uncode/library/js/ 4 KB
2 KB 130ms
129ms Script
application/javascript 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 23 May 2023 11:27:11 GMT
server: nginx
x-ac: 1.ams _atomic_ams BYPASS
etag: W/"646ca30f-e27"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 init.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/ 118 KB
26 KB 212ms
89ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

598649c9ca160b89e08546ab2394ff428128645ab0432d430a55b66f1728e601

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical"
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 fnlogo-e1559250900846.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 5 KB
5 KB 84ms
83ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 26 Sep 2019 10:46:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png>; rel="canonical"
content-length: 4859
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 fnlogo-white.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 2 KB
3 KB 84ms
84ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-white.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 26 Sep 2019 10:52:24 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-white.png>; rel="canonical"
content-length: 2249
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 136ms
127ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 download-uai-258x74.jpeg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 36ms
33ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical"
content-length: 8164
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 icba-logo-blue-uai-258x116.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 33ms
32ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png>; rel="canonical"
content-length: 7262
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 135ms
127ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 135ms
127ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 35ms
34ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 afterpay_logo-transp-uai-258x51.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/ 5 KB
5 KB 135ms
128ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d27d33568e57bb634250ad5fd29627bc444e1fab180d870f755013cf524ad28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Apr 2022 21:46:10 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png>; rel="canonical"
content-length: 5149
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 167ms
71ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 12:09:11 GMT
Date: Tue, 31 Oct 2023 16:05:07 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish
Age: 1556
X-Cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11149
X-Served-By: cache-fra-eddf8230082-FRA
x-player-backend: g
Server: cloudflare
X-Timer: S1698768308.561967,VS0,VE0
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-bapp-server
Accept-Ranges: bytes
CF-RAY: 81ed23422be25d9f-FRA
X-Cache-Hits: 877

GET
H2 200 Infographic_ApplicationAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 135ms
127ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical"
content-length: 6704
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Infographic_TransactionAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 135ms
128ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical"
content-length: 7756
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Infographic_LoginAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 135ms
128ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical"
content-length: 7114
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Infographic_AccountAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 136ms
128ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:49 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical"
content-length: 7022
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Infographic_DeviceAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 136ms
129ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:47 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical"
content-length: 6746
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Infographic_EmailAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 136ms
129ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:45 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical"
content-length: 7027
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Computer-Appstore-e1628881087778-uai-258x160.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 20 KB
20 KB 137ms
130ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png>; rel="canonical"
content-length: 20075
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 internet-of-things.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 137ms
130ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/internet-of-things.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/internet-of-things.png>; rel="canonical"
content-length: 4067
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 money-making.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
4 KB 138ms
131ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/money-making.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:59 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/money-making.png>; rel="canonical"
content-length: 3493
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 growth.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 2 KB
2 KB 138ms
131ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/growth.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:16:01 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/growth.png>; rel="canonical"
content-length: 1789
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 secure.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 139ms
132ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/secure.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:16:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/secure.png>; rel="canonical"
content-length: 3029
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Group-370.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 385 B
743 B 146ms
140ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-370.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 13 Sep 2021 15:45:26 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-370.png>; rel="canonical"
content-length: 385
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 featuredcustomers_logo_stars-e1646751392635.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 10 KB
10 KB 154ms
148ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:56:32 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png>; rel="canonical"
content-length: 10025
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Juniper_award-uai-258x172.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 37 KB
38 KB 164ms
158ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 22:40:58 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png>; rel="canonical"
content-length: 38348
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Group-448.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 163ms
157ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:13:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical"
content-length: 3105
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 Capterra_stars.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 9 KB
9 KB 164ms
158ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 20 Nov 2019 21:35:31 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg>; rel="canonical"
content-length: 9072
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 MicrosoftTeams-image-e1646750843390-uai-258x122.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 17 KB
17 KB 172ms
166ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:47:54 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png>; rel="canonical"
content-length: 17007
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 g2-new2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 2 KB
3 KB 173ms
167ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/g2-new2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 23:10:02 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/g2-new2.png>; rel="canonical"
content-length: 2471
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 accenture_new.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 3 KB
3 KB 173ms
167ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/accenture_new.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:46:15 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/accenture_new.png>; rel="canonical"
content-length: 3109
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 558 KB
178 KB 225ms
35ms Script
application/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7469b9f43b0ca52a2d6aec54d82ca1f1ec58452775886d174e4de2248764732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-encoding: br
age: 360
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4078/bundles/project-v2.js&cfRay=81ed1a747f52162c-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"3a67c11d59a2dd4c8196eb4762abe8df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4078/bundles/project-v2.js
date: Tue, 31 Oct 2023 16:05:07 GMT
x-amz-version-id: n1TPpWqIzvZW_x_KG90JrEsB1sp_e9LB
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 4771d123-800f-4a0c-987b-266a0a4ec4dd
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4771d123-800f-4a0c-987b-266a0a4ec4dd
last-modified: Tue, 31 Oct 2023 15:06:30 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Lmc3b%2FUToRHT5js0z5oenIytnp9vb9Y0hD2jqSD9aJQknghSXY9RuPS%2F4OlRkrgFp5ADiznrpBsdptJuyP2s8xlR1yVzsBV4txMXAFQk1chVSC%2FZJuBhQCuFPq%2F%2BszaJ6Tmd%2BQw9M%2FY6hbR"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-bnhh6
cf-ray: 81ed2342edfd5ba4-FRA
x-amz-cf-id: OLSI0xxNz6AwGhQDvsKEOlT5bSP8el-UkA8lnpwjCVCSpTGjz9txdA==

GET
H2 200 js-cookie.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 32ms
32ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:28:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 4 KB
1 KB 33ms
33ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.2.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7ee31a17e8c32a3aaf1747906ddcb9fa29586f247f0d61658ab1981694a61d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltipster.bundle.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 39 KB
11 KB 34ms
33ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 16 Jun 2023 06:19:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 2 KB
1 KB 37ms
36ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

70ceba313631a8887328812e871ea50456c5afb1f58f0989a1fc039d673b2f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical"
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 plugins.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 760 KB
205 KB 38ms
37ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2956f462aa06ca7c2b249b0eae2c86c64656ce15c2cd5ae6b2f185fe0eb83f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical"
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 app.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 243 KB
53 KB 135ms
127ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

06e6d5a720e91307da56835c638a9d6033cab223b5d0f471118ae498c34a2076

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical"
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 main.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 1 KB
892 B 135ms
126ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.19.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 10bb19c1-7581-42f2-8772-c64781dcfa7a
https://fraud.net/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fraud.net/10bb19c1-7581-42f2-8772-c64781dcfa7a
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 78ms
73ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22a88801194c875a391610269bc567a5106af5f6f6054ce986d8c7caadd13f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 16:05:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 184ms
42ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 15:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 925
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 31 Oct 2023 17:49:42 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/ 3 KB
2 KB 209ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1698768307380&cv=11&fst=1698768307380&bg=ffffff&guid=ON&async=1&gtm=45He3ap0v79957660&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&hn=www.googleadservices.com&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&auid=1138023459.1698768307&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c62b71b87fd7f55e9ca8aa44b4612e3aa73756e38da61105381ab00a75effb60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 242ms
27ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 08:37:21 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=59559
accept-ranges: bytes
content-length: 3840

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 750ms
612ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 31 Oct 2023 16:05:07 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 199B075BED304DE49B0CB7F048D86644 Ref B: ZRHEDGE1407 Ref C: 2023-10-31T16:05:07Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 hotjar-2001329.js Show response
static.hotjar.com/c/ 12 KB
5 KB 206ms
5ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

ae670b90d5cd8876c8947434d667529d89ab8e5859031cc5e367ee0d723a6bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/a3d9a65941715dc1bb266cb0e01dcbf8
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 1hpniq6zhW6FvldYmRI5cDoIRYRhHfmLvE4CrC_trvWg5PFi9KU6Bw==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 77 KB
24 KB 174ms
34ms Script
text/javascript 2600:9000:2611:fa00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:fa00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cc2159ef06a8bd93aff277e3d532b233a5cabc820d764e5d9302a77724417df

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 15:06:32 GMT
X-Amz-Version-Id: osFlpfBkawwHCbNF5xXozcVs2bFJ034W
Content-Encoding: gzip
Via: 1.1 63b0889adbeadc5106837d12ac6fbc18.cloudfront.net (CloudFront)
Age: 3516
X-Amz-Cf-Pop: VIE50-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 31 Oct 2023 14:23:05 GMT
Server: AmazonS3
Etag: W/"daa4992f4c9a9335db992d9567164e1b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Mr-yDevNo9NrA-OgU8D9qta-S9pLmzVyBcZqfeFLyNpfBGnyvtdN9w==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 170ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.7.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 424034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:53 GMT

GET
H2 200 uncode-icons.woff2
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/ 145 KB
146 KB 185ms
0ms Font
application/font-woff2 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff2

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8685227ba656570ae56e1daa4b5a27c0f496168204b3eba649d55c76a2d242b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff2>; rel="canonical"
content-length: 148772
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 accountInfo.json Show response
cdn-account.optimonk.com/177110/ 221 B
966 B 228ms
55ms XHR
application/json 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-account.optimonk.com/177110/accountInfo.json

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

840cd5bf0aab9a5f4e41d3c63763b742d7b5c0c7d45dac9f7d6d9198698e320a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 1081
x-dns-prefetch-control: off
cdn-cachedat: 10/31/2023 10:56:50
cdn-pullzone: 951434
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
x-bunnycdn-countrycode: CH
etag: W/"dd-OMaEX+8AOA/UOoKykJREnJ5BNas"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: X-BunnyCDN-CountryCode
cache-control: public, max-age=30
cdn-requestpullcode: 200
cdn-requestid: 6ef109f339c946e1b6d72e97114ccd52
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 280 B
675 B 742ms
735ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9ee6ddfa6f66e5b318b948d904afcdefe1940bd5258c1c5fa1b06123c186a942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 MicrosoftTeams-image-2-2-uai-258x110.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 32 KB
32 KB 36ms
33ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:07 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png>; rel="canonical"
content-length: 32700
expires: Tue, 07 Nov 2023 16:05:07 GMT

GET
H2 200 2113031.js Show response
js.hs-scripts.com/ 2 KB
1 KB 336ms
195ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/2113031.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa38678ec66a853b8bb296d12f4a6737e712c48b614bc14144765cd4f7c9e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 76915c6b-f733-4177-991b-60d57b796a90
x-envoy-upstream-service-time: 21
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 76915c6b-f733-4177-991b-60d57b796a90
last-modified: Tue, 31 Oct 2023 15:39:34 GMT
server: cloudflare
x-trace: 2B69B32F8AC81555DE890E27217FC0646B881F5094000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-dz5lh
cf-ray: 81ed23451d4f39d4-FRA
expires: Tue, 31 Oct 2023 16:06:08 GMT

GET
H2 200 analytics.js Show response
media.fraud.net/shield/js/v1/ 98 KB
30 KB 200ms
60ms Script
application/javascript 3.161.119.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.fraud.net/shield/js/v1/analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-41.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: gzip
via: 1.1 76c315f993ceca1d67416a80c715a4ce.cloudfront.net (CloudFront)
last-modified: Thu, 28 Feb 2019 18:42:24 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P2
age: 268
etag: "7479109d61e7cc42fa7496c3a2a11d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, no-transform, public
accept-ranges: bytes
content-length: 30572
x-amz-cf-id: wkTUILC93-I4s1RB5Seeev3coa9fY7wYHVIWvpu3gIeFuaib-EDoQg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
54 KB 128ms
59ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 16:05:07 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6/e19NLlgYtfq4RZF/YjK1M2ZekD9sxzaE8fNA9aRmgVQuEyih4PmlAGBkiRBKftx5H23IaZNWtO7RcHcL/SQA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 60e76b46e4c4e9001293ca88 Show response
ws.zoominfo.com/pixel/ 4 KB
2 KB 347ms
270ms Script
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f8a116c57474211710d33c18dcf0f68617e10289115fb1ff1958d015150a12cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 81ed2344af962c4b-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H2 200 Home Show response
track.cbdatatracker.com/ 2 B
180 B 744ms
295ms Script
text/html 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/Home?v=3&id=%27c2035064-646d-4517-860a-a8c2a7c110ea%27
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:06 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
cache-control: private
alt-svc: h3=":443";
content-length: 2

