fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.securemailapp.com/
Effective URL:
https://fraud.net/
Submission: On September 09 via automatic, source certstream-suspicious (September 9th 2024, 8:55:24 pm UTC) — Scanned from US

Summary HTTP 224 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 50 domains to perform 224 HTTP transactions. The main IP is 199.16.172.83, located in United States and belongs to AUTOMATTIC, US. The main domain is fraud.net. The Cisco Umbrella rank of the primary domain is 200085.
TLS certificate: Issued by E5 on August 8th 2024. Valid for: 3 months.

This is the only time fraud.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
15	199.16.172.83 199.16.172.83	2635 (AUTOMATTIC) (AUTOMATTIC)
33	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 _) (CDN77 _)
62	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8e77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
3	188.166.193.169 188.166.193.169	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:e80... 2600:141b:e800:b::172c:831f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.106.101 108.138.106.101	16509 (AMAZON-02) (AMAZON-02)
1 6	2600:9000:23c... 2600:9000:23cb:ea00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.238.49.94 18.238.49.94	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:752b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.59.128.196 148.59.128.196	33561 (LUNAVI-WY) (LUNAVI-WY)
2	2606:4700::68... 2606:4700::6812:1fb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.124.128 18.164.124.128	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:afbc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	134.122.57.141 134.122.57.141	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9b	15169 (GOOGLE) (GOOGLE)
4 7	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.72.195.133 52.72.195.133	14618 (AMAZON-AES) (AMAZON-AES)
1	3.167.56.55 3.167.56.55	16509 (AMAZON-02) (AMAZON-02)
1 8	44.242.74.134 44.242.74.134	16509 (AMAZON-02) (AMAZON-02)
4	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700::68... 2606:4700::6812:50cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8911	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6dfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
12 15	2600:1f18:61c... 2600:1f18:61c0:2205:33cf:a369:fe86:653f	14618 (AMAZON-AES) (AMAZON-AES)
1	54.170.235.127 54.170.235.127	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:61c... 2600:1f18:61c0:2208:9d42:2610:200e:3961	14618 (AMAZON-AES) (AMAZON-AES)
1	52.206.141.127 52.206.141.127	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:61c... 2600:1f18:61c0:2209:54de:e092:fdc3:dce0	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
1 1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.27.154.167 52.27.154.167	16509 (AMAZON-02) (AMAZON-02)
1	23.196.3.181 23.196.3.181	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.33.163.81 3.33.163.81	16509 (AMAZON-02) (AMAZON-02)
2 2	34.226.61.186 34.226.61.186	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:8694:a3e:b8a1:a64b	14618 (AMAZON-AES) (AMAZON-AES)
1	23.196.3.205 23.196.3.205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
224	62

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.securemailapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 199.16.172.83 (United States)

ASN2635 (AUTOMATTIC, US)

fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)

onsite.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onsite2.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-account.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-limit.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-asset.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-renderer.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
editor-upload-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149360532.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8e77 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.166.193.169 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:e800:b::172c:831f (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:23cb:ea00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-94.jfk52.r.cloudfront.net

media.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:752b (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.59.128.196 (Canada)

ASN33561 (LUNAVI-WY, US)

track.cbdatatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1fb0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-128.jfk50.r.cloudfront.net

s.opensend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:afbc (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.122.57.141 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

app.convolo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.brightcall.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.195.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-195-133.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.56.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-55.iad61.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.242.74.134 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-74-134.us-west-2.compute.amazonaws.com

oirt.aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:50cc (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8911 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6dfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:1f18:61c0:2205:33cf:a369:fe86:653f (Ashburn, United States) 12 redirects

ASN14618 (AMAZON-AES, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.235.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-235-127.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:61c0:2208:9d42:2610:200e:3961 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

x.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.141.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-141-127.compute-1.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:61c0:2209:54de:e092:fdc3:dce0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

x.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.202.130 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.75 (Colonia, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.27.154.167 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-154-167.us-west-2.compute.amazonaws.com

alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.3.181 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-181.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.163.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: a938864f9581ea3da.awsglobalaccelerator.com

aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.61.186 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-61-186.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:8694:a3e:b8a1:a64b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.3.205 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-205.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	pressablecdn.com 149360532.v2.pressablecdn.com	2 MB
40	optimonk.com onsite.optimonk.com — Cisco Umbrella Rank: 55301 onsite2.optimonk.com front.optimonk.com — Cisco Umbrella Rank: 37143 gs-cdn.optimonk.com — Cisco Umbrella Rank: 47502 cdn-account.optimonk.com — Cisco Umbrella Rank: 57342 cdn-limit.optimonk.com jfapiprod.optimonk.com — Cisco Umbrella Rank: 42592 cdn-asset.optimonk.com — Cisco Umbrella Rank: 71352 cdn-renderer.optimonk.com — Cisco Umbrella Rank: 98564 editor-upload-cdn.optimonk.com — Cisco Umbrella Rank: 102967	614 KB
24	adroll.com 13 redirects s.adroll.com — Cisco Umbrella Rank: 5194 d.adroll.com — Cisco Umbrella Rank: 2660 x.adroll.com — Cisco Umbrella Rank: 8113 ipv4.d.adroll.com — Cisco Umbrella Rank: 15429	50 KB
16	fraud.net fraud.net — Cisco Umbrella Rank: 200085 media.fraud.net — Cisco Umbrella Rank: 203060 device.fraud.net Failed	74 KB
11	aggle.net 1 redirects oirt.aggle.net — Cisco Umbrella Rank: 67523 aggle.net — Cisco Umbrella Rank: 23568	7 KB
8	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	4 KB
7	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 8139 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 8074 forms-na1.hubspot.com track.hubspot.com — Cisco Umbrella Rank: 5359 forms.hubspot.com — Cisco Umbrella Rank: 11636	29 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	314 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	1 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 td.doubleclick.net — Cisco Umbrella Rank: 481 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	3 KB
5	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 9382 forms-na1.hsforms.com — Cisco Umbrella Rank: 15115 perf-na1.hsforms.com — Cisco Umbrella Rank: 8524	5 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 937 i6.liadm.com — Cisco Umbrella Rank: 5739	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	287 KB
2	lijit.com pxdrop.lijit.com — Cisco Umbrella Rank: 6153	2 KB
2	alocdn.com 1 redirects alocdn.com — Cisco Umbrella Rank: 10042	687 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 383	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 632	981 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 612	561 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 864	515 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 689	827 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102	1 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 499	833 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 9601 forms.hscollectedforms.net — Cisco Umbrella Rank: 9837	25 KB
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 55286	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 19182	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	62 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 3381	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 2197	365 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1373	581 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1277	360 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555	1 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 1285	633 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 8904	171 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 11009	92 KB
1	brightcall.ai app.brightcall.ai	226 B
1	convolo.ai 1 redirects app.convolo.ai	338 B
1	opensend.com s.opensend.com — Cisco Umbrella Rank: 125641	10 KB
1	cbdatatracker.com track.cbdatatracker.com — Cisco Umbrella Rank: 335533	180 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 10891	2 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 14516	157 KB
1	securemailapp.com 1 redirects www.securemailapp.com	294 B
224	50

	Domain	Requested by
62	149360532.v2.pressablecdn.com	fraud.net 149360532.v2.pressablecdn.com
20	onsite2.optimonk.com	onsite.optimonk.com onsite2.optimonk.com fraud.net
15	d.adroll.com	12 redirects s.adroll.com fraud.net
15	fraud.net	fraud.net 149360532.v2.pressablecdn.com
8	oirt.aggle.net	1 redirects fraud.net s.opensend.com
6	px.ads.linkedin.com	3 redirects snap.licdn.com fraud.net
6	s.adroll.com	1 redirects www.googletagmanager.com fraud.net s.adroll.com
5	editor-upload-cdn.optimonk.com	fraud.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	js.hsforms.net fraud.net www.gstatic.com
4	jfapiprod.optimonk.com	gs-cdn.optimonk.com
3	aggle.net	fraud.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fraud.net
3	front.optimonk.com	onsite2.optimonk.com
3	www.googletagmanager.com	fraud.net www.googletagmanager.com
2	track.hubspot.com
2	i.liadm.com	2 redirects
2	pxdrop.lijit.com	fraud.net pxdrop.lijit.com
2	alocdn.com	1 redirects
2	ib.adnxs.com	1 redirects fraud.net
2	eb2.3lift.com	1 redirects fraud.net
2	ups.analytics.yahoo.com	1 redirects fraud.net
2	us-u.openx.net	1 redirects fraud.net
2	idsync.rlcdn.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects fraud.net
2	x.bidswitch.net	1 redirects fraud.net
2	forms-na1.hubspot.com	js.hsforms.net
2	x.adroll.com	s.adroll.com fraud.net
2	cdn-asset.optimonk.com	onsite2.optimonk.com
2	www.facebook.com	fraud.net
2	forms-na1.hsforms.com	fraud.net
2	secure.gaug.es	fraud.net
2	td.doubleclick.net	www.googletagmanager.com
2	forms.hsforms.com	js.hsforms.net fraud.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tracking.g2crowd.com	fraud.net tracking.g2crowd.com
2	connect.facebook.net	fraud.net connect.facebook.net
2	cdn-account.optimonk.com	onsite2.optimonk.com
2	player.vimeo.com	fraud.net
2	fonts.googleapis.com	fraud.net onsite2.optimonk.com
1	forms.hubspot.com	js.hsleadflows.net
1	i6.liadm.com	fraud.net
1	sync.taboola.com	fraud.net
1	image2.pubmatic.com	fraud.net
1	sync.outbrain.com	fraud.net
1	pixel.rubiconproject.com	fraud.net
1	pippio.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	perf-na1.hsforms.com	fraud.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	ipv4.d.adroll.com	fraud.net
1	www.gstatic.com	www.google.com
1	cdn-renderer.optimonk.com	onsite2.optimonk.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	content.hotjar.io	script.hotjar.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	fraud.net
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	app.brightcall.ai	fraud.net
1	app.convolo.ai	1 redirects
1	s.opensend.com	fraud.net
1	track.cbdatatracker.com	fraud.net
1	ws.zoominfo.com	fraud.net
1	media.fraud.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	cdn-limit.optimonk.com	onsite2.optimonk.com
1	gs-cdn.optimonk.com	onsite2.optimonk.com
1	js.hsforms.net	fraud.net
1	onsite.optimonk.com	fraud.net
1	www.securemailapp.com	1 redirects
0	device.fraud.net Failed	media.fraud.net
224	81

This site contains links to these domains. Also see Links.