GET
H2 200 2749.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 595ms
457ms Script
text/javascript 2606:4700:4400::ac40:90e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/2749.js?p=https://fraud.net/&e=

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: b995c235-7665-42ff-80a0-66fd96500547
x-runtime: 0.004156
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 81ed23451a7a1989-FRA

GET
H2 200 os.min.js Show response
s.opensend.com/ 9 KB
4 KB 166ms
29ms Script
application/javascript 18.66.112.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.opensend.com/os.min.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c90fa12377dca0cca457f2e3cf34e10ab941944605e67237ea5584a7d66a34c7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 10:16:30 GMT
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 19:20:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 20933
x-amz-server-side-encryption: AES256
etag: W/"6b7a3bb12fb4e0826329dee1f7df2909"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VMjoNM9mmHPlLlnpSuJoswlbFO3FUbZDS2Xs9pH6dFuIf9Z2_97P-w==

POST
H2 200 after-pre-init Show response
front.optimonk.com/public/177110/embedded/ 152 B
508 B 96ms
33ms XHR
text/html 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/embedded/after-pre-init

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"98-lC3A9CNC58A3Xk5qtOzmLLQkxH0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 90 KB
31 KB 95ms
29ms Script
application/javascript 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 /
Resource Hash: 55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-guploader-uploadid: ADPycdu_GCTvMTZajU6VSD5tvHDT5IA1_t_ryRMR3NcmpZwRsM51JxTHQf6xnfJbPDqnvG86fkz-z6yUc_XJpnss2nZ1DmzmihNM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 10/09/2023 19:28:15
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 09 Oct 2023 19:28:11 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"863d7f9742fbb3e78601d44762fa0077"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1696879691149932
content-type: application/javascript
cdn-cache: HIT
x-goog-hash: crc32c=O/S94Q==, md5=hj1/l0L7s+eGAdRHYvoAdw==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 91837
cdn-requestid: d923c62ba80a82cb1769ff058bcef6fd
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 preload.js Show response
front.optimonk.com/public/177110/js/ 5 KB
2 KB 106ms
46ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/preload.js?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

66b6834bed2e8a09f5c08b870a16274a4541702b7e3d850594f298cc3265c213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"149c-lw7b+di6IFwx7TRbLSsgi+NpYDc"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
920 B 800ms
800ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4235ebbbf4d4eb308bc5126d28920befe5820bd83debffe0b9b5d423d4105fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 99ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GPKLFPPQY0&gtm=45je3ap0v9102467835z879957660&_p=1205418481&_gaz=1&gcd=11l1l1l1l1&cid=1789949576.1698768308&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698768308&sct=1&seg=0&dl=https%3A%2F%2Ffraud.net%2F&dt=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 111ms
33ms Ping
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GPKLFPPQY0&cid=1789949576.1698768308&gtm=45je3ap0v9102467835z879957660&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
107 B 125ms
47ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GPKLFPPQY0&cid=1789949576.1698768308&gtm=45je3ap0v9102467835z879957660&aip=1&z=1619691931

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 30ms
29ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1205418481&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=238305018&gjid=1369335191&cid=1789949576.1698768308&tid=UA-35675858-1&_gid=528487622.1698768308&_r=1&_slc=1&gtm=45He3ap0n81WVZ4N9Xv79957660&gcd=11l1l1l1l1&z=148693422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.69643a16c30805061a6a.js Show response
script.hotjar.com/ 228 KB
56 KB 108ms
29ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.69643a16c30805061a6a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

804b13b5357088583d46a0f1d21d67a55ee5717953267d4fee9b2dcccf43b128

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 13:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 96362
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56520
last-modified: Mon, 30 Oct 2023 13:18:22 GMT
etag: "d0307b1dda59561c66df55cc7b4ab03a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: KuWqdG6rwZiGr6ICOKjiogKcCLYExWDFtVW1WSYEiswWaVoeM6TLHQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/998743206/ 42 B
455 B 102ms
39ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998743206/?random=1698768307380&cv=11&fst=1698768000000&bg=ffffff&guid=ON&async=1&gtm=45He3ap0v79957660&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&fmt=3&is_vtc=1&random=2034075291&rmt_tld=0&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/998743206/ 42 B
455 B 65ms
37ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/998743206/?random=1698768307380&cv=11&fst=1698768000000&bg=ffffff&guid=ON&async=1&gtm=45He3ap0v79957660&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&fmt=3&is_vtc=1&random=2034075291&rmt_tld=1&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=77427
accept-ranges: bytes
content-length: 3272

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
664 B 857ms
856ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe89c71dfc84b72996af9497f681ea0afcfc0d8423bbdfda8724bfb132d83a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 35ms
34ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:08 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png>; rel="canonical"
content-length: 14086
expires: Tue, 07 Nov 2023 16:05:08 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

56ms
31ms

Script
application/javascript

2600:9000:2611:fa00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:2611:fa00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 30 Oct 2023 16:53:29 GMT
Via: 1.1 63b0889adbeadc5106837d12ac6fbc18.cloudfront.net (CloudFront)
Age: 83500
X-Amz-Cf-Pop: VIE50-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: aVLttt6u_keiYh-Muf-TXO1r_eShAV1C5170W2NQ9b8EG9KWuVbleg==

Redirect headers

Date: Mon, 30 Oct 2023 18:02:21 GMT
Via: 1.1 63b0889adbeadc5106837d12ac6fbc18.cloudfront.net (CloudFront)
Age: 79367
X-Amz-Cf-Pop: VIE50-P2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2DT6w4GCfGsGn4dVMWhyJHHxPSKtUvtRjZMDKnZpvbSWqzuLeAeAPA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 0
809 B 42ms
34ms Script
text/javascript 2600:9000:2611:fa00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:fa00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

X-Amz-Version-Id: tuPxK5BgmPnymdr.MeqXNsFrKRBPxyIe
Date: Tue, 31 Oct 2023 15:16:30 GMT
Via: 1.1 63b0889adbeadc5106837d12ac6fbc18.cloudfront.net (CloudFront)
Age: 2918
X-Amz-Cf-Pop: VIE50-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Mon, 30 Oct 2023 12:28:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: iP2bnyYU-uvFp2H2HT47E9-RrfcUWeNFV9hdt3AUyJyfQBEcvtNmGg==

GET
H2 200 1567786626743241 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 111ms
110ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1567786626743241?v=2.9.135&r=stable&domain=fraud.net

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9367526cef2a975bc8f5d8d60630bf0460ecd59579a0f5bebb483ab476ff71c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 16:05:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: NhKfgIZIaW9CA++xZDjQJ95J7plkW++FDwBtaTd+stMzZz4C/tCkN9OBWPn513/2G8loRihfI21MLZ1fbMUJYQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 235637953 Show response
player.vimeo.com/video/ Frame EDC2 20 KB
10 KB 323ms
323ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/235637953?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cade5bd9008bcb7af93702022593396aba4e367792f2085314aa6274922719c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 81ed2346a83f5d9f-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Oct 2023 16:05:08 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230118-FRA
X-Timer: S1698768308.278468,VS0,VE281
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-f698b8cd7-sj895
x-content-type-options: nosniff
x-host: player-backend-f698b8cd7-sj895
x-player-backend: g
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 37ms
34ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-35675858-1&cid=1789949576.1698768308&jid=238305018&gjid=1369335191&_gid=528487622.1698768308&_u=YADAAAAAAAAAAC~&z=350284694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Oct 2023 16:05:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
797 B 838ms
828ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c949a9be1e6915377993ab167ba99db993bd05f1da11806344865a7c2d6fb4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
664 B 906ms
904ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

05c856888b40ae795f21552ea3dbc983515b0fae55d16a6bb0aa0078e951621b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2859-uai-258x34.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 5 KB
5 KB 37ms
36ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:08 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png>; rel="canonical"
content-length: 5270
expires: Tue, 07 Nov 2023 16:05:08 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 76 KB
23 KB 278ms
169ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74fc957da10cee62811b21830908e4b12f4b9024c83e26869691ec19c0054854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.648/bundles/project.js&cfRay=81ed2347cffe3a5e-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"535602fea2b02dbbb40d8e634333edc3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.648/bundles/project.js
date: Tue, 31 Oct 2023 16:05:08 GMT
x-amz-version-id: _UsiHiKmsFxNHP2SfaeRnj5FLldPvRYc
via: 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 8d5c7c2f-1170-47ac-be53-d02670b7bd63
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8d5c7c2f-1170-47ac-be53-d02670b7bd63
last-modified: Tue, 24 Oct 2023 13:57:37 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLPVgMnZ4z4CGgTsphwselpTvQSlElMXugRSZCeQ7mkPcmfKeeEYQILa3juVLPhZOo56n0SZr4vJWhkIXozIB7%2Fph%2FKUw1KjBte%2FOXMKFqAmj%2BgQPtDOcBfPIzbE8WwPcNFMombLAfXu4%2FSt"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-95l7k
cf-ray: 81ed2347cffe3a5e-FRA
x-amz-cf-id: fEgzj4Ok3bfKxem1UYZtXj_d2P7KNpf6KVrJX3hdRzJ6sW-IbFK-dA==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 253ms
153ms Script
application/javascript 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
x-amz-version-id: XYPPFvciWFKtpS2hNgrEqmNT6fxOdL.H
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d326afbf-9ae7-460f-95ee-6e5b1bc3dc2f
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.433/bundles/project.js&cfRay=81ed2347ba9a39e6-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d326afbf-9ae7-460f-95ee-6e5b1bc3dc2f
last-modified: Mon, 23 Oct 2023 13:11:34 UTC
server: cloudflare
etag: W/"7864f8fd485be672e98358eb894b6fd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
cf-ray: 81ed2347ba9a39e6-FRA
x-amz-cf-id: _Ie5Oq5CDjbma9UT9OWAP6E6teCiThJe0rteghZhseB2kOe7BNZ3YQ==
x-hs-target-asset: collected-forms-embed-js/static-1.433/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 177ms
63ms Script
application/javascript 2606:4700::6812:7e0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-encoding: br
age: 56277
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js&cfRay=81e7c5546dfb90dd-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df7c200fc1e8a1a0c9d50df4fbec7e86"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js
date: Tue, 31 Oct 2023 16:05:08 GMT
x-amz-version-id: RTyeMetKvg_dT1r75rKZucXAeC83sdPJ
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: d2b9c3c9-791f-408f-b029-5adff455d613
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-request-id: d2b9c3c9-791f-408f-b029-5adff455d613
last-modified: Wed, 25 Oct 2023 14:35:17 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-g8f86
cf-ray: 81ed2347dec99b63-FRA
x-amz-cf-id: uSgMNyhMT1bymKy9VIHrAAAfXZy6Q1nVSV59sc0FDEoQxKOphTzcXw==

GET
H2 200 2113031.js Show response
js.hs-analytics.net/analytics/1698768300000/ 66 KB
21 KB 645ms
549ms Script
text/javascript 2606:4700::6810:4dba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1698768300000/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9d183faaa1cb54089d43a4b2cf3d3ea7c95e96a7053c5a5ed93b18b002f3ec6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: VPWDAPR2F6AXP90C
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 398eb09d-f8e9-476b-9f43-eae73a794ad0
x-envoy-upstream-service-time: 24
x-amz-id-2: XVSH83ZwQ0euBk7GKrXZzH7H7jBbw4GJvLZMBd6Ci3I88PD5Yu9zF2kslGTlHVwAk+Pc/jX5QdJSvVe7/1ecQBlkeGa7D6+ezugapV9DbXg=
x-evy-trace-listener: listener_https
x-request-id: 398eb09d-f8e9-476b-9f43-eae73a794ad0
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 14:56:59 GMT
server: cloudflare
etag: W/"c3bfc0feeb51371f01876aa4119cb764"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-jgkmt
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 81ed2347ba829b34-FRA
expires: Tue, 31 Oct 2023 16:10:08 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2113031/ 65 KB
20 KB 547ms
451ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2113031/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c2b246598bc4223f80008c6d937d71b4aac811d242a4737c7eaf7bdc602574

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
x-amz-version-id: nVNZ616ardAKmOaGO7XdxPDsEsf9sXwI
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: HMJC0JN1MF9FDJPX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 16221b55-dad5-4b68-b1e3-d812ef9c928a
x-envoy-upstream-service-time: 28
x-amz-id-2: AmaQ9kaFimpzwM8vEOZXp1M0i+MkNtR5FuEOsZp7zM3Ip7j4SwmiQ7fpgz/4mBFVlxflkLI5+gE=
x-evy-trace-listener: listener_https
x-request-id: 16221b55-dad5-4b68-b1e3-d812ef9c928a
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 16:02:03 GMT
server: cloudflare
etag: W/"3fc7b3b067f79a1d3eb0e6c5200ddda4"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-snk2v
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 81ed2347bf74bb71-FRA
expires: Tue, 31 Oct 2023 16:10:08 GMT

POST tp2
device.fraud.net/com.snowplowanalytics.snowplow/ 0
0

OPTIONS tp2
device.fraud.net/com.snowplowanalytics.snowplow/ Frame 0
0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1698768308342%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26cookie...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQK0096CY0EVxQAAAYuGe0y79j1ctclHC7oHM-9UtD-J1Jhc97Tc...

0
265 B

256ms
201ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQK0096CY0EVxQAAAYuGe0y79j1ctclHC7oHM-9UtD-J1Jhc97Tc8_37j42kB_Bsj4PDWc6dwQ
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6A9F15543EB24809B92D489AFD24B304 Ref B: ZRHEDGE1918 Ref C: 2023-10-31T16:05:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJBVGpC+z1g8Unzm8b7A==

Redirect headers

date: Tue, 31 Oct 2023 16:05:08 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 65A558BCE20944FAAE9DD77C08FC0B5C Ref B: ZRHEDGE1806 Ref C: 2023-10-31T16:05:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1698768308342&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQK0096CY0EVxQAAAYuGe0y79j1ctclHC7oHM-9UtD-J1Jhc97Tc8_37j42kB_Bsj4PDWc6dwQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJBVGjn2ghNMBTiFbD9Q==

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 265 B
671 B 842ms
834ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3c4de814e628c1b0479249d11f294b96467a8c10a508757c0fadc62634c775ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2858-uai-258x306.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 139 KB
139 KB 37ms
33ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:08 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png>; rel="canonical"
content-length: 142152
expires: Tue, 07 Nov 2023 16:05:08 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
689 B 907ms
906ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a0c544b697ef4b6786b9c4b36f3c5dd4723e0cd2c061412fcfe2d40724e68fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 HVT2SOYWOBESJB535C7MUS Show response
d.adroll.com/consent/check/ 492 B
977 B 153ms
47ms Script
application/javascript 2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?pv=75681924162.34943&arrfrr=https%3A%2F%2Ffraud.net%2F&_s=123b6cb4168d44e6138d9c8ba3a1b147&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 4e690dd5360cab06b463f6d2868f3ee2afc58da237f6de3fa387f31c2ffa0f46

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 492
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 preload-base.29ff07ef.js Show response
front.optimonk.com/ 63 KB
20 KB 45ms
37ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.29ff07ef.js

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/177110/js/preload.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

25b17535c32193d3ed8de07e0f5500976a7c509245c9ce60ef7ebff1b7eb6650

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"fd5a-jx3GTt91lwydOb27ZsAa9ZbgBJM"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
664 B 801ms
798ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

75c420ce7fac68bdce03824c40fc0eb053a216f2fe446dd5ab1d674faf5dff98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
664 B 804ms
803ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

494f80a55e08f36107c27839eab594804773c95da5a5d6d104ea32b3dbbd7440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Group-2854-uai-258x74.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 21 KB
21 KB 32ms
32ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:08 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png>; rel="canonical"
content-length: 21518
expires: Tue, 07 Nov 2023 16:05:08 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 49ms
48ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35675858-1&cid=1789949576.1698768308&jid=238305018&_u=YADAAAAAAAAAAC~&z=1078198026

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
107 B 46ms
45ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35675858-1&cid=1789949576.1698768308&jid=238305018&_u=YADAAAAAAAAAAC~&z=1078198026

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
919 B 830ms
829ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6dcd1a0d4df3371b9e40f03f5d2a690dec0ecaef01e18895829ceae84441f92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 282 B
676 B 879ms
879ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5f3bb4158aa27b8acaa0e34cfa16e137ed4fed90f2b41c75c131e91957a4798b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.ams _atomic_ams BYPASS
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Group-2851@2x-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
15 KB 33ms
33ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:08 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png>; rel="canonical"
content-length: 14643
expires: Tue, 07 Nov 2023 16:05:08 GMT

GET
H2 204 4000327.js Show response
bat.bing.com/p/action/ 0
117 B 48ms
47ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4000327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 31 Oct 2023 16:05:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5A975B236F14E36A1B560DE3D7DF95D Ref B: ZRHEDGE1407 Ref C: 2023-10-31T16:05:08Z
x-cache: CONFIG_NOCACHE

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 90ms
29ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1698768308572&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698768308569.398061526&cs_est=true&ler=empty&it=1698768308251&coo=false&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 16:05:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ 5 KB
3 KB 261ms
199ms XHR
application/json 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hs_static_app=forms-embed&hs_static_app_version=1.4078&X-HubSpot-Static-App-Info=forms-embed-1.4078

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2647bde5c93ba38dbc8dda1e4ebd556f1bdb0e618fe3a0395844628edf76cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Tue, 31 Oct 2023 16:05:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: a7991f8f-cbbb-455c-9936-f18181575b75
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 46
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a7991f8f-cbbb-455c-9936-f18181575b75
Server: cloudflare
X-Trace: 2B67169D8134141F8BE8D5ED07F343724BF8B84409000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://fraud.net
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 81ed23495f559b22-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-48whc

POST
H2 429 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
1 KB 130ms
130ms XHR
text/html 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
strict-transport-security: max-age=31536000
x-ac: 1.ams _atomic_ams BYPASS
server: nginx
etag: "62cd98f7-490"
content-length: 1168
content-type: text/html

GET
H2 200 fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 7 KB
7 KB 35ms
34ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:08 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:08:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg>; rel="canonical"
content-length: 7103
expires: Tue, 07 Nov 2023 16:05:08 GMT

GET
H2 200 MicrosoftTeams-image-2-2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 192 KB
192 KB 32ms
32ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:08 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:33:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png>; rel="canonical"
content-length: 196542
expires: Tue, 07 Nov 2023 16:05:08 GMT

GET
H2 200 player.de-DE.module.js Show response
f.vimeocdn.com/p/4.25.16/js/ Frame EDC2 541 KB
132 KB 200ms
78ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.16/js/player.de-DE.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6c67dc03559ca74f7be543605408f0018ef16fbcc0cf81c7f207b065abe7277e

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000042-IAD, cache-fra-eddf8230061-FRA
date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 75589
x-timer: S1698768309.796842,VS0,VE2
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 134835
x-cache-hits: 1, 1

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.25.16/js/ Frame EDC2 412 KB
100 KB 149ms
27ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.16/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6c3e0b043dfebe1eed888d4eef31f3b72cea374a688836f7e6625efa539b2919

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200063-IAD, cache-fra-eddf8230061-FRA
date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 75590
x-timer: S1698768309.796841,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101683
x-cache-hits: 2, 22464

GET
H2 200 player.css
f.vimeocdn.com/p/4.25.16/css/ Frame EDC2 213 KB
22 KB 147ms
25ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.16/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9e2d1571e121ee068466b7424be44d1a80c0d02ffdb9c4a574bbbe51862d847f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000091-IAD, cache-fra-eddf8230061-FRA
date: Tue, 31 Oct 2023 16:05:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 75590
x-timer: S1698768309.795999,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22169
x-cache-hits: 13, 21490

GET
H2 200 icallback.js Show response
app.convolo.ai/js/ 33 KB
9 KB 1070ms
764ms Script
text/javascript 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convolo.ai/js/icallback.js?v=0.9394274685529425&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: b5992a144aa666d4dca36d0aa34ad2e4529a931e5e24cf57f040a0bc3707dc2e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: Express
etag: W/"8504-GTwhOULFD2ocWWJPkPfypMnOaYo"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *

OPTIONS
H2 200 ossync
os.aggle.net/ Frame 0
0 603ms
196ms Preflight
text/html 54.189.11.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ossync
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.189.11.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-11-195.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: POST, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 16:05:09 GMT
server: gunicorn
vary: Origin

POST
H2 200 ossync Show response
os.aggle.net/ 1 KB
1 KB 630ms
199ms Fetch
application/json 54.189.11.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ossync
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.189.11.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-11-195.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 493f7f3fd2b9a9f415e02cbf5463058ada1a5a1312e741b01135ef6306b666dc

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Tue, 31 Oct 2023 16:05:09 GMT
access-control-allow-credentials: true
server: gunicorn
content-length: 1044
vary: Origin
content-type: application/json

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame EDC2 1 KB
2 KB 121ms
29ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e7ebc09ea4264d3ba1ff60cf6d219117d5f6d67bdfcd2596fb69583773c2046f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:08 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1726582
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1531
viewmaster-server: viewmaster-us-central1-gjg9
x-served-by: cache-dfw-kdfw8210056-DFW, cache-fra-eddf8230137-FRA
x-timer: S1698768309.911028,VS0,VE0
etag: 78f76220ceeae754bb4900f4af0d7ef0
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 401, 481

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 535ms
118ms Script
application/javascript 52.72.38.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.38.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-38-254.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:05:09 GMT
Last-Modified: Tue, 10 Oct 2023 07:12:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6524f971-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H/1.1

200
OK

6SMH2DHXINFNDD52UNEEKG.js Show response
s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/
Redirect Chain

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=2c77f37ce89295bff492fc69f6801540-1698768309096&pv=75681924162.34943&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adr...
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

5 KB
2 KB

32ms
32ms

Script
text/javascript

2600:9000:2611:fa00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:2611:fa00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d08a091dbb7f768f0aa32c30a3c2c5c8bcdfda0a1aed223765e86afd054669da

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

X-Amz-Version-Id: i6ItGE2UzdPtOy9rCBhI8lw23qXXdPAd
Content-Encoding: gzip
Via: 1.1 63b0889adbeadc5106837d12ac6fbc18.cloudfront.net (CloudFront)
Date: Tue, 31 Oct 2023 15:16:32 GMT
Age: 2918
X-Amz-Cf-Pop: VIE50-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 11 Oct 2023 12:29:55 GMT
Server: AmazonS3
Etag: W/"65bafd3af65ae4c30d75ce2991d0fc05"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: QnZ5IzRd2tM3pEuCDBwjAJLSGsKgV3RLgrvZy2UFOMB-loguA2OBPw==

Redirect headers

date: Tue, 31 Oct 2023 16:05:09 GMT
x-segment-display-name: FN Homepage
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: s
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *fraud.net/*
x-segment-eid: 6SMH2DHXINFNDD52UNEEKG
location: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: ML43PNVWLZH6BAVX2UYHRM
x-segment-name: d1dcd5e9
x-advertisable-eid: HVT2SOYWOBESJB535C7MUS
x-conversion-currency