Domain
api-docs.fraud.net
releasenotes.fraud.net
portal.fraud.net
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
tls.automattic.com E5	`2024-08-08` - `2024-11-06`	3 months	crt.sh
onsite.optimonk.com R11	`2024-09-02` - `2024-12-01`	3 months	crt.sh
v2.pressablecdn.com E6	`2024-08-13` - `2024-11-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
player.vimeo.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
hsforms.net WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
onsite2.optimonk.com R11	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.optimonk.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-06-24` - `2025-07-26`	a year	crt.sh
gs-cdn.optimonk.com R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh
cdn-account.optimonk.com R11	`2024-09-02` - `2024-12-01`	3 months	crt.sh
cdn-limit.optimonk.com R10	`2024-08-01` - `2024-10-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
*.fraud.net Amazon RSA 2048 M02	`2023-10-11` - `2024-11-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-19` - `2024-09-17`	3 months	crt.sh
zoominfo.com E5	`2024-08-14` - `2024-11-12`	3 months	crt.sh
track.cbdatatracker.com RapidSSL TLS RSA CA G1	`2024-04-03` - `2025-04-02`	a year	crt.sh
g2crowd.com WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh
aggle.net Amazon RSA 2048 M02	`2024-05-24` - `2025-06-23`	a year	crt.sh
hsforms.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-08-27` - `2025-02-27`	6 months	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2024-03-03` - `2025-04-03`	a year	crt.sh
jfapiprod.optimonk.com WR3	`2024-08-28` - `2024-11-26`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsleadflows.net WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
hscollectedforms.net WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M03	`2024-09-08` - `2025-10-07`	a year	crt.sh
cdn-asset.optimonk.com R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
cdn-renderer.optimonk.com R11	`2024-08-24` - `2024-11-22`	3 months	crt.sh
*.adroll.com Amazon RSA 2048 M02	`2024-07-03` - `2025-07-31`	a year	crt.sh
cert2-prod.aut.a24365.net R11	`2024-07-26` - `2024-10-24`	3 months	crt.sh
editor-upload-cdn.optimonk.com R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://fraud.net/
Frame ID: ED17BD4FE81D583D3D70EE95FD539947
Requests: 213 HTTP requests in this frame

Frame: https://player.vimeo.com/video/235637953
Frame ID: 72057D76BB5840090DB82AAB523CC5D6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/998743206?random=1725915316586&cv=11&fst=1725915316586&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940z879957660za201zb79957660&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&hn=www.googleadservices.com&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&npa=0&pscdl=noapi&auid=737559216.1725915316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 085CF6FDBE04C91C9530F24E6F3BEF41
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-GPKLFPPQY0&gacid=429145462.1725915317&gtm=45je4940v9102467835z879957660za200zb79957660&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=2008142335
Frame ID: B0149273DEEFD065960F1665CB738FC9
Requests: 1 HTTP requests in this frame

Frame: https://cdn-renderer.optimonk.com/ssr/177110/66cf30d56384280024f76f55.html?v=1724878082&v2=1724878086
Frame ID: 3D04244714928D7724CD0FC1C6866F9A
Requests: 1 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
Frame ID: 76F9F5DBD7DD49840CE2CAC5A1AA265C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&badge=inline&cb=ed4eq3cxlmtr
Frame ID: 3E4E59115BB58AB7702250FCE24A1966
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1523.808&cid=c026&cls=append
Frame ID: 3F078308E0FE65778EFE4051004A9923
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 33B71029C22A08BCA222C4B8BF26588E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AI Fraud Detection for Enterprises | Fraud.net

Page URL History Show full URLs

https://www.securemailapp.com/ HTTP 301
https://fraud.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

224
Requests

90 %
HTTPS

45 %
IPv6

50
Domains

81
Subdomains

62
IPs

6
Countries

4298 kB
Transfer

10378 kB
Size

96
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://api-docs.fraud.net/
Title: Developers

Search URL Search Domain Scan URL

URL: https://releasenotes.fraud.net/
Title: Product Release Notes

Search URL Search Domain Scan URL

URL: https://portal.fraud.net/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fraud-net/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fraudnet/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.securemailapp.com/ HTTP 301
https://fraud.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://app.convolo.ai/js/icallback.js?v=0.6710214480378682&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F HTTP 301
https://app.brightcall.ai/js/icallback.js?v=0.6710214480378682&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F

Request Chain 110

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1725915316961%26li_adsId%3D578e6e72-ddfd-41ce-9730-755b07c7c86a%26url%3Dhttps%253A%252F%252Ffraud.net%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQJzhOQ1Gqx4JgAAAZHYkcdDCHwZxklirzJH3IUCGQGpB7Pn4KjHJ4y538Hv_6DtFUqQu6442LIbVOL4awkvAnSn5evol48

Request Chain 117

https://oirt.aggle.net/r3r HTTP 301
https://oirt.aggle.net/r3r/0a56520b-0bcb-4588-b73a-758be51ac3ed

Request Chain 176

https://d.adroll.com/cm/b/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM

Request Chain 177

https://d.adroll.com/cm/g/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=X5_Yz7NKPGKFNwMIQkUsjA HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 178

https://d.adroll.com/cm/index/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expiration=1757451318 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expiration=1757451318&C=1

Request Chain 179

https://d.adroll.com/cm/l/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=5f9fd8cfb34a3c628537030842452c8c HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGMQABoNCLbB_bYGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=4fee8ce7377707a8e99fa92274890ce3b214f839e6af82950f4a1f0c5a81907a791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4fee8ce7377707a8e99fa92274890ce3b214f839e6af82950f4a1f0c5a81907a791426b5417dce21&rand=01065241

Request Chain 180

https://d.adroll.com/cm/n/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expires=365

Request Chain 181

https://d.adroll.com/cm/o/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f9fd8cfb34a3c628537030842452c8c&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f9fd8cfb34a3c628537030842452c8c&gdpr=0&gdpr_consent=

Request Chain 182

https://d.adroll.com/cm/outbrain/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 183

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 184

https://d.adroll.com/cm/r/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 185

https://d.adroll.com/cm/taboola/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM

Request Chain 186

https://d.adroll.com/cm/triplelift/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 187

https://d.adroll.com/cm/x/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM

Request Chain 190

https://alocdn.com/c/9rgi64bf/a/xtarget/p.json HTTP 302
https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F

Request Chain 193

https://i.liadm.com/s/85221?&aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_=0.6312981191534182 HTTP 303
https://i.liadm.com/s/85221?=&aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_li_chk=true&_=0.6312981191534182 HTTP 303
https://i6.liadm.com/s/85221?aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_=0.6312981191534182

224 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fraud.net/
Redirect Chain

https://www.securemailapp.com/
https://fraud.net/

153 KB
26 KB

59ms
11ms

Document
text/html

199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d3bc5db1b5795bc53bc2a7d3e1a492e96c68d64004705272dee00406057f2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: origin
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 09 Sep 2024 20:55:15 GMT
host-header: wpcloud
last-modified: Mon, 09 Sep 2024 19:49:16 GMT
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/89913>; rel="alternate"; title="JSON"; type="application/json" <https://fraud.net/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.jfk _atomic_dca STALE
x-frame-options: SAMEORIGIN
x-nananana: Batcache-Set
x-xss-protection: 1; mode=block

Redirect headers

Connection: close
Content-Length: 52
Content-Type: text/html; charset=utf-8
Date: Mon, 09 Sep 2024 20:55:15 GMT
Location: https://fraud.net
Server: ip-10-123-125-245.ec2.internal
Vary: Accept-Encoding
X-Request-Id: d4a38a6f-c89e-4ad2-a012-ea92baab4910

GET
H2 200 script.js Show response
onsite.optimonk.com/ 5 KB
2 KB 82ms
13ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://onsite.optimonk.com/script.js?account=177110

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

c67e68973edfa62b29667248742a726c45ce09147d4854c8cf9214b848a2464a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 885
x-dns-prefetch-control: off
cdn-cachedat: 09/09/2024 18:05:31
cdn-pullzone: 950289
x-xss-protection: 1; mode=block
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"12b3-kFeEtJPKudkCMW5d6nW+YIVrVJs"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=180
cdn-requestid: f024e6ef9cb0aecce28bc9b3cc0b0f4a
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/plugins/gutenberg/build/block-library/ 111 KB
15 KB 53ms
13ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=19.1.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b54944ae239e589612ce901656a07eb947eb34ef16054b2781d5bcee57d63ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Wed, 28 Aug 2024 16:08:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/gutenberg/build/block-library/style.css>; rel="canonical"
alt-svc: clear, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.css
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/ 19 KB
3 KB 48ms
9ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css?ver=2.2.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fa8273933101146ea0678f1d44ffdde8630c02280e33d4ab052d61bfdb7dbb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 encyclopedia.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 1 KB
869 B 60ms
22ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css?ver=6.6.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0091e95e8c3756b1468ac8063de5c5551df6dfdeda001d0e67271e59507e37f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 9 KB
2 KB 53ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css?ver=6.6.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 83 KB
3 KB 83ms
38ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.7.10

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

449a607424de8313b9432f4c9cd1a4c88c68f06d169ce0019540f5886d20d6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 20:55:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Sep 2024 20:55:15 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/ 6 KB
2 KB 53ms
16ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/style.css?ver=7.9.5

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b628ff95829edd2fcb3fc5e787206ff4c9f5a0ef262f05ec2349575de01ed8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:30:53 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/newsletter/style.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 889 KB
104 KB 53ms
17ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4de50d0f0563103a9a51080cd303fa3c61b059189411435bf36a884bcc7ddd86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/style.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 uncode-icons.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 60 KB
13 KB 63ms
27ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1054650aaad2b126aa97e4b6f2a4caf3d996a87707100dfbe77819b65f0f005c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/uncode-icons.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 style-custom2.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 320 KB
29 KB 59ms
23ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style-custom2.css

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9801c8c01f4b6f9a836df270946d8eeffe8f2d0db88013654b38d4a1c6ab6fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/css/style-custom2.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 main.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 16 KB
5 KB 56ms
21ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.css?ver=1.19.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 86 KB
31 KB 63ms
27ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 13 KB
5 KB 61ms
25ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ai-uncode.min.js Show response
fraud.net/wp-content/themes/uncode/library/js/ 4 KB
2 KB 19ms
17ms Script
application/javascript 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
x-ac: 1.jfk _atomic_dca HIT
etag: W/"65de0ff9-e27"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sat, 23 Aug 2025 08:53:29 GMT

GET
H2 200 init.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/ 118 KB
26 KB 62ms
29ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

598649c9ca160b89e08546ab2394ff428128645ab0432d430a55b66f1728e601

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 fnlogo-e1559250900846.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 5 KB
5 KB 21ms
12ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Thu, 26 Sep 2019 10:46:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-e1559250900846.png>; rel="canonical"
content-length: 4859
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 fnlogo-white.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 2 KB
3 KB 21ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/fnlogo-white.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Thu, 26 Sep 2019 10:52:24 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/fnlogo-white.png>; rel="canonical"
content-length: 2249
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 52ms
39ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 53ms
39ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 53ms
41ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
5 KB 11ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 afterpay_logo-transp-uai-258x51.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/ 5 KB
5 KB 10ms
8ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d27d33568e57bb634250ad5fd29627bc444e1fab180d870f755013cf524ad28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Apr 2022 21:46:10 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/04/afterpay_logo-transp-uai-258x51.png>; rel="canonical"
content-length: 5149
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 80ms
34ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 1933
Date: Mon, 09 Sep 2024 20:55:15 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish
Age: 1732
x-cache: HIT
Connection: keep-alive
x-backend-server: player-backend-edge-entry
Content-Length: 11434
x-served-by: cache-lga21989-LGA
x-player-backend: g
Server: cloudflare
x-timer: S1725915316.854918,VS0,VE0
vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
Cache-Control: max-age=1800
x-bapp-server
accept-ranges: bytes
CF-RAY: 8c0a14040d240c88-EWR
expires: Mon, 09 Sep 2024 16:56:23 GMT

GET
H3 200 Infographic_ApplicationAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 16ms
15ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_ApplicationAi.png>; rel="canonical"
content-length: 6704
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Infographic_TransactionAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 86ms
54ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca HIT
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_TransactionAi.png>; rel="canonical"
content-length: 7756
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Infographic_LoginAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 86ms
55ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_LoginAi.png>; rel="canonical"
content-length: 7114
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Infographic_AccountAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 86ms
55ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:49 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_AccountAi.png>; rel="canonical"
content-length: 7022
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Infographic_DeviceAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 86ms
55ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:47 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_DeviceAi.png>; rel="canonical"
content-length: 6746
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Infographic_EmailAi.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 86ms
56ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:45 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Infographic_EmailAi.png>; rel="canonical"
content-length: 7027
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Computer-Appstore-e1628881087778-uai-258x160.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 20 KB
20 KB 87ms
57ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-258x160.png>; rel="canonical"
content-length: 20075
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 internet-of-things.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 87ms
58ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/internet-of-things.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/internet-of-things.png>; rel="canonical"
content-length: 4067
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 money-making.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
4 KB 88ms
58ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/money-making.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca HIT
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:59 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/money-making.png>; rel="canonical"
content-length: 3493
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 growth.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 2 KB
2 KB 88ms
59ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/growth.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:16:01 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/growth.png>; rel="canonical"
content-length: 1789
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 secure.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 90ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/secure.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:16:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/secure.png>; rel="canonical"
content-length: 3029
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Group-370.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 385 B
764 B 91ms
62ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-370.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca HIT
strict-transport-security: max-age=15552000
last-modified: Mon, 13 Sep 2021 15:45:26 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-370.png>; rel="canonical"
content-length: 385
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 featuredcustomers_logo_stars-e1646751392635.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 10 KB
10 KB 81ms
51ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:56:32 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/featuredcustomers_logo_stars-e1646751392635.png>; rel="canonical"
content-length: 10025
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Juniper_award-uai-258x172.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 37 KB
38 KB 81ms
52ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 22:40:58 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/Juniper_award-uai-258x172.png>; rel="canonical"
content-length: 38348
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Group-448.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 84ms
55ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-448.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:13:52 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-448.png>; rel="canonical"
content-length: 3105
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 Capterra_stars.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/ 9 KB
9 KB 83ms
55ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Wed, 20 Nov 2019 21:35:31 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2019/11/Capterra_stars.jpg>; rel="canonical"
content-length: 9072
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 MicrosoftTeams-image-e1646750843390-uai-258x122.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 17 KB
17 KB 86ms
60ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:47:54 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-e1646750843390-uai-258x122.png>; rel="canonical"
content-length: 17007
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 g2-new2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 2 KB
3 KB 86ms
61ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/g2-new2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Mar 2022 23:10:02 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/g2-new2.png>; rel="canonical"
content-length: 2471
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 accenture_new.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/ 3 KB
3 KB 75ms
50ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2022/03/accenture_new.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 08 Mar 2022 14:46:15 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2022/03/accenture_new.png>; rel="canonical"
content-length: 3109
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ 483 KB
157 KB 105ms
78ms Script
application/javascript 2606:4700::6812:8e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8e77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
age: 555
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5999/bundles/project-v2.js&cfRay=8bd6881de832c981-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6baa082bb753a0d6d6e8a595ed1a8003"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5999/bundles/project-v2.js
date: Mon, 09 Sep 2024 20:55:15 GMT
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: AFaf8mWb39Qooe1K5qzICbDOfESNQB7s
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3d878ede-91d0-4786-a04f-caa68c00d5a0
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3d878ede-91d0-4786-a04f-caa68c00d5a0
last-modified: Tue, 03 Sep 2024 14:36:36 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkahW8FaeV80wHDsi3rqK4yO34PEsO%2F8C8uGMo6ooGt0Gat2Q4borkdSp2YxYhVzsJKtlBOeWSlfT4LeR0mMKCOeNbUQ2q6rYakEnB1wGGaaKwNVOtGMMD5LY6RC4%2F8k6TfDF93nTJMP74h%2B"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-kw9cm
cf-ray: 8c0a1403feab430d-EWR
x-amz-cf-id: 82bTyKLDQ40IBMizJbBQxZd84RlkKIL5moeks1NqMWSnnwmPHf8ijg==

GET
H3 200 js-cookie.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 47ms
43ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 uncode-privacy-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 4 KB
2 KB 44ms
35ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.2.3

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7ee31a17e8c32a3aaf1747906ddcb9fa29586f247f0d61658ab1981694a61d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tooltipster.bundle.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 39 KB
11 KB 43ms
34ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tooltips.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 2 KB
1 KB 43ms
30ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

70ceba313631a8887328812e871ea50456c5afb1f58f0989a1fc039d673b2f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 29 Sep 2023 14:32:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 plugins.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 777 KB
210 KB 43ms
29ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

aec9f4f7455da97df0df620ef3773a19089cd36b9af30fc0fc90f79eb8e7f869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 app.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 270 KB
59 KB 51ms
37ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

15c15643141bd4c8fb383b7e2c4d8406a7bdf5d31d2e648126c0f6d5a9a85f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
link: <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H3 200 main.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 1 KB
925 B 52ms
39ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.19.0

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Tue, 23 May 2023 11:27:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET 06e8d59d-0b39-4ca5-a4c0-d38d7588c746
https://fraud.net/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
103 KB 181ms
109ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

724658c0036cf42c98598aabf953e8cafec4ce6dee888ead261bbfd28e104f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105026
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 20:25:25 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Sep 2024 20:55:15 GMT

GET
H2 200 embedded.js Show response
onsite2.optimonk.com/script.esm/ 170 KB
55 KB 93ms
38ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Requested by: Host: onsite.optimonk.com
URL: https://onsite.optimonk.com/script.js?account=177110
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 48d330c460234a97e28472e988bce90883d37629813e38e114fd195460dff5b9

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:15 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljtptSVRvey4Oo8Zm52Zwv3GYnS3wCZG_6b_7tG6cO2dAZukkep6xDuugqijCMieir6CBuI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/09/2024 20:55:15
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:14 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"e3ab7e3dde3b76b905173726acf8a771"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616334123807
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=wdAEoQ==, md5=46t+Pd47drkFFzcmrPincQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 174187
cdn-cache: MISS
cdn-requestid: 1533db84d486cf3cac937048ca9ccf95
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 120ms
87ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.7.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 06:39:25 GMT
x-content-type-options: nosniff
age: 483350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Sep 2025 06:39:25 GMT

GET
H2 200 uncode-icons.woff2
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/ 145 KB
146 KB 119ms
89ms Font
application/font-woff2 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff2

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6972b66b95853b03c2bc72665973cc84fc1228c191d43e911ed6aa8e43331b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 27 Feb 2024 16:38:17 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff2>; rel="canonical"
content-length: 148848
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 280 B
802 B 1075ms
1060ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d4fa0ff9b061ce64b83948570d0ca0be8a76f49b9263325eeaa26ac87c86fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 MicrosoftTeams-image-2-2-uai-258x110.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 32 KB
32 KB 92ms
89ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Mon, 09 Sep 2024 20:55:15 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2-uai-258x110.png>; rel="canonical"
content-length: 32700
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:15 GMT

GET
H2 200 177110 Show response
front.optimonk.com/analytics/siteinfo/ 42 B
416 B 319ms
100ms XHR
application/json 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/analytics/siteinfo/177110

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

df81a2c6d1639190dd029f1bf508796113acf7dd3d686a6dbba0d567cd575478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"2a-vUB08qf2tIhdu3jxvt2Wix9OJwU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: public, max-age=604800
x-xss-protection: 1; mode=block

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 89 KB
31 KB 74ms
8ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=15
Requested by: Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 84174f4a74a46dda3cc45a7a3a313d9a17f470afa80a8446b67d2d888fc7278b

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AHxI1nMIReAfrj74-53m5YKW3-GJF8gH3srxb3LGtbxCMthBXrt4kM73whTFSpe1tkMFni7bg3eW86ZjLw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 08/05/2024 20:52:08
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Tue, 02 Jul 2024 07:28:54 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2125be76824d918a36ad79b424076839"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1719905334363125
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=oe7ctg==, md5=ISW+doJNkYo2rXm0JAdoOQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 91352
cdn-cache: HIT
cdn-requestid: 81d42695a8da3062a20800a61144ef9d
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 accountInfo.json Show response
cdn-account.optimonk.com/177110/ 393 B
1 KB 68ms
9ms XHR
application/json 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-account.optimonk.com/177110/accountInfo.json
Requested by: Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 88e984a5157644a26223b80c61f432b5ee292b47be0213c0694c111608699a3f

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-guploader-uploadid: AD-8ljslDgI8IxJezrWW7EorHQEMRwoERBL-dHNentDDnxqu1cC-_rKMcaIm3Assd0tomFRSAms
cdn-pullzone: 951434
x-goog-stored-content-encoding: identity
cdn-proxyver: 1.04
x-bunnycdn-countrycode: US
etag: W/"37d8533dcf5d9f62d3e5e3478894d58e"
vary: Accept-Encoding
x-goog-generation: 1725900008204452
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: X-BunnyCDN-CountryCode, X-BunnyCDN-Client-IP
cache-control: public, max-age=0
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date: Mon, 09 Sep 2024 20:55:16 GMT
cdn-edgestorageid: 885
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/09/2024 20:13:44
x-bunnycdn-client-ip: 2a0d:5600:24:1500:1012:2436:5b1f:74f5
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 09 Sep 2024 16:40:08 GMT
server: BunnyCDN-NY1-885
cdn-requestpullcode: 200
x-goog-hash: crc32c=oDlJ+w==, md5=N9hTPc9dn2LT5eNHiJTVjg==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
x-goog-stored-content-length: 393
cdn-requestid: bf344d493d7e12ca3737013a5bc39d3a
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 limit.json Show response
cdn-limit.optimonk.com/public/177110/ 18 B
602 B 177ms
116ms XHR
application/json 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-limit.optimonk.com/public/177110/limit.json

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

13f1c9070b3a17df4544f1dc1ed5f712293e734228521adb7aa81256e2cbecda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cdn-edgestorageid: 885
x-dns-prefetch-control: off
cdn-cachedat: 09/09/2024 19:18:08
cdn-pullzone: 2401767
content-length: 18
x-xss-protection: 1; mode=block
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"12-+Uk2fo/m5WOOrtsTlQ1mSAIRmRA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=0
cdn-requestid: 7ea50224893c1f42a77a105950d7f0b9
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 campaigns.json Show response
cdn-account.optimonk.com/177110/ 4 KB
3 KB 67ms
10ms XHR
application/json 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-account.optimonk.com/177110/campaigns.json
Requested by: Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 65d8af74e7a554bde6ede1fa82f21f8d919ec53750e495eb3f9bcd1069136d05

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljtdUxUqWUUv6OoJjUBKN-7bePgNYkhd1JzZS5bjkMNo5zgubVsgl7SQSe_1xgtiIZLPB_Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/09/2024 16:49:36
cdn-pullzone: 951434
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 09 Sep 2024 16:40:08 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"ec738aca2c8de5d859f3798caf2d5e04"
vary: Accept-Encoding
x-goog-generation: 1725900008198442
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=uFYOag==, md5=7HOKyiyN5dhZ83mMry1eBA==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
x-goog-stored-content-length: 4066
cdn-cache: HIT
cdn-requestid: a79f9e3505dd164672128dd28d7becf7
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
984 B 1049ms
1039ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9b67f42b2108632352195b05b181bfc98609d5e88ba981bcf8a6daa5555114f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
795 B 1034ms
1033ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1844811cc02eae22c493f6a121b997aa3c38c6db2de8e6b38940065547cb6d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Group-2851-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
14 KB 7ms
7ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:16 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851-uai-258x81.png>; rel="canonical"
content-length: 14086
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:16 GMT

GET
H/1.1 200
OK 235637953
player.vimeo.com/video/ Frame 7205 0
0 649ms
625ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/235637953?