GET
H2 200 ML43PNVWLZH6BAVX2UYHRM
ipv4.d.adroll.com/px4/HVT2SOYWOBESJB535C7MUS/ 42 B
176 B 211ms
63ms Image
image/gif 52.30.245.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=2c77f37ce89295bff492fc69f6801540-1698768309096&pv=75681924162.34943&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adroll_s_ref=&keyw=&p0=1237
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.245.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-245-118.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 42
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
fraud.net/wp-includes/js/ 18 KB
5 KB 133ms
132ms Script
application/javascript 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 1.ams _atomic_ams BYPASS
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 238ms
155ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 16:05:09 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 browser-perf.1fb2c8c827b63c13cce5.js Show response
script.hotjar.com/ 6 KB
2 KB 46ms
46ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.1fb2c8c827b63c13cce5.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.69643a16c30805061a6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

fb5555dad215acd4daff31cd634b90cb776de540a3aa39cb0c07247e1a0f0d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 618183
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1959
last-modified: Tue, 24 Oct 2023 12:21:38 GMT
etag: "7618cd0b249a2ab56c3e34e544cc0f51"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Q0MiDf5GmmEACzuZU9DBTUwjCx_rFN1rsC-n95wrJ2Zvf_tciv2-pA==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 207 B
1 KB 220ms
218ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2113031&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: defcd0e2-69d4-4711-a8eb-355cc43e9d2e
content-encoding: br
x-envoy-upstream-service-time: 63
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: defcd0e2-69d4-4711-a8eb-355cc43e9d2e
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBWlLZlvpSGVEm4qVKmA%2Fm9Pj3BCdJ7AFl%2FKoDChwv5QL%2FP%2BefFvMxUly0bqJSxeGOfozhzCJ0unkcQLKcZBv5N6JQSpxR522MIh8jwDWHRec1kG4DkqSf3pkT7LrCYdqd5mmATErOwQm3tzwvp7oyFZtoMsH03q3dM%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 81ed234d1d963a5e-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
628 B 524ms
480ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 075fd995-95b3-4513-bdcb-0890d3d33cc5
x-envoy-upstream-service-time: 45
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 075fd995-95b3-4513-bdcb-0890d3d33cc5
server: cloudflare
x-trace: 2BB57992FD2696B47B482A7EF51BD5D221F9FF258C000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-t2vvv
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 81ed234d8bc29968-FRA

GET
H2 200 Group-2851.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 304 KB
305 KB 37ms
34ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical"
content-length: 311451
expires: Tue, 07 Nov 2023 16:05:09 GMT

POST
H2 200 load Show response
front.optimonk.com/public/177110/js/ 5 KB
2 KB 38ms
38ms XHR
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.29ff07ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e5e33325fe1bae8820606f7d18c7669c5c4b7859481512cbb4093ebd45d0dc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"1542-kRsaUsROnE1LZIgs4x4lNf4FpgY"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
285 B 57ms
57ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=f39cef39-9553-4170-a145-e3ed37d1ce3c&sid=440977b0780711eea9b1734652806d07&vid=44098d30780711ee928233b4da469ac3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&p=https%3A%2F%2Ffraud.net%2F&r=&lt=3629&evt=pageLoad&sv=1&rn=49407

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 31 Oct 2023 16:05:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3598D5C6B2D04626AA2E3E8BE76A4C39 Ref B: ZRHEDGE1407 Ref C: 2023-10-31T16:05:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
453 B 163ms
153ms XHR
application/json 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2113031&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e81fd614-8e39-4862-8800-378be4218f43
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e81fd614-8e39-4862-8800-378be4218f43
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-95l7k
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 81ed234faba139e6-FRA

GET
H2 200 Group-2858.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 235 KB
236 KB 71ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:30 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical"
content-length: 241112
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Group-2859.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 84 KB
84 KB 66ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:37 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical"
content-length: 85846
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
266 KB 64ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
192 KB 61ms
60ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
944 B 46ms
34ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_532eb8e0_2d0b_4401_b55f_0643ce33b83a&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f141f8d9c1eaa4512f722e8a86bd4249f59aa66542aa3fff876e6f8f4a3c45b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 31 Oct 2023 16:05:09 GMT

GET
H2 200 Group-2851@2x-uai-2064x645.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 500 KB
501 KB 33ms
33ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:48:15 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png>; rel="canonical"
content-length: 512361
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1015 B 384ms
194ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:05:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: adbf70c2-ecf7-4fa7-ac8f-dec49b88672d
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: adbf70c2-ecf7-4fa7-ac8f-dec49b88672d
Server: cloudflare
X-Trace: 2BA56CC9F5B1F3F3E05D13238D9F73D6A3C8C00D0B000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-hjwld
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 81ed2352586f3648-FRA

GET
H2 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
192 KB 49ms
47ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 featuredcustomers_logo_stars-e1646751392635.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 10 KB
10 KB 48ms
47ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:56:32 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png>; rel="canonical"
content-length: 10025
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Juniper_award-uai-258x172.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 37 KB
38 KB 48ms
48ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 22:40:58 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png>; rel="canonical"
content-length: 38348
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Group-448.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 55ms
55ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:13:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical"
content-length: 3105
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Capterra_stars.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 9 KB
9 KB 97ms
95ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 20 Nov 2019 21:35:31 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg>; rel="canonical"
content-length: 9072
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 MicrosoftTeams-image-e1646750843390-uai-258x122.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 17 KB
17 KB 98ms
96ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:47:54 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png>; rel="canonical"
content-length: 17007
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 g2-new2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 2 KB
3 KB 98ms
97ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/g2-new2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 23:10:02 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/g2-new2.png>; rel="canonical"
content-length: 2471
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 accenture_new.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 3 KB
3 KB 98ms
97ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/accenture_new.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:46:15 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/accenture_new.png>; rel="canonical"
content-length: 3109
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Group-2851.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 304 KB
305 KB 87ms
86ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical"
content-length: 311451
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Group-2859.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 84 KB
84 KB 88ms
86ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:37 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical"
content-length: 85846
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Group-2858.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 235 KB
236 KB 120ms
119ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:30 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical"
content-length: 241112
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
266 KB 122ms
121ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:09 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
expires: Tue, 07 Nov 2023 16:05:09 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame EDC2 2 KB
1 KB 70ms
29ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/235637953?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230061-FRA
date: Tue, 31 Oct 2023 16:05:10 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 731924
x-timer: S1698768310.054079,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 23, 14389

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EDC2 4 KB
2 KB 177ms
76ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.16/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:05:10 GMT

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame EDC2 26 KB
26 KB 77ms
67ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e08e639d53da3f39d5268d54d1cb74353a987d50223b8408a4b56508fbd7faa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1241598
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 26498
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210066-DFW, cache-fra-eddf8230137-FRA
x-timer: S1698768310.142243,VS0,VE1
etag: 44f689eb55aa736fd82f90c28e65026e
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 15, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame EDC2 0
142 B 227ms
136ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=e46217d2db1e2db58bc6d740e636f8b437a118fe1698768308
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.16/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 31 Oct 2023 16:05:10 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 40ms
35ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 download-uai-258x74.jpeg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 41ms
35ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical"
content-length: 8164
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 icba-logo-blue-uai-258x116.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 41ms
36ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png>; rel="canonical"
content-length: 7262
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 41ms
36ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 41ms
36ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 66ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 afterpay_logo-transp-uai-258x51.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/ 5 KB
5 KB 66ms
62ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d27d33568e57bb634250ad5fd29627bc444e1fab180d870f755013cf524ad28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Apr 2022 21:46:10 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png>; rel="canonical"
content-length: 5149
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 Infographic_ApplicationAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 67ms
62ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical"
content-length: 6704
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 Infographic_TransactionAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 67ms
63ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical"
content-length: 7756
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 Infographic_LoginAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 96ms
92ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical"
content-length: 7114
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 Infographic_AccountAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 97ms
93ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:49 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical"
content-length: 7022
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 Infographic_DeviceAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 97ms
93ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:47 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical"
content-length: 6746
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 Infographic_EmailAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 97ms
94ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:45 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical"
content-length: 7027
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 139ms
133ms Image
image/gif 52.72.38.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2F&h[referrer]=&h[title]=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1698768310294

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.38.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-38-254.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 16:05:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Oct 2023 16:05:10 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 load.1d3a1b35.js Show response
front.optimonk.com/load.esm/ 258 KB
72 KB 41ms
41ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/load.1d3a1b35.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ab2e46ce2db71f3916aeb18616ad899f2d73578f51ae2016c194c33dabf70ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"40971-g+0fPVpyxUyd+OpJcxQsHbsOCJw"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
590 B 169ms
169ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 185467fa-93ca-4dfe-92f5-25ab40801e30
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 185467fa-93ca-4dfe-92f5-25ab40801e30
server: cloudflare
x-trace: 2BEAB0295285432327C4843B7F8968ABEAAD38F6D7000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-jt4pd
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 81ed2353d97e9968-FRA

GET
H2 200 Group-2851@2x-uai-2064x645.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 500 KB
501 KB 33ms
32ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 31 Oct 2023 16:05:10 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:48:15 GMT
server: nginx
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-2064x645.png>; rel="canonical"
content-length: 512361
expires: Tue, 07 Nov 2023 16:05:10 GMT

GET
H2 200 icallback.3b4b0528fd7c9a8c1ff6.js Show response
app.leadconnect.cc/ 536 KB
117 KB 371ms
88ms Script
application/javascript 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadconnect.cc/icallback.3b4b0528fd7c9a8c1ff6.js
Requested by: Host: app.convolo.ai
URL: https://app.convolo.ai/js/icallback.js?v=0.9394274685529425&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1b31aa2b03872b6d54ccb8cdb78449dd044919943027a331231bf0961b405de5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 09:50:43 GMT
server: nginx/1.18.0
etag: W/"653641f3-85e09"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 1076ms
206ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:05:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 78978471-be61-47a6-bbca-20ee1a61aab0
x-envoy-upstream-service-time: 54
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 78978471-be61-47a6-bbca-20ee1a61aab0
Last-Modified: Tue, 31 Oct 2023 16:05:11 GMT
Server: cloudflare
X-Trace: 2BB70A26EB2EBA336AD147C793ACA3051DA26ABD21000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-hjwld
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 81ed23599e9f1a49-FRA

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame EDC2 26 KB
26 KB 30ms
29ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=700&mh=394
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e08e639d53da3f39d5268d54d1cb74353a987d50223b8408a4b56508fbd7faa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1241598
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 26498
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210066-DFW, cache-fra-eddf8230137-FRA
x-timer: S1698768310.443944,VS0,VE0
etag: 44f689eb55aa736fd82f90c28e65026e
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 15, 2

GET
H2 200 761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d
i.vimeocdn.com/video/ Frame EDC2 1 KB
2 KB 38ms
37ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/761269575-6c5f8c54d48457c4a582eb93d22363f05ec10d47e9829dffd8598b02a20ddb61-d?mw=80&q=85
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e7ebc09ea4264d3ba1ff60cf6d219117d5f6d67bdfcd2596fb69583773c2046f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1726584
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1531
viewmaster-server: viewmaster-us-central1-gjg9
x-served-by: cache-dfw-kdfw8210056-DFW, cache-fra-eddf8230137-FRA
x-timer: S1698768311.506957,VS0,VE0
etag: 78f76220ceeae754bb4900f4af0d7ef0
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 401, 482

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 462 KB
184 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_532eb8e0_2d0b_4401_b55f_0643ce33b83a&render=explicit&hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188860
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 13:49:42 GMT

POST
H2 200 osjlog Show response
os.aggle.net/ 16 B
174 B 196ms
196ms Fetch
application/json 54.189.11.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.189.11.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-11-195.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Tue, 31 Oct 2023 16:05:10 GMT
access-control-allow-credentials: true
server: gunicorn
content-length: 16
vary: Origin
content-type: application/json

GET
H2

200

p.json Show response
alocdn.com/c/9rgi64bf/a/xtarget/
Redirect Chain

https://alocdn.com/c/9rgi64bf/a/xtarget/p.json
https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F