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 8c0a1406afea43c5-EWR
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Sep 2024 20:55:16 GMT
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-5d77d7cbcd-gk5rg
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-5d77d7cbcd-gk5rg
x-player-backend: g
x-served-by: cache-lga21959-LGA
x-timer: S1725915316.290016,VS0,VE341
x-turnstile-exception: 0
x-xss-protection: 1; mode=block

GET
H2 200 index-4a29d334.js Show response
onsite2.optimonk.com/script.esm/ 19 KB
7 KB 13ms
12ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/index-4a29d334.js
Requested by: Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ac75f3a93c00894c2aabcce634e39f2a4750c9e542f56b9f5dd678bfad802280

Request headers

Referer: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8lju_5UDP_tw8x5Ufh-yb2mTrCCsDcwztyGpsDeNos6NIFuG7XmMG4EE_LNKPc3z5ZAqAtzppZCOyag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:15
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"46b1e4e6e759a7b296f37f0eff6d7163"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616323485600
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=vv2jGA==, md5=RrHk5udZp7KW838O/21xYw==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 19315
cdn-cache: HIT
cdn-requestid: 30733ce45120cd1e74a487d91ca25bd3
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
921 B 1025ms
1024ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

99c3b544a0d7af4cd2aac0e79596dcbe0f4ebf8277fa646dd5b41fadd89d0044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
791 B 1057ms
1056ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

92432d2bb385e837b1b206f60e78fdc5f0718bad42201cf54e77f6eb2aa97a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Group-2859-uai-258x34.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 5 KB
6 KB 14ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:16 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859-uai-258x34.png>; rel="canonical"
content-length: 5270
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:16 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 265 B
797 B 995ms
993ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c9e318a7363d19da0171f2b40f72375e04ec1a91a31082d85a5b13aa20f1e2c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 Group-2858-uai-258x306.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 139 KB
139 KB 14ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:16 GMT
x-ac: 1.jfk _atomic_dca HIT
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858-uai-258x306.png>; rel="canonical"
content-length: 142152
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
101 KB 52ms
51ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4332e51624890ca1520d8132cb517a574f5e820e4c27388d1ba593ae6104f377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 09 Sep 2024 20:55:16 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 51ms
50ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-998743206&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

291b2531a89ee812b28ff0513545156e38fd1628a43459c2255f29754733d2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85132
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 20:17:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Sep 2024 20:55:16 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 105ms
49ms Script
application/javascript 2600:141b:e800:b::172c:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:e800:b::172c:831f Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=38690
accept-ranges: bytes
content-length: 14628

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 80ms
37ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 09 Sep 2024 20:55:15 GMT
last-modified: Fri, 06 Sep 2024 21:17:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8546DB94C11A420E9F9EED5BCE3140CC Ref B: EWR30EDGE1412 Ref C: 2024-09-09T20:55:16Z
etag: "016326a20db1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14313

GET
H2 200 hotjar-2001329.js Show response
static.hotjar.com/c/ 15 KB
6 KB 148ms
97ms Script
application/javascript 108.138.106.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-101.jfk50.r.cloudfront.net

Software

Resource Hash

6e7be345e3774b6a8448d1070aed099bf40c00990a3d82c9887da32e57c554fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2301ef513d768666e30ce282b9045098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/c495899fa5d088cd388998105ee774b6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 7JBz2yLh9rZkoMJrXMT4bOA0Ir7K2GSGNQA08uPbLOp_YfkHGOvFDw==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 81ms
25ms Script
text/javascript 2600:9000:23cb:ea00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: M_2AOfSDCQx2zhzkh6_SJDABrsA.7Kgg
Content-Encoding: gzip
Via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
Date: Mon, 09 Sep 2024 20:12:41 GMT
Age: 2556
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 22 Aug 2024 15:43:23 GMT
Server: AmazonS3
Etag: W/"8477adc58c3f773d12fe1e360fd6ff0c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 3Ijpu79zqqHwyFUpGx7Y_q4nsbzz5stRFnoz90mvomq4A_crudf2Yg==

GET
H2 200 2113031.js Show response
js.hs-scripts.com/ 3 KB
1 KB 198ms
150ms Script
application/javascript 2606:4700::6810:8cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/2113031.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3fb890c8a0356b8e93e51c5d380b109d4e693d8c7d4bc716654b27ba4700d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 559c1bf2-b707-4bf8-b1eb-f50603948352
x-envoy-upstream-service-time: 26
content-length: 668
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 559c1bf2-b707-4bf8-b1eb-f50603948352
last-modified: Mon, 09 Sep 2024 20:55:16 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-qc926
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8c0a1407ac7b7ce4-EWR
expires: Mon, 09 Sep 2024 20:56:46 GMT

GET
H2 200 analytics.js Show response
media.fraud.net/shield/js/v1/ 98 KB
30 KB 84ms
30ms Script
application/javascript 18.238.49.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.fraud.net/shield/js/v1/analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-94.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:53:50 GMT
content-encoding: gzip
via: 1.1 b15f339834cfb5119481b1c1eb890372.cloudfront.net (CloudFront)
last-modified: Thu, 28 Feb 2019 18:42:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 87
etag: "7479109d61e7cc42fa7496c3a2a11d5e"
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=300, no-transform, public
accept-ranges: bytes
content-length: 30572
x-amz-cf-id: 3gl_2MKkPAlKXEM4SyUbDkN1SoN7bRzbG2GRvhRphzitjye6V9Gz_g==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 32ms
11ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Sep 2024 20:55:16 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=23, mss=1232, tbw=4336, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 9f+Y5wLV1uYyoN+uZpdeekRJL4PSD4a3QEJ6yCtQF9PYUb+XikmXY5r2PsOUKBaYKOofR6DTap/hN4J4Kr+nfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 60e76b46e4c4e9001293ca88 Show response
ws.zoominfo.com/pixel/ 4 KB
2 KB 201ms
167ms Script
text/javascript 2606:4700::6810:752b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:752b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

01d35c780264bd31fb66af96c0b2839cb4a78037e2561385a4e4c36a3c474137

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8c0a14078db24289-EWR

GET
H2 200 Home Show response
track.cbdatatracker.com/ 2 B
180 B 383ms
90ms Script
text/html 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/Home?v=3&id=%27c2035064-646d-4517-860a-a8c2a7c110ea%27
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:13 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
cache-control: private
alt-svc: h3=":443";
content-length: 2

GET
H2 200 2749.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
2 KB 321ms
216ms Script
text/javascript 2606:4700::6812:1fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/2749.js?p=https://fraud.net/&e=

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a246a6641327b3657c7426dc83505e09fb76ddc039812f75ad48b872fc96505

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-disposition: inline
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cf-ray: 8c0a1407fb9542bf-EWR

GET
H2 200 os.min.js Show response
s.opensend.com/ 34 KB
10 KB 97ms
15ms Script
text/javascript 18.164.124.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.opensend.com/os.min.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd7d32a54f8f81c325ffe074bd515707bd15c12daf19b51312943aaba69c4ff7

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 06:44:50 GMT
content-encoding: br
via: 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2024 08:42:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 51027
x-amz-server-side-encryption: AES256
etag: W/"e2ff3025d52acb10d2cdde6fec6b8e99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: huAuGzDwvGCHTti_ADmdDV2uQNXJ8CX-1xpSYLZBkCT-atOFhCg4xA==

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 296 B
820 B 991ms
986ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

14822af6e9685e0d7d7e3eaa1bea7dd7b0d3d3edc787dddd8c8997747342873b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
790 B 936ms
935ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

54b9018e50156270cc59c34732966d3461f566ecfc4fa8c0234c41af33e21d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 45ms
10ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 09 Sep 2024 20:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2952
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 09 Sep 2024 22:06:04 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 266 B
793 B 984ms
982ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ab0e24f7fcf11a5b894764ac662636b091303c97ab7b1f69ca5b6b24cb214e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
x-ac: 1.jfk _atomic_dca BYPASS
host-header: wpcloud
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
access-control-allow-headers: origin
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Group-2854-uai-258x74.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 21 KB
21 KB 22ms
21ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:16 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854-uai-258x74.png>; rel="canonical"
content-length: 21518
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:16 GMT

POST
H2 429 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
1 KB 34ms
25ms XHR
text/html 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
strict-transport-security: max-age=31536000
x-ac: 1.jfk _atomic_dca BYPASS
server: nginx
etag: "62cd98f7-490"
content-type: text/html
alt-svc: h3=":443"; ma=86400
content-length: 1168

GET
H2 200 embedded.8863a9ec.js Show response
onsite2.optimonk.com/script.esm/ 170 KB
55 KB 21ms
16ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/embedded.8863a9ec.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 48d330c460234a97e28472e988bce90883d37629813e38e114fd195460dff5b9

Request headers

Referer: https://onsite2.optimonk.com/script.esm/index-4a29d334.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljuh0cliY4izZlI4uFZeSIYL6b3bBOj0-tgX2W8naEV402e2Yqdw4Qr250JvYK_suBuw5NJ1KxkOEg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:15
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:51:57 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"e3ab7e3dde3b76b905173726acf8a771"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616316982089
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=wdAEoQ==, md5=46t+Pd47drkFFzcmrPincQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 174187
cdn-cache: HIT
cdn-requestid: 733d50b9b0032bd2fedff5e5b8743247
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 IPBlockValidator-c971e674.js Show response
onsite2.optimonk.com/script.esm/ 530 B
1 KB 15ms
10ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/IPBlockValidator-c971e674.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 40e35369f9d486c91e9f682ebdaa5fa519867c77bcbdea1d905dcb3d16a112cb

Request headers

Referer: https://onsite2.optimonk.com/script.esm/index-4a29d334.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljvZJwkKnmBhzR4tYLeLYztGiYSnIJv0xZ1GwUl2Xy2l-rOK4McYJASgAJpPb1N1Q0XiMp9G5sDgyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:15
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:04 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"5b6c026ea05a4f2e622905adcee2709d"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616324418915
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=IOROug==, md5=W2wCbqBaTy5iKQWtzuJwnQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 530
cdn-cache: HIT
cdn-requestid: ac0a5ba5eb91a4e551884da1d9c09d6c
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 429 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
1 KB 40ms
36ms XHR
text/html 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
strict-transport-security: max-age=31536000
x-ac: 1.jfk _atomic_dca BYPASS
server: nginx
etag: "62cd98f7-490"
content-type: text/html
alt-svc: h3=":443"; ma=86400
content-length: 1168

GET
H3 200 Group-2851@2x-uai-258x81.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 14 KB
15 KB 20ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:16 GMT
x-ac: 1.jfk _atomic_dca HIT
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:09:12 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851@2x-uai-258x81.png>; rel="canonical"
content-length: 14643
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:16 GMT

GET
H3 200 fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/ 7 KB
7 KB 14ms
13ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:16 GMT
x-ac: 2.jfk _atomic_dca HIT
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:08:55 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/10/fraud-dot-net-background-dots-bottom-sm-uai-258x194.jpg>; rel="canonical"
content-length: 7103
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:16 GMT

GET
H3 200 1567786626743241 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 96ms
95ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1567786626743241?v=2.9.167&r=stable&domain=fraud.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe854c6aefd5b77a0164fd6173b3c0532abc5d6a2e3ab64bc3974235727ab850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 09 Sep 2024 20:55:16 GMT
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=72, mss=1232, tbw=67008, tp=63, tpl=0, uplat=84, ullat=0
pragma: public
x-fb-debug: UsECx1rqus1ccrOjFG7lVTr5NjC+qeVLygPhEuO49c4s0+xofnjyXn40v8IArir78NgpMfuEU26yBySjRlsm9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/ 5 KB
2 KB 175ms
56ms XHR
application/json 2606:4700::6813:afbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c/json?hs_static_app=forms-embed&hs_static_app_version=1.5999&X-HubSpot-Static-App-Info=forms-embed-1.5999

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5de82e7ddc386eb666d9d7ae0ce82a94dd5e8d41e339c0a136531ef0ce18e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e33f6055-3e12-4033-a8c8-60d49a23bef0
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=86400
content-length: 1492
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e33f6055-3e12-4033-a8c8-60d49a23bef0
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8c0a1409387642a1-EWR
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-sj2pc