2 B
257 B

208ms
207ms

Fetch
application/json

34.217.225.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 34.217.225.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-217-225-11.us-west-2.compute.amazonaws.com
Software: Jetty(9.4.48.v20220622) /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
server: Jetty(9.4.48.v20220622)
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://fraud.net
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 2

Redirect headers

date: Tue, 31 Oct 2023 16:05:11 GMT
server: Jetty(9.4.48.v20220622)
content-type: application/json
location: https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F
access-control-allow-origin: https://fraud.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame EDC2 0
925 B 908ms
164ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=e46217d2db1e2db58bc6d740e636f8b437a118fe1698768308

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 04:05:11 GMT
Date: Tue, 31 Oct 2023 16:05:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200099-IAD, cache-fra-eddf8230137-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1698768311.312862,VS0,VE123
x-backend-proxy: webproxy7
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-5995bff456-84t6s
Accept-Ranges: bytes
CF-RAY: 81ed2359abf5922c-FRA
X-Cache-Hits: 0, 0

GET
H2 200 optimonk.5d3c34f7.js Show response
front.optimonk.com/load.esm/ 44 B
434 B 30ms
30ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/optimonk.5d3c34f7.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

304adf5eb6dd395fd121fb062ffc6d507859591fdd6dbc792b2e1fe5145ab4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/load.1d3a1b35.js
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"2c-PP9xovXOpjsVds3Gr04DXoLaxdY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: public, max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 subscriptionFactory.0d47db3d.js Show response
front.optimonk.com/load.esm/ 742 B
768 B 32ms
31ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/subscriptionFactory.0d47db3d.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ed2f2d09e64893148193fc6b1ed3be403db892d1b9ef445a4754106ec6416239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/load.1d3a1b35.js
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"2e6-HkDRRUHQH3gZYaWMi+Q7Ure0wqI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: public, max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 videoFactory.d9b6d53e.js Show response
front.optimonk.com/load.esm/ 171 B
533 B 32ms
31ms Script
application/javascript 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/videoFactory.d9b6d53e.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9be2d6412eae24dc1e616cc56dcdef97920513dff73c3136b1a808622989aeb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/load.1d3a1b35.js
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"ab-7+puoeInCgrrEYILjxVDJpCdVEA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: public, max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame EDC2 35 KB
12 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:05:10 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame EDC2 50 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 18:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 31 Oct 2023 18:46:35 GMT

GET
H2 200 / Show response
api.leads.convolo.ai/api/v1/ext/collect-data/ 16 B
175 B 464ms
45ms XHR
application/json 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leads.convolo.ai/api/v1/ext/collect-data/?visit_id=25a485324256d834f8798e8333128b57&params=%7B%22referer%22%3A%22%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36%22%2C%22title%22%3A%22AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net%22%7D
Requested by: Host: app.leadconnect.cc
URL: https://app.leadconnect.cc/icallback.3b4b0528fd7c9a8c1ff6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 16:05:11 GMT
server: nginx/1.18.0
x-powered-by: Express
content-length: 16
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
content-type: application/json; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 9 KB
892 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap

Requested by

Host: app.leadconnect.cc
URL: https://app.leadconnect.cc/icallback.3b4b0528fd7c9a8c1ff6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bcfd0997c75acc5ec0cecb8deb53fdf5bc3b8d3d586fc015dde0fade08ea80ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 16:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 15:47:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 16:05:10 GMT

GET
H/1.1 200
OK / Show response
api.events.convolo.ai/api/v1/ext/register-event/ 16 B
291 B 368ms
53ms XHR
application/json 134.122.60.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.events.convolo.ai/api/v1/ext/register-event/?event=ERROR_INIT&visit_id=25a485324256d834f8798e8333128b57&params=%7B%22err%22%3A%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27insertBefore%27)%22%7D
Requested by: Host: app.leadconnect.cc
URL: https://app.leadconnect.cc/icallback.3b4b0528fd7c9a8c1ff6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.122.60.49 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 16:05:11 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 16

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a69f80a41d67db1d65201e37988539cc8598c58dd1136b18cbdfdd7b1978d6ab

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tenor.gif
testpage.convolo.ai//images/ 42 KB
42 KB 93ms
70ms Image
image/gif 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://testpage.convolo.ai//images/tenor.gif
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6437022dfef658c9c8f2098bd8033472e853eb8bb959fc4908e2bdb94adae67d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
last-modified: Sun, 03 Mar 2019 19:40:27 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5c7c2dab-a689"
content-length: 42633
content-type: image/gif

GET
H2 200 663ead3e63f8d79c2107ae68dcb5310221.png
app.leadconnect.cc/images/saved/ 2 KB
2 KB 45ms
44ms Image
image/png 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.leadconnect.cc/images/saved/663ead3e63f8d79c2107ae68dcb5310221.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
last-modified: Thu, 19 May 2022 16:42:48 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "62867388-8c9"
content-length: 2249
content-type: image/png

GET
H2 200 2f1346f2fea3a8494c5ee21763f59f8a.png
app.leadconnect.cc/images/saved/ 311 KB
311 KB 45ms
44ms Image
image/png 134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.leadconnect.cc/images/saved/2f1346f2fea3a8494c5ee21763f59f8a.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7f79f6efe44385491775b8260407a13b69dadc5161d1005dc750d187135e39ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
last-modified: Fri, 09 Sep 2022 14:07:11 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "631b488f-4dbdf"
content-length: 318431
content-type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 388699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 268072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 13:37:19 GMT

OPTIONS
H2 200 osjlog
os.aggle.net/ Frame 0
0 198ms
197ms Preflight
text/html 54.189.11.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/osjlog
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.189.11.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-11-195.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: POST, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 16:05:10 GMT
server: gunicorn
vary: Origin

GET
H2 200 optimonk.min.css
cdn-asset.optimonk.com/bundles/wseoptimonk/css/ 15 KB
3 KB 182ms
43ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/bundles/wseoptimonk/css/optimonk.min.css?v=b2efbc5949

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.1d3a1b35.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 1082
x-dns-prefetch-control: off
cdn-cachedat: 07/07/2023 01:18:58
cdn-pullzone: 580384
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"3c5f-+aJzZURpEvNsmjMFlnXjMeoe03w"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 8d99d72d8b3bea9a3aeddabee4c4f9f5
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
76 B 140ms
139ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 16:05:11 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 6529c6cc923ed50023d05b4f.html Show response
cdn-renderer.optimonk.com/ssr/177110/ Frame 0486 23 KB
4 KB 151ms
42ms XHR
text/html 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-renderer.optimonk.com/ssr/177110/6529c6cc923ed50023d05b4f.html?v=1697680740

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.1d3a1b35.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d83cf33e0148cb99abbc0335bd8bf41fb482597ba3a0b30a336e4c0f3f0d75e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cdn-edgestorageid: 1082
x-dns-prefetch-control: off
cdn-cachedat: 10/19/2023 03:39:29
cdn-pullzone: 736120
x-xss-protection: 0
referrer-policy: no-referrer
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"5c14-pDVQpFKwlYqS0ogJ7QaG80iAC8M"
x-download-options: noopen
expect-ct: max-age=0
vary: Accept-Encoding
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://fraud.net
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-cache: HIT
access-control-allow-credentials: true
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 766831d485ef8295c14564c068433efe
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame E07A 58 KB
33 KB 72ms
71ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&badge=inline&cb=2updys44200p

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c13c379929f50727244fe3906d7d79c0662e81ce80628a714d890e060bef64e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-COnjW4cB070_MSLAngxXaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-COnjW4cB070_MSLAngxXaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 16:05:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Peach%20Steps%20to%20Su_1697496038520.png
editor-upload-cdn.optimonk.com/userImages/177110/6529c6cc923ed50023d05b4f/ 132 KB
133 KB 169ms
76ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/6529c6cc923ed50023d05b4f/Peach%20Steps%20to%20Su_1697496038520.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 8a1bd0b3c876860931005a8cf8f575b045bdb3d2e9bbf0059478aa2b90bd5bde

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
x-downloadsize: 96278
cdn-edgestorageid: 1080
x-bo-processingtime: 18
cdn-cachedat: 10/17/2023 14:03:40
cdn-pullzone: 573677
content-length: 135528
x-bo-server: ASB-208
last-modified: Tue, 17 Oct 2023 14:03:39 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 578
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 0%
cdn-requestid: 7a9f40341dd9c6f21b41d53ef14bce80
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame E07A 55 KB
24 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&badge=inline&cb=2updys44200p

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 11:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 11:43:10 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame E07A 462 KB
184 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188860
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 13:49:42 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame E07A 102 B
135 B 30ms
30ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&badge=inline&cb=2updys44200p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 31 Oct 2023 16:05:11 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 216ms
158ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=699552306&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=AI+Fraud+Detection+for+Enterprises+%7C+Fraud.net&cts=1698768312440&vi=3418cf83d6c31063cb10ab0540a9cdaa&nc=true&u=57037109.3418cf83d6c31063cb10ab0540a9cdaa.1698768312435.1698768312435.1698768312435.1&b=57037109.1.1698768312435&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: df33bf8c-f09e-4d92-9e50-a25491a24e7e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: df33bf8c-f09e-4d92-9e50-a25491a24e7e
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FfT6hoTZt5kEKx%2BxXak0FZxBLu0w6UBynDzY8gDosbvcFROPXeQ2dVaKrzHQNr%2BKVx3Ty9F5XANH0%2F9e4o8sjurTLXs%2B4UW%2F%2F9RxdOR8LOmQvsfYwKpQFEv8536gX4s0i2EaVzwYJVkQ2u7IJjn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-pptkh
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 81ed23613bcd3681-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
591 B 207ms
160ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e7da54a7-2f38-4f6a-9f57-178fe485ef3c&fci=532eb8e0-2d0b-4401-b55f-0643ce33b83a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=699552306&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=AI+Fraud+Detection+for+Enterprises+%7C+Fraud.net&cts=1698768312444&vi=3418cf83d6c31063cb10ab0540a9cdaa&nc=true&u=57037109.3418cf83d6c31063cb10ab0540a9cdaa.1698768312435.1698768312435.1698768312435.1&b=57037109.1.1698768312435&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0e4b39a6-3809-43b4-8e60-3f6a25bc0989
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 14
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0e4b39a6-3809-43b4-8e60-3f6a25bc0989
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S6Fn5Tu7HTq8rxZxhqZCUTz2NpBjJUhbrG94gf8IOn1nUoKfKwIoiX6s4qaaqOkYlyiwdunm2L3jM21bM1QjHLFnbVm8NTxkZhHdBPuz3TX6gunh6q5SoHo34qwivCeNaUYzFcknB%2FDDDI9MulQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-pptkh
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 81ed23613bcf3681-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
811 B 216ms
210ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=3418cf83d6c31063cb10ab0540a9cdaa&__hstc=57037109.3418cf83d6c31063cb10ab0540a9cdaa.1698768312435.1698768312435.1698768312435.1&__hssc=57037109.1.1698768312435&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af876fd2d89a59582b29aef113b878a3902d9d63891ef458bf4d3dc30fe4455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 683a6d31-22a7-4d10-89fe-34d1800efc51
content-encoding: br
x-envoy-upstream-service-time: 51
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 683a6d31-22a7-4d10-89fe-34d1800efc51
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX0tm7HaEsJmpKx6GMWikVKIvzBhwuNQgrE45HUxnnoVXu7EWNOmIbV9OOn72GphIQtO2JZMqiii0I7%2BnSp7iX%2FuYNZjkm74%2FLycEpHwJPiymglMb7eB3TxCvk2huUe221Lc8D6ORkwHRL10an11"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 81ed23613a523a5e-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-hjwld