POST
H2 429 admin-ajax.php Show response
fraud.net/wp-admin/ 1 KB
1 KB 25ms
24ms XHR
text/html 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:16 GMT
strict-transport-security: max-age=31536000
x-ac: 1.jfk _atomic_dca BYPASS
server: nginx
etag: "62cd98f7-490"
content-type: text/html
alt-svc: h3=":443"; ma=86400
content-length: 1168

GET
H2

200

icallback.js Show response
app.brightcall.ai/js/
Redirect Chain

https://app.convolo.ai/js/icallback.js?v=0.6710214480378682&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
https://app.brightcall.ai/js/icallback.js?v=0.6710214480378682&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F

21 B
226 B

315ms
108ms

Script
text/javascript

134.122.57.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.brightcall.ai/js/icallback.js?v=0.6710214480378682&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 134.122.57.141 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: ab7a0d39522e73d16c5212fb5b33f4b43a6a37cb2c921bebdf7a25bc272da508

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: Express
etag: W/"15-eyMW0ST2tCKbWNSLfxMvkXjAFGI"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *

Redirect headers

location: https://app.brightcall.ai/js/icallback.js?v=0.6710214480378682&key=722eceab7f60d18ed20b7092f33c4d77&uri=https%3A%2F%2Ffraud.net%2F
date: Mon, 09 Sep 2024 20:55:17 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/ 4 KB
2 KB 115ms
38ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1725915316586&cv=11&fst=1725915316586&bg=ffffff&guid=ON&async=1&gtm=45be4940z879957660za201zb79957660&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&hn=www.googleadservices.com&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&npa=0&pscdl=noapi&auid=737559216.1725915316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-998743206&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fff22062d6bcd6fcf719d5e2ed34608b4b3dcdd3fd532b5241c1233c5fb0f562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 998743206
td.doubleclick.net/td/rul/ Frame 085C 0
0 64ms
37ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/998743206?random=1725915316586&cv=11&fst=1725915316586&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940z879957660za201zb79957660&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&hn=www.googleadservices.com&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&npa=0&pscdl=noapi&auid=737559216.1725915316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-998743206&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Sep 2024 20:55:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 55ms
23ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GPKLFPPQY0&gtm=45je4940v9102467835z879957660za200zb79957660&_p=1725915315677&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=429145462.1725915317&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1725915316&sct=1&seg=0&dl=https%3A%2F%2Ffraud.net%2F&dt=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1248
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 60ms
22ms Ping
text/plain 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GPKLFPPQY0&cid=429145462.1725915317&gtm=45je4940v9102467835z879957660za200zb79957660&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame B014 0
0 29ms
26ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-GPKLFPPQY0&gacid=429145462.1725915317&gtm=45je4940v9102467835z879957660za200zb79957660&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=2008142335

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPKLFPPQY0&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Sep 2024 20:55:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4000327.js Show response
bat.bing.com/p/action/ 370 B
424 B 22ms
22ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4000327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7f47f02c93d5de5de03db0ebffa39fe1060767437b086996e295c9818a05b2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 09 Sep 2024 20:55:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3000DCF05A1D428980DE7479C088DB58 Ref B: EWR30EDGE1412 Ref C: 2024-09-09T20:55:16Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

18ms
17ms

Script
application/javascript

2600:9000:23cb:ea00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 2600:9000:23cb:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 09 Sep 2024 08:26:14 GMT
Via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
Age: 44944
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fWs6ofW3zguNaygXHHFbm05ElBlGOTEjJCFkzVtUKbrB0jpt1040Wg==

Redirect headers

Date: Mon, 09 Sep 2024 16:01:48 GMT
Via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
Age: 17607
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 7uT2PX0-CXI5L_5J_5l_HmjKqYqo81Ss5j4Eq2UgV8M4cKKErIHYKA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 0
809 B 57ms
40ms Script
text/javascript 2600:9000:23cb:ea00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: SbdE0rWaNhCTIXPOjywLjmy5MqwO2LWJ
Date: Mon, 09 Sep 2024 20:20:38 GMT
Via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
Age: 2079
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 07 Sep 2024 12:40:15 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: RTI5FYD76_CcsTfAJkcgUAjJp44Drcpaqw2_rdDcnduBMO9Lvz6JFA==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
979 B 600ms
32ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=186217&time=1725915316961&url=https%3A%2F%2Ffraud.net%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYhtflqHXvltlQONifL5Q==
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8E9E3377E7F14E18BFC1909988ADE3DE Ref B: EWR30EDGE0206 Ref C: 2024-09-09T20:55:17Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 000621b5f96a1d7be5b6540e3627cbe5

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1725915316961%26li_adsId%3D578e6e72-ddfd-41ce-9730-755b07c7c86a%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQJzhO...

0
489 B

275ms
104ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQJzhOQ1Gqx4JgAAAZHYkcdDCHwZxklirzJH3IUCGQGpB7Pn4KjHJ4y538Hv_6DtFUqQu6442LIbVOL4awkvAnSn5evol48
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9CF84BE1CC504A859B1EB36AC3CD3B09 Ref B: EWR30EDGE0207 Ref C: 2024-09-09T20:55:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhtfl2evsUQ/DuZoV5rA==

Redirect headers

date: Mon, 09 Sep 2024 20:55:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4CFF94E5692646DDA6908047CAB61901 Ref B: EWR30EDGE0714 Ref C: 2024-09-09T20:55:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1725915316961&li_adsId=578e6e72-ddfd-41ce-9730-755b07c7c86a&url=https%3A%2F%2Ffraud.net%2F&cookiesTest=true&liSync=true&e_ipv6=AQJzhOQ1Gqx4JgAAAZHYkcdDCHwZxklirzJH3IUCGQGpB7Pn4KjHJ4y538Hv_6DtFUqQu6442LIbVOL4awkvAnSn5evol48
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhtflyQz+lW8ygz445Mw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
204 B 26ms
23ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=913842133&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2F&ul=en-us&de=UTF-8&dt=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=869005165&gjid=222699538&cid=429145462.1725915317&tid=UA-35675858-1&_gid=939377633.1725915317&_r=1&_slc=1&gtm=45He4940n81WVZ4N9Xv79957660za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=589375231

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 573ms
27ms Script
application/javascript 52.72.195.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.195.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-195-133.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 20:55:17 GMT
Last-Modified: Tue, 12 Mar 2024 12:30:29 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "65f04ae5-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 557ms
23ms Script
application/javascript 3.167.56.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-55.iad61.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1c83c89ce5e3ed0b002e3445f36e0a00.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P5
age: 3565931
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5ts44GUj_d8rtqaq_DAQ5c6bDxIQijybVxYRJgwgiwa3H82yWpzMzg==

GET
H2

200

0a56520b-0bcb-4588-b73a-758be51ac3ed Show response
oirt.aggle.net/r3r/
Redirect Chain

https://oirt.aggle.net/r3r
https://oirt.aggle.net/r3r/0a56520b-0bcb-4588-b73a-758be51ac3ed

76 B
234 B

77ms
76ms

Fetch
application/json

44.242.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/r3r/0a56520b-0bcb-4588-b73a-758be51ac3ed
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 44.242.74.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-74-134.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 792ae63e3eb289954761231d45e5a63d6701f588aff8d9911a8353ce7e2d1e18

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 09 Sep 2024 20:55:17 GMT
access-control-allow-credentials: true
server: gunicorn
content-length: 76
vary: Origin
content-type: application/json

Redirect headers

date: Mon, 09 Sep 2024 20:55:17 GMT
server: gunicorn
vary: Origin
content-type: text/html; charset=utf-8
location: https://oirt.aggle.net/r3r/0a56520b-0bcb-4588-b73a-758be51ac3ed
access-control-allow-origin: https://fraud.net
access-control-allow-credentials: true
content-length: 313

POST
H2 200 after-pre-init Show response
front.optimonk.com/public/177110/embedded/ 156 B
512 B 105ms
101ms XHR
text/html 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/embedded/after-pre-init

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2c53b6def4332dec44c18b3b39eed77fb6a24b8ebee8282671fb1fd02c191e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"9c-Q+vyRkTs7EpixzsQ4i1y5rl+7Rc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
access-control-allow-origin: *
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 200 popup-7745e8a4.js Show response
onsite2.optimonk.com/script.esm/ 150 KB
45 KB 13ms
10ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Requested by: Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: b9504fadf28ad447cd297ead593a6def5ee7eb219ee801acdb39b25bb8564da1

Request headers

Referer: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljuYAfIwNcpmSNmLS6Uv1oVBu5xaVgmgsZvYVfpGe7ALqO_aOicacSsF6XgRqI66HvpfblMPV4os9Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:15
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:06 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"366b154fe7947ecf7a9ce476a9c23ad2"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616326776332
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=o+0slg==, md5=NmsVT+eUfs96nOR2qcI60g==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 153385
cdn-cache: HIT
cdn-requestid: 7a829c991f287dae620c4429f65dc73c
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wp-emoji-release.min.js Show response
fraud.net/wp-includes/js/ 18 KB
5 KB 13ms
12ms Script
application/javascript 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: nginx
x-ac: 1.jfk _atomic_dca HIT
etag: W/"667d6e6f-4926"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
187 B 551ms
57ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 Sep 2024 20:55:17 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
884 B 510ms
47ms Image
image/gif 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bf871a20-307e-47de-85fe-42bea0ffb7bc
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bf871a20-307e-47de-85fe-42bea0ffb7bc
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-xlvpp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8c0a140e9a858cd6-EWR

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
24 KB 495ms
45ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1426/bundles/project.js&cfRay=8c0a140e9f691879-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"edf91c1320ba2916398ed791b63187bc"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1426/bundles/project.js
date: Mon, 09 Sep 2024 20:55:17 GMT
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: 7DwgQA9YoOwDB6Raj9_RIwKNzf1Sd5R0
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 463e57a6-45b8-4d0d-bdd4-00db2799e6a3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 463e57a6-45b8-4d0d-bdd4-00db2799e6a3
last-modified: Wed, 28 Aug 2024 20:01:26 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQ8MfGtMpDh9QvceOIEtNDpciMn5a2nC1C7Up2tskvKOwVphZlA395QehyDi0fuSV90LxzwYe3DkvWTH6t4iXXy7LlZ%2Fuwujeu1ktbRhCx9oFAthZ8iTGucXN38xNLnClmSXc2eELlmCZklg"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tf4jk
cf-ray: 8c0a140e9f691879-EWR
x-amz-cf-id: nVtSBPRAk687bo15Y-G10ptnQtz9tBDtuo5czFTAAX-jHW1JWPAHjg==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 481ms
28ms Script
application/javascript 2606:4700::6812:8911
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8911 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 48202
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js&cfRay=8b1bb0854e36c472-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b6c788efa3b3fd53687b2c92c85a5a5f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js
date: Mon, 09 Sep 2024 20:55:17 GMT
x-amz-version-id: TIDmoMti0Vib7LJNFwT63dnpWuuDUZfu
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 60826f52-d0e4-4306-98ed-e278f0904e9f
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-request-id: 60826f52-d0e4-4306-98ed-e278f0904e9f
last-modified: Tue, 23 Jul 2024 12:57:23 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-dqn98
cf-ray: 8c0a140e99467cea-EWR
x-amz-cf-id: 1pujxMy79_hnyUD9FYtsKcC77oDWt3snSAkTt3629fqe_8HCLZLh9w==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2113031/ 71 KB
26 KB 588ms
136ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2113031/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d012a79ab0515377792601f0e93967d7a6817b79dc629c1d7646b4108326c337

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
x-amz-version-id: Hl8QCR0iWccX3ufxfAfg4yKrlowS45GI
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: F65YDF1MY98JBT8T
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d91478f9-97ec-4d34-80c2-02c5bf1c4e7c
x-envoy-upstream-service-time: 39
x-amz-id-2: l12XIcAR1rryfjdz2wcTSALWhVbqlNr5JrXl4oHFdBeqWQ7IuKMvC1r+phrpqDrSQeTWAqHibYw=
x-evy-trace-listener: listener_https
x-request-id: d91478f9-97ec-4d34-80c2-02c5bf1c4e7c
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 20 Jun 2024 17:17:39 GMT
server: cloudflare
etag: W/"17e547383262b8716e4331c10f40637d"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-647fb
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8c0a140e9b898cb3-EWR
expires: Mon, 09 Sep 2024 21:00:17 GMT

GET
H2 200 2113031.js Show response
js.hs-analytics.net/analytics/1725915300000/ 68 KB
25 KB 572ms
121ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1725915300000/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 899db695d83c9611e4f6ce9df91aa731a190141443b9bf58530251f676af25fa

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 7PF0AYW9C9MAHZB3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a912a446-d16c-489b-9083-1a4a4898b9e1
x-envoy-upstream-service-time: 19
x-amz-id-2: AjRtVRSf0wr49isFgk/o/rIH4WueOPuwmFR8v8SORvq4g7HPgsk5qL4mS3ox7wV70agfzhJfV7atmx6Il9CdSg==
x-evy-trace-listener: listener_https
x-request-id: a912a446-d16c-489b-9083-1a4a4898b9e1
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 09 Sep 2024 20:17:53 GMT
server: cloudflare
etag: W/"2f4cef7a8f449430fde542c436471370"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-ll4br
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8c0a140e9913437f-EWR
expires: Mon, 09 Sep 2024 21:00:17 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 104ms
46ms Script
application/javascript 2606:4700::6810:6dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8b220718abd04cf4-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"ac41634810840adc02ea51748cb19c2f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.586/bundles/project.js
date: Mon, 09 Sep 2024 20:55:17 GMT
x-amz-version-id: FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: a2ff696c-bf0d-4c2b-9439-08775d7bf0f2
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 48
x-evy-trace-route-configuration: listener_https/all
x-request-id: a2ff696c-bf0d-4c2b-9439-08775d7bf0f2
last-modified: Tue, 23 Jul 2024 12:55:20 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-c2t4f
cf-ray: 8c0a140ecbfa434a-EWR
x-amz-cf-id: 9HePcoa-nyTZGb0aw2R1ioERgesXX5E2TEjKeVdxtJ02r0yEyy7Uyg==

POST tp2
device.fraud.net/com.snowplowanalytics.snowplow/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 47ms
15ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1725915317101&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725915317099.109692229442810833&cs_est=true&ler=empty&cdl=API_unavailable&it=1725915316534&coo=false&rqm=GET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1328, tbw=2815, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 09 Sep 2024 20:55:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 135ms
110ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2F&rl=&if=false&ts=1725915317101&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725915317099.109692229442810833&cs_est=true&ler=empty&cdl=API_unavailable&it=1725915316534&coo=false&rqm=FGET

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 09 Sep 2024 20:55:17 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7412749842649499317", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=12, mss=1328, tbw=3133, tp=-1, tpl=-1, uplat=98, ullat=0
pragma: no-cache
x-fb-debug: V25QXHksPg04Hdk4nmwqJW0RRKNiGVktlTtGBCcosY4pv92RF13nNkyBiAuy973Yi3tlihUzcfDZI5/nzORSXA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7412749842649499317"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 128ms
126ms Ping
text/html 2606:4700::6812:1fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/2749.js?p=https://fraud.net/&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryL7Xq3h5mzmFPzqmP

Response headers

GET
H3 200 MicrosoftTeams-image-2-2.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 192 KB
192 KB 14ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:33:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/MicrosoftTeams-image-2-2.png>; rel="canonical"
content-length: 196542
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 63ms
35ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_317c2043_a6ad_46ce_9569_a6811fce9479&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e6d77c94818f36ffce64b1481dea24f243efa3a650ab6bdfa3eb30f67b31317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires: Mon, 09 Sep 2024 20:55:17 GMT

GET
H2 200 HVT2SOYWOBESJB535C7MUS Show response
d.adroll.com/consent/check/ 524 B
1 KB 85ms
21ms Script
application/javascript 2600:1f18:61c0:2205:33cf:a369:fe86:653f
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&_s=643505916c2ee6f815d4d8ab1454deea&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:33cf:a369:fe86:653f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 228bca20e8d349c846c798529bd21944816dfb4f16d2a77ba27403e63d125636

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
date: Mon, 09 Sep 2024 20:55:17 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 524
content-type: application/javascript

GET
H3 200 /
www.google.com/pagead/1p-user-list/998743206/ 42 B
64 B 46ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998743206/?random=1725915316586&cv=11&fst=1725912000000&bg=ffffff&guid=ON&async=1&gtm=45be4940z879957660za201zb79957660&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffraud.net%2F&hn=www.googleadservices.com&frm=0&tiba=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&npa=0&pscdl=noapi&auid=737559216.1725915316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnft_NITYYv4h_vV0Lm9GVX-CI1nd7-wQ&random=152588016&rmt_tld=0&ipr=y

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
538 B 46ms
45ms Image
image/gif 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 110f354b-3594-48be-abcf-6bf261aff189
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 110f354b-3594-48be-abcf-6bf261aff189
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-57rnd
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8c0a140f0b028cd6-EWR

GET
H3 200 Group-2851.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 304 KB
305 KB 18ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2851.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:15:11 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2851.png>; rel="canonical"
content-length: 311451
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

GET
H3 200 Group-2858.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 235 KB
236 KB 15ms
14ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2858.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:30 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2858.png>; rel="canonical"
content-length: 241112
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

GET
H3 200 Group-2859.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 84 KB
84 KB 15ms
15ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2859.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:37 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2859.png>; rel="canonical"
content-length: 85846
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

GET
H3 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
192 KB 19ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 2.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

GET
H3 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
265 KB 19ms
18ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 1.jfk _atomic_dca MISS
strict-transport-security: max-age=15552000
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

OPTIONS tp2
device.fraud.net/com.snowplowanalytics.snowplow/ Frame 0
0

GET
H2 204 0
bat.bing.com/action/ 0
361 B 31ms
30ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=69ae7dec-2768-4371-8633-21287dd78038&sid=d19e22a06eed11ef90204ff2f23177fe&vid=d19e53806eed11ef9df08922ace4efbe&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&p=https%3A%2F%2Ffraud.net%2F&r=&lt=1637&evt=pageLoad&sv=1&cdb=AQAQ&rn=72911

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 09 Sep 2024 20:55:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2CC0FAA6A8D476A97A86A5D065C1894 Ref B: EWR30EDGE1412 Ref C: 2024-09-09T20:55:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 device-bb6e936e.js Show response
onsite2.optimonk.com/script.esm/ 1 KB
2 KB 27ms
9ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/device-bb6e936e.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 3a5cecf97c1dc33e9ce6bd80b347c5275c2d2467ec578bfa1403246e3bfd7380

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AHxI1nPWbf9f9eYofT8XsGRWCWHe0d18lANd1mX907ZXNHoCYDXM9cSP10iNE8qgWoL_SnY219cpruzEHw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 08/13/2024 12:04:04
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 12 Aug 2024 10:14:45 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6dbb1851f07442a8dd235ab92f2a5fd4"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1723457684941182
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=A6+C8Q==, md5=bbsYUfB0QqjdI1q5Lypf1A==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 1238
cdn-cache: HIT
cdn-requestid: e272a8e35a54e5fe96efb5afcade46d6
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 objectWithoutPropertiesLoose-5546e819.js Show response
onsite2.optimonk.com/script.esm/ 155 B
1 KB 31ms
14ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/objectWithoutPropertiesLoose-5546e819.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 983fda9725053de0d9a9e8227b0783df4be757adae3f4d9b2b08e0d24f8d5f71

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AHxI1nNjtD_yFUul-KSc__1s2SOit6mVqhuTnJmeKVosb_WUgWJyTHXKdsbzvB_nbADcbwDSJFku1nNMWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 08/13/2024 12:04:04
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 12 Aug 2024 10:14:45 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6e61ebb0482317b2fe26badf92a96870"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1723457685755900
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=cUUpTw==, md5=bmHrsEgjF7L+JrrfkqlocA==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 155
cdn-cache: HIT
cdn-requestid: b593c8dd20096ad5adf166917e04e357
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 CountDown-488015df.js Show response
onsite2.optimonk.com/script.esm/ 7 KB
4 KB 27ms
10ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/CountDown-488015df.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ae36270ca4d3fd7dc6757faf8140749b0e5f06ab09c5cd7ef80e61bb874f67ce

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljvYMw5DZcyYrGU3hDNmT2ZOVe3YCXjPCMS3S9tTUONOyb9mIcwPG0uZKk0ob7vzIAeZaqsmHA-I1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:51:55 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d8c44d050a71068852116e494ce27fc5"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616315007935
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=UFADKA==, md5=2MRNBQpxBohSEW5JTOJ/xQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 7229
cdn-cache: HIT
cdn-requestid: 9307155c1a5c05d3c7e92a87afb3d7b4
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 CampaignProgressState-c8f73300.js Show response
onsite2.optimonk.com/script.esm/ 183 B
1 KB 30ms
13ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/CampaignProgressState-c8f73300.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ba140dc9289eab43a55921ef57388e85af30f1f2c9c33dfda8408294c26e9347

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AHxI1nN1e6hJ4RoGugh28Y-UskJD-VELkkajIwDssr9QovkBspe0rCli-tw1aQG3MNcNzMZr3oXFltZuJA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 08/13/2024 12:04:04
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 12 Aug 2024 10:14:44 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"a616ca61f0ceb368d6d90e8c3105e279"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1723457684279818
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=XmznaQ==, md5=phbKYfDOs2jW2Q6MMQXieQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 183
cdn-cache: HIT
cdn-requestid: 8e9282bea04c681a8cdadb85684b4d20
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Validator-ad0b0e25.js Show response
onsite2.optimonk.com/script.esm/ 4 KB
3 KB 34ms
18ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/Validator-ad0b0e25.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 908065730650dcb360e26b99281cc2c1bef6576cd10fab2aa1b72de2b6003c11

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljtClpr5Dk_k_23elGCAnj1giJcEaBXesWbzmJNKQrXQkk6IseZyYhvf4qJ3VdwmrRxGkngfV-8hhg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:11 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"a132278a62cc682e7ee007cb8bfb92f0"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616331123243
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=/WywJg==, md5=oTInimLMaC5+4AfLi/uS8A==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 3921
cdn-cache: HIT
cdn-requestid: b54ccf84dda49ccdb9426eded7bd4e5e
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ViewedPageValidator-03ab1893.js Show response
onsite2.optimonk.com/script.esm/ 3 KB
2 KB 27ms
12ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/ViewedPageValidator-03ab1893.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 27e2004b93f9a10086e59f18b71ce80a05e981885ab67c7a08bca7bcd7ca22ce

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljspt2ZtsXpLq5vpAJPel5e1SLXefudBOYK8lkNJCoHSIVZvRjRaDcbE3aCMrwTcZz7oULJEruHdkw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:11 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"0c868b400b45a85f0cdb4a77f33ca16e"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616331129497
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=/ZXaZg==, md5=DIaLQAtFqF8M20p38zyhbg==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 3333
cdn-cache: HIT
cdn-requestid: ae45d195d5aecfa060e6f431f58ed514
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 index-8d12662e.js Show response
onsite2.optimonk.com/script.esm/ 7 KB
3 KB 27ms
13ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/index-8d12662e.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 1ba8c25f2af18480113ea22a72920c491f92f38ce353abe5fa75601ccb162e6d