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1205418481&t=timing&_s=2&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=6404&pdt=49&dns=0&rrt=131&srt=1101&tcp=68&dit=3554&clt=3554&_gst=1689&_gbt=2474&_u=YADAAAABAAAAAC~&jid=&gjid=&cid=1789949576.1698768308&tid=UA-35675858-1&_gid=528487622.1698768308&gtm=45He3ap0n81WVZ4N9Xv79957660&gcd=11l1l1l1l1&z=516053575

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 23:58:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58001
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame A586 7 KB
1 KB 37ms
37ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d10dafc81aa4e45f48e240dbacaead395b360587f3745ad62bc20bcc542ec96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-05DVZQZns4KZCK2xjElXbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-05DVZQZns4KZCK2xjElXbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 16:05:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame A586 55 KB
24 KB 67ms
67ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 11:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 11:43:10 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame A586 462 KB
184 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 13:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188860
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 13:49:42 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame A586 40 KB
24 KB 460ms
460ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84976e13dce2f95feb9e33c483d17cf0ce96ee4b1b848e0a647dfa160085ff19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 31 Oct 2023 16:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 31 Oct 2023 16:05:13 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame A586 600 B
624 B 23ms
22ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 09:41:47 GMT
x-content-type-options: nosniff
age: 282206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 04 Nov 2023 09:41:47 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame A586 530 B
554 B 24ms
23ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:22:46 GMT
x-content-type-options: nosniff
age: 348147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Nov 2023 15:22:46 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame A586 665 B
689 B 24ms
24ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:43:50 GMT
x-content-type-options: nosniff
age: 390083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Nov 2023 03:43:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A586 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 391978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 03:12:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A586 15 KB
15 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:38:03 GMT
x-content-type-options: nosniff
age: 390430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 03:38:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A586 15 KB
15 KB 32ms
31ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 412718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 21:26:35 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame A586 55 KB
55 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AFcWeA7rF-2qPJqT6FoE7OQ2GtejN59gmptiYXm9keL2n7yCNW7WvUSq__2qZLW5kutn5M5dssWE9r-mT_kcvv1XdshHbyCDHP5PyyE-IjF0NtA0GA7axLoZ9vUTuyNZsplwkuJkzdUghkFcSuVZbN-wQNQGeMXTxG-7Feq0EwP9ZlBxt5ve0qIOn6Ss55_6kPYdVtB4ISAgoPSfDylh5fIMWFE3o-aXFQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8e956086214c5f75c3adbdfbb5a9b4f27fba4da14ab9fec50c0d3b5de9d8f80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:13 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 31 Oct 2023 16:05:13 GMT

GET
H2 200 om.base.b6db4602a9bb97e37806.css
cdn-asset.optimonk.com/assets/css/ 285 KB
32 KB 39ms
39ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/assets/css/om.base.b6db4602a9bb97e37806.css

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.1d3a1b35.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

4d71895405c76fc89a115fc80d9d4e5bba5d543345bc1ca5bffdd629091a2a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 1081
x-dns-prefetch-control: off
cdn-cachedat: 10/31/2023 11:08:03
cdn-pullzone: 580384
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"47547-OsSuSIMArztpvfL+qN3IMtLyOho"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 89ea834a66b31ee2ccd7d44614872c58
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ 8 KB
767 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:400,600,800%7CRaleway:400&display=swap

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.1d3a1b35.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6787caaa0779d0192e97fc3fd330c679f639b55d0d521497fd347567867bf27c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 16:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 16:05:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 16:05:15 GMT

GET
H2 200 Orange%20and%20Gray%20G_1697494560591.png
editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/ 25 KB
26 KB 56ms
55ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/Orange%20and%20Gray%20G_1697494560591.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 536e67f069e1dd44909aaa30cddc5849ba4c601615a46090275e99ac51d31d3c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:15 GMT
x-downloadsize: 68777
cdn-edgestorageid: 1080
x-bo-processingtime: 11
cdn-cachedat: 10/17/2023 14:03:43
cdn-pullzone: 573677
content-length: 25880
x-bo-server: DE-235
last-modified: Tue, 17 Oct 2023 14:03:43 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 235
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 62.37%
cdn-requestid: 4f6281966167227460f78ef59ca503da
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Finzly%20Brainscap%20_1694703683743.png
editor-upload-cdn.optimonk.com/userImages/177110/6503201d00bed800238d6fcd/ 85 KB
86 KB 60ms
60ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/6503201d00bed800238d6fcd/Finzly%20Brainscap%20_1694703683743.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 503f9879662894f614fcea5c0800b8f175c0ded4fdb39e73acedf19980e72a5e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:15 GMT
x-downloadsize: 194338
cdn-edgestorageid: 1082
x-bo-processingtime: 39
cdn-cachedat: 10/17/2023 14:03:43
cdn-pullzone: 573677
content-length: 87208
x-bo-server: DE-227
last-modified: Tue, 17 Oct 2023 14:03:43 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 271
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 55.13%
cdn-requestid: e2686c3441bdc828ce3fc0dbfe620e68
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 WwkfxPmzE06v_ZW1XnrB.woff2
fonts.gstatic.com/s/gruppo/v21/ 23 KB
23 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gruppo/v21/WwkfxPmzE06v_ZW1XnrB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e598bdc4d27b7b6eecde3ae3b6fb268b9de4294320e220202aaa13335fd7f7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:00:36 GMT
x-content-type-options: nosniff
age: 338679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23080
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 18:00:36 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 424036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:59 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 424036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:59 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 424036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:59 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 22 KB
22 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CMontserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:39:44 GMT
x-content-type-options: nosniff
age: 422731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22420
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:56:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:39:44 GMT

OPTIONS
H2 200 ostevnt
os.aggle.net/ Frame 0
0 198ms
198ms Preflight
text/html 54.189.11.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ostevnt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.189.11.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-11-195.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: OPTIONS, GET, HEAD, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 16:05:16 GMT
server: gunicorn
vary: Origin

POST
H2 200 ostevnt Show response
os.aggle.net/ 212 B
750 B 197ms
196ms Fetch
application/json 54.189.11.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://os.aggle.net/ostevnt
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.189.11.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-11-195.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 57705b53534a916c21dbc91759315cb85debdf590521e71672345a7c6cc73af0

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

date: Tue, 31 Oct 2023 16:05:17 GMT
server: gunicorn
vary: Origin
p3p: CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin: https://fraud.net
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
content-length: 212
expires: Tue, 31 Oct 2023 16:05:18 GMT

GET
H2 200 jsync Show response
aggle.net/ 2 KB
2 KB 592ms
197ms Script
text/html 3.33.163.81

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/jsync?pid=NZYR3Y354
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 -, , ASN (),
Reverse DNS
Software: gunicorn /
Resource Hash: 410a7fc53ec839fe701e2e178384bc534a46b83fa4acb5ba9b5ef8dad5baa92a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 16:05:18 GMT
date: Tue, 31 Oct 2023 16:05:17 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 1540
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 Orange%20and%20Gray%20G_1697494560591.png
editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/ 25 KB
26 KB 42ms
42ms Image
image/webp 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/Orange%20and%20Gray%20G_1697494560591.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 536e67f069e1dd44909aaa30cddc5849ba4c601615a46090275e99ac51d31d3c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:17 GMT
x-downloadsize: 68777
cdn-edgestorageid: 1080
x-bo-processingtime: 11
cdn-cachedat: 10/17/2023 14:03:43
cdn-pullzone: 573677
content-length: 25880
x-bo-server: DE-235
last-modified: Tue, 17 Oct 2023 14:03:43 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 235
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 62.37%
cdn-requestid: dc5ff70c6aaf5e0fa2844498fd2ed2c6
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 report Show response
front.optimonk.com/public/177110/creative/6529c6cc923ed50023d05b4f/ 16 B
387 B 281ms
281ms XHR
application/json 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/creative/6529c6cc923ed50023d05b4f/report?action=showed&time=1698768316&campaign_id=38&uuid=9c9a3f08-73e8-e152-651b-aabe06d7a43e&puid=9c9a3f08-73e8-e152-651b-aabe06d7a43e-6529c6cc923ed50023d05b4f&ctx=eyJhY2NvdW50SWQiOjE3NzExMCwiZGV2aWNlSWQiOiJjZTEwOTlmZC02ZGViLTY4OGEtOGQxMy0xNTlkMmRlZTBhMTMiLCJzaXRlVHlwZSI6IndvcmRwcmVzcyIsInNpdGVJZCI6ImZyYXVkLm5ldCIsInNob3BpZnlZIjpudWxsLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNiIsInVybCI6Imh0dHBzOi8vZnJhdWQubmV0LyIsInZpc2l0b3JJbkV4cGVyaW1lbnQiOiJbXSJ9

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.29ff07ef.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-length: 16
x-xss-protection: 1; mode=block
server: nginx
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ratelimit-remaining: 4
x-ratelimit-reset: 1698768319
x-ratelimit-limit: 5

POST
H3 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
40 B 149ms
149ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 16:05:17 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 iframe Show response
nytrng.com/ Frame 136C 390 B
482 B 529ms
180ms Document
text/html 75.2.91.175

General

Check archive.org

Show headers Download Go to

Full URL: https://nytrng.com/iframe?vcp=TLSS1RUA&_=0.5293790024828063
Requested by: Host: aggle.net
URL: https://aggle.net/jsync?pid=NZYR3Y354
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.91.175 -, , ASN (),
Reverse DNS
Software: gunicorn /
Resource Hash: a63a2d17b8de1f4e791487bc964358621876211210e9faa4f244c48918c66a3c

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 390
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 16:05:18 GMT
server: gunicorn

GET
H2 200 gcid_s.min.js Show response
p.gcprivacy.com/t/ 12 KB
12 KB 257ms
40ms Script
application/javascript 3.161.119.14

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.14 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5845423fa671b1f437768658bc1424ba2f089f85a8645e102bee9608a73e7e7d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 12:34:29 GMT
x-amz-version-id: VAq4q9ukaYshS6vfUaowIF9rM2JrIXC2
via: 1.1 9cf04b48b6c1d39fa4ec78ed3583f106.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 12:34:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P2
age: 12650
etag: "ec6bb0b9d5dd7f05019f70766eb4a9b2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 12142
x-amz-cf-id: Iqf_BTgRRY-PJZId_0b3lFpV9oUo5Hr7pi1DcbVGE8opBUAm-YS6QA==

GET
H2 200 sync Show response
p2.gcprivacy.com/v2/ 451 B
816 B 384ms
126ms XHR
application/json 54.163.187.81

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=73CH1157&uid=995f2394-eef9-4746-9ca7-502b44203499&u=https%3A%2F%2Ffraud.net%2F&h=fraud.net&ref=&ids=&v=3
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.187.81 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 829d3e173d15395e73745125f382a34cc722fce0214c6b4200249ab6fd1f1d95

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://fraud.net
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length: 451

GET
H2 200 js Show response
aggle.net/ 200 B
918 B 181ms
181ms Script
text/html 3.33.163.81

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=fraud.net&pih1=&pih2=&pih3=
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 -, , ASN (),
Reverse DNS
Software: gunicorn /
Resource Hash: 895e797ea2eea63d3dd6ce535c7c3311a8d95ed361c14ce725f328e967e98f93

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 16:05:19 GMT
date: Tue, 31 Oct 2023 16:05:18 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 200
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

200

xandr
p2.gcprivacy.com/v3/id/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3D8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fid%253D%2524UID%2526gcid%253D8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0
https://p2.gcprivacy.com/v3/id/xandr?id=1961535623846157979&gcid=8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0

0
37 B

126ms
125ms

Image
text/plain

54.163.187.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.gcprivacy.com/v3/id/xandr?id=1961535623846157979&gcid=8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0
Protocol: H2
Server: 54.163.187.81 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:05:18 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 16:05:18 GMT
an-x-request-uuid: f0322332-1a6a-4b0e-982e-119528bd3eee
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://p2.gcprivacy.com/v3/id/xandr?id=1961535623846157979&gcid=8bbeb236-11df-4ee1-ac2f-4815d3f6e3e0
x-proxy-origin: 195.206.105.130; 195.206.105.130; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pl.2.2.min.js Show response
cdn.nytrng.com/ Frame 136C 0
326 B 124ms
26ms Script
text/plain 18.66.97.76