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8lju5pE91f6O0d7IxSEOTrYaOVcmrnfAsyPQpNC7wz6dLnCnED2Nc2t83ClZEvgyTPqTU3Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:04 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"f79f6be5d7e9cb269099bdea822c26d1"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616324204391
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=3MP0IA==, md5=959r5dfpyyaQmb3qgiwm0Q==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 6782
cdn-cache: HIT
cdn-requestid: 5d2154b6a095b650dbd2305ea0047ef1
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 SpellCheckHelper-ac7a48df.js Show response
onsite2.optimonk.com/script.esm/ 1 KB
2 KB 34ms
20ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/SpellCheckHelper-ac7a48df.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 1993a894f8c63c14fec96a4f29f33e14d33afc94a1aab689d4459eb10d6cfb49

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljs3-0LDo1guncb58x8lmVCxDnH3m6VnYWU6yFdgLwtUO-4HMIeFwwvMwdtED_j9qjn4mxJm312u5Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:09 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d714e78df482a468e6e3ff704981113c"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616329606952
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=uiRmkA==, md5=1xTnjfSCpGjm4/9wSYERPA==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 1122
cdn-cache: HIT
cdn-requestid: d542d4e7b177f72131027c3c483c0df4
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Cart-0a8548cf.js Show response
onsite2.optimonk.com/script.esm/ 405 B
1 KB 19ms
13ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/Cart-0a8548cf.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 3c496577c3a2683ca878045367f3774a8a82d0e185e3de90b7c32d0ae737ef65

Request headers

Referer: https://onsite2.optimonk.com/script.esm/CountDown-488015df.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8lju1MCo7SRqHnw4H7OdYv1HPUR2Oj7NfmTX5Fz5oY9ruibr1yQ3qdzVxUhcHPL9hVR8v24bsJ_o5rw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:51:53 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"356b6973096ef70f7c6bda074d87c6b1"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616313525442
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=VltFOQ==, md5=NWtpcwlu9w98a9oHTYfGsQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 405
cdn-cache: HIT
cdn-requestid: ddffa86d6cbf0da5aebb99cb803910e9
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 32ms
31ms Image
image/gif 52.72.195.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2F&h[referrer]=&h[title]=AI%20Fraud%20Detection%20for%20Enterprises%20%7C%20Fraud.net&h[user_agent]=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1725915317568

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.195.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-195-133.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Sep 2024 20:55:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 09 Sep 2024 20:55:17 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 optimonk.min.css
cdn-asset.optimonk.com/bundles/wseoptimonk/css/ 15 KB
3 KB 73ms
11ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/bundles/wseoptimonk/css/optimonk.min.css?v=b2efbc5949

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 885
x-dns-prefetch-control: off
cdn-cachedat: 08/29/2024 04:34:28
cdn-pullzone: 580384
x-xss-protection: 1; mode=block
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3c5f-+aJzZURpEvNsmjMFlnXjMeoe03w"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: c1314a9cf8b0dcbc843eaaeea238877c
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
76 B 44ms
40ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 Sep 2024 20:55:17 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 823ms
252ms XHR
application/json 54.170.235.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2001329&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.170.235.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-235-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 82c640ec85f1687b7523bcee505819818aed200dd67a76b1307d0e18cbcd3262

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 Sep 2024 20:55:18 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 95 B
1 KB 50ms
47ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2113031&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 857e22f6-2281-4efc-9ad8-e6bd91b21378
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 857e22f6-2281-4efc-9ad8-e6bd91b21378
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZavlzSDooh%2FJXX0RArd5gKHyIjiySD%2BOUpRG%2BuTK1r%2B4Mjco13gTFq7SFoStZxK83bK8msH7XCqlMCnS1fLiSlc10CtIhsxIJlb8we9Zlv1fsdyysQTvW95lUyFJgl1aCydUmo2xcIgTueGQeJf8NVXPTaCwqZYzUJE%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8c0a141028a81879-EWR
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-9nz4q

GET
H3 200 Group-2854.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 265 KB
0 0ms
0ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Group-2854.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 1.jfk _atomic_dca MISS
last-modified: Fri, 03 Sep 2021 16:14:08 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Group-2854.png>; rel="canonical"
content-length: 271391
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

GET
H3 200 Computer-Appstore-e1628881087778-uai-1032x638.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 191 KB
0 0ms
0ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:17 GMT
x-ac: 2.jfk _atomic_dca MISS
last-modified: Fri, 03 Dec 2021 13:48:14 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Computer-Appstore-e1628881087778-uai-1032x638.png>; rel="canonical"
content-length: 195680
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:17 GMT

POST
H3 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
40 B 36ms
36ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 Sep 2024 20:55:17 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 66cf30d56384280024f76f55.html Show response
cdn-renderer.optimonk.com/ssr/177110/ Frame 3D04 24 KB
5 KB 341ms
9ms XHR
text/html 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-renderer.optimonk.com/ssr/177110/66cf30d56384280024f76f55.html?v=1724878082&v2=1724878086

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/popup-7745e8a4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

aa17fa46ba42b260bf413dfcf1d0962c8aa7f5d6f23506ec15bac2a7f2e7fc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-download-options: noopen
date: Mon, 09 Sep 2024 20:55:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
cdn-edgestorageid: 885
x-dns-prefetch-control: off
cdn-cachedat: 09/09/2024 13:17:47
cdn-pullzone: 736120
x-xss-protection: 0
referrer-policy: no-referrer
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6067-VNpZmUaBZu9ru9ZoRr/wiYhhIbQ"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fraud.net
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-credentials: true
cache-control: public, max-age=2592000
cdn-requestid: 55a212c8d9e8c5634d4d4904e08dcb18
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/ 536 KB
212 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_317c2043_a6ad_46ce_9569_a6811fce9479&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216812
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 04:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Sep 2025 20:15:50 GMT

GET
H2 200 iframe_content.html
x.adroll.com/pxl/ Frame 76F9 0
0 55ms
13ms Document
text/html 2600:1f18:61c0:2208:9d42:2610:200e:3961
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:61c0:2208:9d42:2610:200e:3961 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
ad-auction-allowed: true
content-encoding: zstd
content-length: 427
content-type: text/html
date: Mon, 09 Sep 2024 20:55:18 GMT
last-modified: Mon, 09 Sep 2024 11:55:10 GMT

GET
H2 200 ML43PNVWLZH6BAVX2UYHRM Show response
d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ 393 B
1 KB 18ms
17ms Script
text/plain 2600:1f18:61c0:2205:33cf:a369:fe86:653f
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adroll_s_ref=&keyw=&p0=1320&xa4=1
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:33cf:a369:fe86:653f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ec3252df16f423d8a4f1711df333731b41000e730ca00cd50341a8a8769450bd

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *fraud.net/*
x-segment-display-name: FN Homepage
x-segment-eid: 6SMH2DHXINFNDD52UNEEKG
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: ML43PNVWLZH6BAVX2UYHRM
x-rule-type: s
x-segment-name: d1dcd5e9
x-advertisable-eid: HVT2SOYWOBESJB535C7MUS
content-length: 393
x-conversion-currency

GET
H2 200 ML43PNVWLZH6BAVX2UYHRM
ipv4.d.adroll.com/px4/HVT2SOYWOBESJB535C7MUS/ 42 B
176 B 318ms
14ms Image
image/gif 52.206.141.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&cookie=&adroll_s_ref=&keyw=&p0=1320&xa4=1
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.141.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-141-127.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 42
content-type: image/gif

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
449 B 46ms
41ms XHR
application/json 2606:4700::6810:6dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2113031&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea3e5108301bafe9e6b3c0f441cb248d4496f17339ebbb664413371dcaffc13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ca1118f1-81bb-49e3-8ebb-fc79626fa30d
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ca1118f1-81bb-49e3-8ebb-fc79626fa30d
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tf4jk
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8c0a1411befa434a-EWR

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
580 B 45ms
43ms Image
image/gif 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1b85303a-ee98-46ed-b5f4-d95003c14cab
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1b85303a-ee98-46ed-b5f4-d95003c14cab
last-modified: Mon, 09 Sep 2024 20:55:18 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-bgvl9
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8c0a1411be298cd6-EWR

POST
H2 200 csc Show response
oirt.aggle.net/ 3 KB
3 KB 125ms
114ms Fetch
application/json 44.242.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/csc
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.74.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-74-134.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 5f0e7d030892959df288bdac1d32b04784a6bfd595e20d00f963b0e884adb5e7

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
server: gunicorn
vary: Origin
p3p: CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin: https://fraud.net
content-type: application/json
cache-control: no-store
access-control-allow-credentials: true
content-length: 2736

POST
H2 200 e7da54a7-2f38-4f6a-9f57-178fe485ef3c Show response
forms-na1.hubspot.com/submissions-validation/v1/validate/2113031/ 2 B
706 B 51ms
49ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c539e132-c221-43fd-a814-7af530a5290a
content-encoding: br
x-envoy-upstream-service-time: 15
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c539e132-c221-43fd-a814-7af530a5290a
server: cloudflare
access-control-max-age: 300
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-9nz4q
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMMH14cka1KNulo3Bd6zZi9WscvVuS6KUgPpaDlLKCaSA%2BNXMQlVXd4j8LA1Agb1G2bl1nGiklMx%2F0%2F8mwFiPa4DMB2huIMHO6e9FqcwrYtekEeITkOk3rlvTVLywa4WIh%2BFP0bjy4ZS9UJNVg3gsx3ouA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c0a14123a401879-EWR
access-control-allow-headers: *

OPTIONS
H2 200 csc
oirt.aggle.net/ Frame 0
0 258ms
88ms Preflight
text/html 44.242.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/csc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.74.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-74-134.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 09 Sep 2024 20:55:18 GMT
server: gunicorn
vary: Origin

OPTIONS
H2 200 e7da54a7-2f38-4f6a-9f57-178fe485ef3c
forms-na1.hubspot.com/submissions-validation/v1/validate/2113031/ Frame 0
0 46ms
32ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/2113031/e7da54a7-2f38-4f6a-9f57-178fe485ef3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://fraud.net
access-control-max-age: 300
allow: POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8c0a14120a021879-EWR
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Mon, 09 Sep 2024 20:55:18 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1y1uc%2F%2BSL2FNOjcM1JwCUPBRg4Ki0Dm0hS3xSMKgPxPjPHOF011rWSrIjF%2B4p3gkUqr%2FwaNRJSFHf3TX23ZQyGVQjjn5ZwwZTLyMH9pDnUtitRaK9t0rzHQkyKt7oalaCtNft%2FrlxFPkrgwdj3qbAmk18w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-sqh6f
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 45710f7c-7568-455b-a3e4-445d17bee3c3
x-request-id: 45710f7c-7568-455b-a3e4-445d17bee3c3

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
574 B 73ms
58ms Image
image/gif 2606:4700::6813:afbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1d4826fc-ad7f-4ab2-b4cd-8496d4ea24e0
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1d4826fc-ad7f-4ab2-b4cd-8496d4ea24e0
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-v4t4c
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8c0a14136b60c3ee-EWR

GET
H/1.1 200
OK 6SMH2DHXINFNDD52UNEEKG.js Show response
s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 3 KB
2 KB 22ms
19ms Script
text/javascript 2600:9000:23cb:ea00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c36c2b74d748eb675737328e6519ea5e69356698f797867f84151696b6db648