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nytrng.com/pl.2.2.min.js
Requested by: Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=TLSS1RUA&_=0.5293790024828063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.76 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://nytrng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 22 Oct 2023 20:30:03 GMT
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 761715
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/plain
accept-ranges: bytes
content-length: 0
x-amz-cf-id: H9cNDD5QZfieEKAOhcmkHIt0h1m7iUdc2aJw0V-isajR-nxIl6qXpg==

GET
H2 200 jsync Show response
aggle.net/ 0
703 B 209ms
208ms Script
text/html 3.33.163.81

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/jsync?pid=NEQ7KDHP5&domain=fraud.net&pih1=&pih2=&pih3=
Requested by: Host: aggle.net
URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=fraud.net&pih1=&pih2=&pih3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 -, , ASN (),
Reverse DNS
Software: gunicorn /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 16:05:19 GMT
date: Tue, 31 Oct 2023 16:05:18 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 0
p3p: CP="NOI OUR BUS UNI COM NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: device.fraud.net
URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2

Domain: device.fraud.net
URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:12:00	Name: _GRECAPTCHA Value: 09ALsHHK3cDzkSVxsjqpKekLgwkDr3NZdxwyEY_AlCtfm4EXqGWXaGUbaGwnqquGrriLT_orRi87Fz4uYaDTtFHMM
fraud.net/	1970-01-21 00:38:24	Name: uncode_privacy[consent_types] Value: %5B%5D
.fraud.net/	1970-01-20 18:02:24	Name: _gcl_au Value: 1.1.1138023459.1698768307
.vimeo.com/	1970-01-20 15:52:50	Name: __cf_bm Value: kdAkq2ARgx_CYPBCjU6XpfjpDHvugCl6GE2QCdcu.I4-1698768307-0-AdRowYePZNKBU+sx7OjOc5HyktRqiVlYhSX3tI2Rhy45sJjiHWSxLy3I7+KPh2PNdkAu806RCgGDnOpv1XnrvEg=
fraud.net/	1970-01-21 00:39:50	Name: optiMonkClientId Value: ce1099fd-6deb-688a-8d13-159d2dee0a13
.doubleclick.net/	1970-01-20 15:52:49	Name: test_cookie Value: CheckForPermission
fraud.net/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1698768308
.fraud.net/	1970-01-21 01:28:48	Name: _ga_GPKLFPPQY0 Value: GS1.1.1698768308.1.0.1698768308.60.0.0
.fraud.net/	1970-01-21 01:28:48	Name: _ga Value: GA1.2.1789949576.1698768308
.fraud.net/	1970-01-20 15:54:14	Name: _gid Value: GA1.2.528487622.1698768308
.fraud.net/	1970-01-20 15:52:48	Name: _gat_UA-35675858-1 Value: 1
.ws.zoominfo.com/	1970-01-21 00:38:24	Name: visitorId Value: 3630c9b2bd7702677fdd230c8af605b42ddf3c097e0eba31e36a69b871430187
.zoominfo.com/	1970-01-20 15:52:50	Name: __cf_bm Value: msl5HRyd.oUjxZvYiO_CE.FgbvvzIXVCgPeAt3nS_78-1698768308-0-AaMcn6Q77HIO8U02D0fEkNwFa8/vO/tOYCiMe3FX5lF3LNGyRENKEFLAf9vlEszL6zvmkbPZJhcWXFZFzShIUOQ=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0tILCLcgtCw3lE.x0Haj7nH9r17BOA9PeMrDf5eoZd4-1698768308189-0-604800000
fraud.net/	1970-01-21 00:39:50	Name: optiMonkEmbedded177110 Value: N4IgFghgzgMglgWzgFwEoFMIGMzoCYgBcAZhADZToC+QA===
fraud.net/	1970-01-20 15:52:50	Name: _sp_ses.c750 Value: *
fraud.net/	1970-01-21 01:28:48	Name: _sp_id.c750 Value: 061df996-71af-4fb3-8882-7cb0c197cc54.1698768308.1.1698768308.1698768308.a4e44e3a-0ec5-4d4e-9748-55faa00ed6dd
tracking.g2crowd.com/	1970-01-20 16:12:57	Name: _session_id Value: f492e17aa54435a98b6df79d8e3cc4a8
.g2crowd.com/	1970-01-20 15:52:50	Name: __cf_bm Value: F5Uhk0wq4ZBqMibG3eM9psKL6FJpCywxnR0gCA_Don8-1698768308-0-Acjbwzal5YKTWe2N9BQDz3D0YH+0+Q4dyHWk9qCP8F3cvDYq1buv6ikbquAfqalF/DrkJ8Y5FIlI42MBMLPMHNI=
.d.adroll.com/	1970-01-21 01:21:36	Name: __adroll Value: 03d32e5929ee51d990d4095a209f11fe-a_1698768308
.adroll.com/	1970-01-21 01:21:36	Name: __adroll_shared Value: 03d32e5929ee51d990d4095a209f11fe-a_1698768308
.fraud.net/	1970-01-20 18:02:24	Name: _fbp Value: fb.1.1698768308569.398061526
.linkedin.com/	1970-01-20 18:02:24	Name: li_sugr Value: 1e510f51-d8c6-4af3-976e-c91f98bd4cb5
.linkedin.com/	1970-01-21 00:38:24	Name: bcookie Value: "v=2&2a16ea05-5e4b-4980-8498-630a1bcfe61b"
.linkedin.com/	1970-01-20 15:54:14	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2669:u=1:x=1:i=1698768308:t=1698854708:v=2:sig=AQG2K5JRZXFrusgjex082PoZ775VQVvy"
.linkedin.com/	1970-01-20 16:36:00	Name: UserMatchHistory Value: AQKT5u4cpTHOpgAAAYuGe0oLR4eX93UG_r3MA0ldDoNO_uzDHq5BX7FHFVdAWDa5Rn5C8p4JGTQZDw
.linkedin.com/	1970-01-20 16:36:00	Name: AnalyticsSyncHistory Value: AQISXvln2OAbkQAAAYuGe0oLhGcPsit2swCoI9xHyy9RENJFhXq3EY0S117i7Vnz0wmhIHWljNthiQBInecsSQ
.fraud.net/	1970-01-21 00:38:45	Name: __adroll_fpc Value: 2c77f37ce89295bff492fc69f6801540-1698768309096
.fraud.net/	1970-01-21 00:38:24	Name: __ar_v4 Value:
.www.linkedin.com/	1970-01-21 00:38:24	Name: bscookie Value: "v=1&202310311605097c0cfe07-34a9-431c-8dac-d3c1818edfb7AQG-H2IsZiYmIkwb5fLP9ZNFskGOMI33"
.linkedin.com/	1970-01-20 20:12:00	Name: li_gc Value: MTswOzE2OTg3NjgzMDk7MjswMjHmR2AnRGvb7uHOn3xZgZosUxRmK7/i5g2x5XQAcfcFQw==
.fraud.net/	1970-01-21 00:38:24	Name: _hjSessionUser_2001329 Value: eyJpZCI6ImNkZGNlZWZjLWNiNzItNTk3ZS1hYmIwLWI5MTE3YTBjYTQ1OCIsImNyZWF0ZWQiOjE2OTg3NjgzMDkyNjcsImV4aXN0aW5nIjpmYWxzZX0=
.fraud.net/	1970-01-20 15:52:50	Name: _hjFirstSeen Value: 1
.fraud.net/	1970-01-20 15:52:48	Name: _hjIncludedInSessionSample_2001329 Value: 0
.fraud.net/	1970-01-20 15:52:50	Name: _hjSession_2001329 Value: eyJpZCI6IjY5OGQxYjU5LTFiMmMtNGMxMS04NjkyLTY3NjRkMDQyZGM5OSIsImNyZWF0ZWQiOjE2OTg3NjgzMDkyNjksImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.fraud.net/	1970-01-20 15:52:50	Name: _hjAbsoluteSessionInProgress Value: 0
.fraud.net/	1970-01-20 15:54:14	Name: _uetsid Value: 440977b0780711eea9b1734652806d07
.fraud.net/	1970-01-21 01:14:24	Name: _uetvid Value: 44098d30780711ee928233b4da469ac3
.bing.com/	1970-01-21 01:14:24	Name: MUID Value: 0604E72A68FD6E7F1A72F491698D6F40
fraud.net/	1970-01-20 15:52:51	Name: _gauges_unique_hour Value: 1
fraud.net/	1970-01-20 15:54:14	Name: _gauges_unique_day Value: 1
fraud.net/	1970-01-20 16:37:26	Name: _gauges_unique_month Value: 1
fraud.net/	1970-01-21 00:38:24	Name: _gauges_unique_year Value: 1
fraud.net/	1970-01-21 00:38:24	Name: _gauges_unique Value: 1
.vimeo.com/	1970-01-21 01:28:48	Name: vuid Value: pl1112156801.1055412038
.alocdn.com/	1970-01-21 00:38:24	Name: uuid Value: 140d4a3a-64e5-44df-b211-157456a40a22
.fraud.net/	1970-01-20 20:12:00	Name: __hstc Value: 57037109.3418cf83d6c31063cb10ab0540a9cdaa.1698768312435.1698768312435.1698768312435.1
.fraud.net/	1970-01-20 20:12:00	Name: hubspotutk Value: 3418cf83d6c31063cb10ab0540a9cdaa
.fraud.net/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraud.net/	1970-01-20 15:52:50	Name: __hssc Value: 57037109.1.1698768312435
.hubspot.com/	1970-01-20 15:52:50	Name: __cf_bm Value: 3K1HYVyH4gRRHSzduEBinoe8h9hGuOfVj3RMeyzpUnQ-1698768312-0-AZH4XawlOtLcqnvSvIQp6zXs3WX+k/wC7FZDtrXb9GynadMX4ZIWng2W68lpjRkB9GpwPz9TUn2K0UJ6hjtiQWo=
.aggle.net/	1970-01-20 18:02:24	Name: aggcid Value: 995f2394-eef9-4746-9ca7-502b44203499
.aggle.net/	1970-01-20 18:02:24	Name: aggpid Value: gAAAAABlQSW9eZkATFIfCVpN2KfN7KCspRIPkdtEr082_Kq3woKDZGJGASfwn_Ashnw1PiV9PVQlfSvheuaXCBT02ci1o-QbPRT3fjnwVtCdlhf304SY386Zq_C3E_l6rrMQvDZdoRou
fraud.net/	1970-01-21 00:39:50	Name: optiMonkClient Value: N4IgjA7BZgDCAuUBjAho0BmAHBkrkAXRWAGnwAcLEwA2ATmwlu0zvOQCdERaBWAEz1ktZMnoDMAUwAmfWLEkzYfAEYAWAGYhyAOwD2MmuQDOPEwAt9Ad1kgAvvfKaAbjQZMWmWPXIAbNwQ6RmZWHz19CkCwRyA==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fraud.net/(Line 742) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://fraud.net/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149360532.v2.pressablecdn.com
aggle.net
alocdn.com
api.events.convolo.ai
api.leads.convolo.ai
app.convolo.ai
app.leadconnect.cc
bat.bing.com
cdn-account.optimonk.com
cdn-asset.optimonk.com
cdn-renderer.optimonk.com
cdn.nytrng.com
connect.facebook.net
cta-service-cms2.hubspot.com
d.adroll.com
device.fraud.net
editor-upload-cdn.optimonk.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
fraud.net
fresnel.vimeocdn.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
i.vimeocdn.com
ib.adnxs.com
ipv4.d.adroll.com
jfapiprod.optimonk.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
media.fraud.net
nytrng.com
onsite.optimonk.com
os.aggle.net
p.gcprivacy.com
p2.gcprivacy.com
perf-na1.hsforms.com
player.vimeo.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
s.opensend.com
script.hotjar.com
secure.gaug.es
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
testpage.convolo.ai
track.cbdatatracker.com
track.hubspot.com
tracking.g2crowd.com
vimeo.com
ws.zoominfo.com
www.facebook.com
www.fraud.net
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
device.fraud.net
13.107.42.14
13.32.27.107
134.122.57.141
134.122.60.49
146.75.118.109
148.59.128.196
151.101.128.217
162.159.128.61
162.159.138.60
169.150.247.38
18.66.112.44
18.66.97.49
18.66.97.76
185.89.210.141
188.166.193.169
192.0.77.39
199.16.172.83
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2600:9000:2611:fa00:6:9280:1080:93a1
2606:4700:4400::ac40:90e1
2606:4700:4400::ac40:991b
2606:4700::6810:4dba
2606:4700::6810:890f
2606:4700::6810:8cce
2606:4700::6810:bf59
2606:4700::6811:589a
2606:4700::6811:cff9
2606:4700::6812:7e0c
2606:4700::6812:b07d
2606:4700::6812:c07d
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c03::9a
2a02:26f0:480:f::213:7ec6
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe05:bd10:7de8:ea54:baf7
3.161.119.14
3.161.119.41
3.33.163.81
34.117.177.207
34.120.202.204
34.217.225.11
52.30.245.118
52.72.38.254
54.163.187.81
54.189.11.195
75.2.91.175
0091e95e8c3756b1468ac8063de5c5551df6dfdeda001d0e67271e59507e37f7
05c856888b40ae795f21552ea3dbc983515b0fae55d16a6bb0aa0078e951621b
06e6d5a720e91307da56835c638a9d6033cab223b5d0f471118ae498c34a2076
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
1b31aa2b03872b6d54ccb8cdb78449dd044919943027a331231bf0961b405de5
1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
202a1fc83e30957471b122cce8067410ba5287bf36afe68d86138976a822f0b2
20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a
21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0
22a88801194c875a391610269bc567a5106af5f6f6054ce986d8c7caadd13f5e
234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4
25b17535c32193d3ed8de07e0f5500976a7c509245c9ce60ef7ebff1b7eb6650
27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d
2956f462aa06ca7c2b249b0eae2c86c64656ce15c2cd5ae6b2f185fe0eb83f95
2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7
304adf5eb6dd395fd121fb062ffc6d507859591fdd6dbc792b2e1fe5145ab4b9
38c2b246598bc4223f80008c6d937d71b4aac811d242a4737c7eaf7bdc602574
3c4de814e628c1b0479249d11f294b96467a8c10a508757c0fadc62634c775ad
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
410a7fc53ec839fe701e2e178384bc534a46b83fa4acb5ba9b5ef8dad5baa92a
41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776
422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d
4235ebbbf4d4eb308bc5126d28920befe5820bd83debffe0b9b5d423d4105fcc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99
4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0
487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4
493f7f3fd2b9a9f415e02cbf5463058ada1a5a1312e741b01135ef6306b666dc
494f80a55e08f36107c27839eab594804773c95da5a5d6d104ea32b3dbbd7440
4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711
4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831
4d71895405c76fc89a115fc80d9d4e5bba5d543345bc1ca5bffdd629091a2a03
4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5
4e690dd5360cab06b463f6d2868f3ee2afc58da237f6de3fa387f31c2ffa0f46
4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
503f9879662894f614fcea5c0800b8f175c0ded4fdb39e73acedf19980e72a5e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d
536e67f069e1dd44909aaa30cddc5849ba4c601615a46090275e99ac51d31d3c
54649f2c87a9870c4b0418427a5bb33fa58d694e0f4c830b025056528ce55b52
54786406759517e62b3fab9b70b28ef7f144227e353623c86cf5ee67ac924861
55dbd0e83e9d146778625976b8231c58419ec23b690f25dc5cd4c27667ca713d
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57705b53534a916c21dbc91759315cb85debdf590521e71672345a7c6cc73af0
5845423fa671b1f437768658bc1424ba2f089f85a8645e102bee9608a73e7e7d
598649c9ca160b89e08546ab2394ff428128645ab0432d430a55b66f1728e601
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d27d33568e57bb634250ad5fd29627bc444e1fab180d870f755013cf524ad28
5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
5f3bb4158aa27b8acaa0e34cfa16e137ed4fed90f2b41c75c131e91957a4798b
6437022dfef658c9c8f2098bd8033472e853eb8bb959fc4908e2bdb94adae67d
654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7
66b6834bed2e8a09f5c08b870a16274a4541702b7e3d850594f298cc3265c213
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
6787caaa0779d0192e97fc3fd330c679f639b55d0d521497fd347567867bf27c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c3e0b043dfebe1eed888d4eef31f3b72cea374a688836f7e6625efa539b2919
6c67dc03559ca74f7be543605408f0018ef16fbcc0cf81c7f207b065abe7277e
6dcd1a0d4df3371b9e40f03f5d2a690dec0ecaef01e18895829ceae84441f92a
70ceba313631a8887328812e871ea50456c5afb1f58f0989a1fc039d673b2f74
725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42
74fc957da10cee62811b21830908e4b12f4b9024c83e26869691ec19c0054854
75c420ce7fac68bdce03824c40fc0eb053a216f2fe446dd5ab1d674faf5dff98
7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78735831fdb0a0de118985ece8a65c36b3718c834ac0ceb75d47b14e8fed5e3d
78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275
7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7ee31a17e8c32a3aaf1747906ddcb9fa29586f247f0d61658ab1981694a61d19
7f79f6efe44385491775b8260407a13b69dadc5161d1005dc750d187135e39ed
8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12
804b13b5357088583d46a0f1d21d67a55ee5717953267d4fee9b2dcccf43b128
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
829d3e173d15395e73745125f382a34cc722fce0214c6b4200249ab6fd1f1d95
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840cd5bf0aab9a5f4e41d3c63763b742d7b5c0c7d45dac9f7d6d9198698e320a
84976e13dce2f95feb9e33c483d17cf0ce96ee4b1b848e0a647dfa160085ff19
8566b5839e309fd46ee7189f1af0337ffce13dc6f751a148ac589164f89e9de8
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
895e797ea2eea63d3dd6ce535c7c3311a8d95ed361c14ce725f328e967e98f93
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a0c544b697ef4b6786b9c4b36f3c5dd4723e0cd2c061412fcfe2d40724e68fc
8a1bd0b3c876860931005a8cf8f575b045bdb3d2e9bbf0059478aa2b90bd5bde
8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d
8af876fd2d89a59582b29aef113b878a3902d9d63891ef458bf4d3dc30fe4455
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8
97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58
97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276
98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e
9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9be2d6412eae24dc1e616cc56dcdef97920513dff73c3136b1a808622989aeb0
9cc2159ef06a8bd93aff277e3d532b233a5cabc820d764e5d9302a77724417df
9d10dafc81aa4e45f48e240dbacaead395b360587f3745ad62bc20bcc542ec96
9e2d1571e121ee068466b7424be44d1a80c0d02ffdb9c4a574bbbe51862d847f
9ee6ddfa6f66e5b318b948d904afcdefe1940bd5258c1c5fa1b06123c186a942
9fa38678ec66a853b8bb296d12f4a6737e712c48b614bc14144765cd4f7c9e23
a2647bde5c93ba38dbc8dda1e4ebd556f1bdb0e618fe3a0395844628edf76cf7
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a35b2643c9d2fd4f622d2fbf8117a04f27c748d3d68161799c73bd2433adea55
a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5
a63a2d17b8de1f4e791487bc964358621876211210e9faa4f244c48918c66a3c
a69f80a41d67db1d65201e37988539cc8598c58dd1136b18cbdfdd7b1978d6ab
ab2e46ce2db71f3916aeb18616ad899f2d73578f51ae2016c194c33dabf70ce6
ae670b90d5cd8876c8947434d667529d89ab8e5859031cc5e367ee0d723a6bfc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de
afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b
b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58
b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841
b5992a144aa666d4dca36d0aa34ad2e4529a931e5e24cf57f040a0bc3707dc2e
b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108
b628ff95829edd2fcb3fc5e787206ff4c9f5a0ef262f05ec2349575de01ed8fe
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcfd0997c75acc5ec0cecb8deb53fdf5bc3b8d3d586fc015dde0fade08ea80ac
bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012
bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5
be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c13c379929f50727244fe3906d7d79c0662e81ce80628a714d890e060bef64e9
c62b71b87fd7f55e9ca8aa44b4612e3aa73756e38da61105381ab00a75effb60
c7d26650e92cefe3dca2d12dbc1524fbbed818e854aa3a18a7c74520873f8441
c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c90fa12377dca0cca457f2e3cf34e10ab941944605e67237ea5584a7d66a34c7
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c949a9be1e6915377993ab167ba99db993bd05f1da11806344865a7c2d6fb4ca
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cade5bd9008bcb7af93702022593396aba4e367792f2085314aa6274922719c6
cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e
d08a091dbb7f768f0aa32c30a3c2c5c8bcdfda0a1aed223765e86afd054669da
d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1
d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368
d7469b9f43b0ca52a2d6aec54d82ca1f1ec58452775886d174e4de2248764732
d83cf33e0148cb99abbc0335bd8bf41fb482597ba3a0b30a336e4c0f3f0d75e8
d8685227ba656570ae56e1daa4b5a27c0f496168204b3eba649d55c76a2d242b
d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e
d8e956086214c5f75c3adbdfbb5a9b4f27fba4da14ab9fec50c0d3b5de9d8f80
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e08e639d53da3f39d5268d54d1cb74353a987d50223b8408a4b56508fbd7faa4
e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1
e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651
e598bdc4d27b7b6eecde3ae3b6fb268b9de4294320e220202aaa13335fd7f7cb
e5e33325fe1bae8820606f7d18c7669c5c4b7859481512cbb4093ebd45d0dc05
e7ebc09ea4264d3ba1ff60cf6d219117d5f6d67bdfcd2596fb69583773c2046f
e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090
ed2f2d09e64893148193fc6b1ed3be403db892d1b9ef445a4754106ec6416239
ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f141f8d9c1eaa4512f722e8a86bd4249f59aa66542aa3fff876e6f8f4a3c45b8
f1e5fe9acb1332184dc06dfb30ea20fa113063a0b147d01da1e85ff3b0304bab
f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8a116c57474211710d33c18dcf0f68617e10289115fb1ff1958d015150a12cb
f9367526cef2a975bc8f5d8d60630bf0460ecd59579a0f5bebb483ab476ff71c
f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf
f9d183faaa1cb54089d43a4b2cf3d3ea7c95e96a7053c5a5ed93b18b002f3ec6
fa8273933101146ea0678f1d44ffdde8630c02280e33d4ab052d61bfdb7dbb6f
faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684
fb5555dad215acd4daff31cd634b90cb776de540a3aa39cb0c07247e1a0f0d9a
fc3585334db84f341ccd0e9ad6a28ef86f709d833adfe532fbb5e82f77623293
fe89c71dfc84b72996af9497f681ea0afcfc0d8423bbdfda8724bfb132d83a65
fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

fraud.net Open in urlscan Pro 199.16.172.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

249 Requests

97 %HTTPS

53 %IPv6

39 Domains

72 Subdomains

59 IPs

7 Countries

7810 kBTransfer

15163 kBSize

54 Cookies

7 Outgoing links

Page URL History

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

97 %
HTTPS

53 %
IPv6

39
Domains

72
Subdomains

59
IPs

7
Countries

7810 kB
Transfer

15163 kB
Size

54
Cookies

249 HTTP transactions
5 data transactions