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: gyecTADAHVJyVdX64P5DQlF7pW5.c448
Content-Encoding: gzip
Via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
Date: Mon, 09 Sep 2024 20:20:38 GMT
Age: 2081
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 10 Apr 2024 12:31:41 GMT
Server: AmazonS3
Etag: W/"67beffca78dbb89f841054ff0afc7f7f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fDGxXn_Je4_aGV0iHgdvWwT1L0VV00pE-OSstOFaCKYNgPjBMkZWrg==

GET
H2 200 trigger
x.adroll.com/attribution/ 2 B
469 B 50ms
13ms Image
text/plain 2600:1f18:61c0:2209:54de:e092:fdc3:dce0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.adroll.com/attribution/trigger?fpc=2846258df21b118c262ce7c70190f6d8&advertisable_eid=HVT2SOYWOBESJB535C7MUS&conversion_type=PageView&conversion_value=0.00&currency=USC&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:61c0:2209:54de:e092:fdc3:dce0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"13956366576903985639","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"13956366576903985639","filters":{"source_type":["navigation"]}}],"debug_key":"6390210916947522769","debug_reporting":true,"filters":{"0":["HVT2SOYWOBESJB535C7MUS"]}}
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 14ms
14ms Script
text/javascript 2600:9000:23cb:ea00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:ea00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id: kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding: gzip
Via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
Date: Mon, 09 Sep 2024 20:51:30 GMT
Age: 229
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jun 2023 16:22:01 GMT
Server: AmazonS3
Etag: W/"4a64112c69b3c4b3f104f38d9547a094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: lFKZoqre9nciinjK-YpGBzYcEShDgtiue7xpEYesUpIlUdoL63L_Sw==

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://x.bidswitch.net/sync?dsp_id=44&user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM

43 B
289 B

29ms
27ms

Image
image/gif

35.211.202.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=X5_Yz7NKPGKFNwMIQkUsjA
https://d.adroll.com/cm/g/in

42 B
821 B

21ms
19ms

Image
image/gif

2600:1f18:61c0:2205:33cf:a369:fe86:653f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 2600:1f18:61c0:2205:33cf:a369:fe86:653f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expiration=1757451318
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expiration=1757451318&C=1

43 B
338 B

35ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expiration=1757451318&C=1
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hDib35mIX9jpcPjgb7t8XZlWfr%2FRMJd%2B7%2FVVKfuyhWCNIl6skyyrj8BJlFdAlSZlPB%2BQ7Jfw4ou0izNvAwrva6KjI4dMbjfMfeQn2387FZv3u69DLC4LW7UXisqRSx1gw4YTzds8WWji9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8c0a141498d0439a-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNLUUIGa%2Bkt77WIMs9rKiXz6WJv887OFi5GI77%2FN0HoJ7sU%2Ff%2BH8dRpPSJTLWP17ukAD1RtszHw8V9wWJQ0lMAf1FJBvIteUI%2F1NDsUGJLPimwNTl8PwtxPi4qXg%2FMzuLkf8VVc8xnv9lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expiration=1757451318&C=1
cache-control: no-cache
cf-ray: 8c0a14145882439a-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://idsync.rlcdn.com/377928.gif?partner_uid=5f9fd8cfb34a3c628537030842452c8c
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGMQABoNCLbB_bYGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=4fee8ce7377707a8e99fa92274890ce3b214f839e6af82950f4a1f0c5a81907a791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4fee8ce7377707a8e99fa92274890ce3b214f839e6af82950f4a1f0c5a81907a791426b5417dce21&rand=01065241

0
144 B

111ms
111ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4fee8ce7377707a8e99fa92274890ce3b214f839e6af82950f4a1f0c5a81907a791426b5417dce21&rand=01065241
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B42AE326EFC7407F853FFEAFF0C07E0B Ref B: EWR30EDGE0714 Ref C: 2024-09-09T20:55:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhtfl7KhXUlf+lmu8E1w==

Redirect headers

date: Mon, 09 Sep 2024 20:55:18 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4fee8ce7377707a8e99fa92274890ce3b214f839e6af82950f4a1f0c5a81907a791426b5417dce21&rand=01065241
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expires=365

42 B
1 KB

99ms
18ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expires=365
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 5e07703167439847c6c49a939083c0fd
Expires: 0

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&expires=365
pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f9fd8cfb34a3c628537030842452c8c&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f9fd8cfb34a3c628537030842452c8c&gdpr=0&gdpr_consent=

43 B
171 B

19ms
18ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f9fd8cfb34a3c628537030842452c8c&gdpr=0&gdpr_consent=
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=5f9fd8cfb34a3c628537030842452c8c&gdpr=0&gdpr_consent=
date: Mon, 09 Sep 2024 20:55:18 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=&us_privacy=1---

0
360 B

51ms
15ms

Image
text/plain

64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Server

64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 3a24f99486e8c905a603e3ede351b14a
content-length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
581 B

51ms
15ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 09 Sep 2024 20:55:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
content-type: image/gif; charset=utf-8

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
121 B

24ms
21ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.137 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.137
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Mon, 09 Sep 2024 20:55:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.137
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM

0
365 B

35ms
6ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 5242

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://eb2.3lift.com/xuid?mid=4714&xuid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

24ms
23ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=2846258df21b118c262ce7c70190f6d8-1725915317977&flg=1&pv=32090225838.779896&arrfrr=https%3A%2F%2Ffraud.net%2F&advertisable=HVT2SOYWOBESJB535C7MUS
https://ib.adnxs.com/setuid?entity=172&code=NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM

43 B
1 KB

13ms
8ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

Server

68.67.160.75 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
an-x-request-uuid: a4d10ee4-208e-4684-b26a-54471bfcfe47
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.134; 5.181.234.134; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Sep 2024 20:55:18 GMT
an-x-request-uuid: 57a0710d-ac45-4c88-8d1a-3bc3b7a68304
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.134; 5.181.234.134; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 3E4E 0
0 59ms
45ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9mcmF1ZC5uZXQ6NDQz&hl=en&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&badge=inline&cb=ed4eq3cxlmtr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PeB6eUdy5s5lq3uCE1Ndjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PeB6eUdy5s5lq3uCE1Ndjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Sep 2024 20:55:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
192 B 110ms
108ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9FA8B019E0D849A493CB342FD653EE4D Ref B: EWR30EDGE0714 Ref C: 2024-09-09T20:55:18Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://fraud.net
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYhtfl4banDH/taLqapYQ==

GET
H2

200

p.json Show response
alocdn.com/c/9rgi64bf/a/xtarget/
Redirect Chain

https://alocdn.com/c/9rgi64bf/a/xtarget/p.json
https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F

48 B
240 B

138ms
138ms

Fetch
application/json

52.27.154.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F
Protocol: H2
Server: 52.27.154.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-154-167.us-west-2.compute.amazonaws.com
Software: Jetty(11.0.14) /
Resource Hash: 890dea6530b54e3df6f49041ef9d5cd0b1d452c5b5164d1979a6c05944ea7c51

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 09 Sep 2024 20:55:19 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
server: Jetty(11.0.14)
content-type: application/json

Redirect headers

date: Mon, 09 Sep 2024 20:55:19 GMT
server: Jetty(11.0.14)
content-type: application/json
location: https://alocdn.com/c/9rgi64bf/a/xtarget/p.json?tdc=1&url=https%3A%2F%2Ffraud.net%2F
access-control-allow-origin: https://fraud.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK t.dhj Show response
pxdrop.lijit.com/1/d/ 2 KB
2 KB 64ms
12ms Script
application/javascript 23.196.3.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?cls=append&pubid=techlist&puu=0a56520b-0bcb-4588-b73a-758be51ac3ed&dmn=fraud.net

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.181 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-181.deploy.static.akamaitechnologies.com

Software

Resource Hash

2e7d55c206337ee9ea9573fbce8e75b67885acbc8dcf871e0fabbb93115912f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 20:55:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1397
Expires: Mon, 09 Sep 2024 21:55:18 GMT

GET
H2 200 igfad
aggle.net/ 43 B
504 B 230ms
90ms Image
image/gif 3.33.163.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aggle.net/igfad?pid=A7D4T45C&check=1&_=1725915318
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 70a4cd5d0ba7c6b43eae942a9cfa53f75bb275cce10031e5d6afec299f94c708

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Mon, 09 Sep 2024 20:55:18 GMT
cache-control: no-cache, no-store
expires: Mon, 09 Sep 2024 20:55:19 GMT
server: gunicorn
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

85221
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/85221?&aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_=0.6312981191534182
https://i.liadm.com/s/85221?=&aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_li_chk=true&_=0.6312981191534182
https://i6.liadm.com/s/85221?aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_=0.6312981191534182

43 B
548 B

100ms
23ms

Image
image/gif

2600:1f18:ed:550f:8694:a3e:b8a1:a64b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/85221?aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_=0.6312981191534182

Requested by

Host: fraud.net
URL: https://fraud.net/

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:8694:a3e:b8a1:a64b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 20:55:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/85221?aid=0a56520b-0bcb-4588-b73a-758be51ac3ed&ref=7E885003&_=0.6312981191534182
Date: Mon, 09 Sep 2024 20:55:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 fraudnet_logo_whi_1724855006700.png
editor-upload-cdn.optimonk.com/userImages/177110/66cf30d56384280024f76f55/ 83 KB
84 KB 66ms
12ms Image
image/webp 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/66cf30d56384280024f76f55/fraudnet_logo_whi_1724855006700.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: c00be3d5243ab556e3b2d0297aa17946a69da69e88ab37474280e47033ee48c5

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
x-downloadsize: 304168
cdn-edgestorageid: 885
x-bo-processingtime: 446
x-bo-version: 1.0.25
cdn-cachedat: 08/28/2024 20:03:04
cdn-pullzone: 573677
content-length: 85132
x-bo-server: DE-233
last-modified: Wed, 28 Aug 2024 20:03:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 258
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 72.01%
cdn-requestid: 42c98fbcf007b78a812f2d27fa78d764
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Peach%20Steps%20to%20Su_1724875207659.png
editor-upload-cdn.optimonk.com/userImages/177110/66cf30d56384280024f76f55/ 137 KB
138 KB 78ms
25ms Image
image/webp 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/66cf30d56384280024f76f55/Peach%20Steps%20to%20Su_1724875207659.png
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: f38e5448eafdb04fe6acbe77b220a0692eb646712ec0260bcb080f781e1d2e15

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:18 GMT
x-downloadsize: 140514
cdn-edgestorageid: 885
x-bo-processingtime: 295
x-bo-version: 1.0.25
cdn-cachedat: 08/28/2024 20:03:04
cdn-pullzone: 573677
content-length: 140514
x-bo-processing-error: 104
x-bo-server: DE-137
last-modified: Wed, 28 Aug 2024 20:03:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 216
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 0%
cdn-requestid: 754d01a60be26dcc8819600219e752f4
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK t_.htm
pxdrop.lijit.com/a/ Frame 3F07 0
0 31ms
12ms Document
text/html 23.196.3.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.1523.808&cid=c026&cls=append
Requested by: Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=append&pubid=techlist&puu=0a56520b-0bcb-4588-b73a-758be51ac3ed&dmn=fraud.net
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1190
Content-Type: text/html
Date: Mon, 09 Sep 2024 20:55:18 GMT
Expires: Mon, 16 Sep 2024 20:55:18 GMT
X-Robots-Tag: noindex, nofollow

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
748 B 233ms
58ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=880384190&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=AI+Fraud+Detection+for+Enterprises+%7C+Fraud.net&cts=1725915318877&vi=741a65c45951fe0b9962c81fd6c4d80e&nc=true&u=57037109.741a65c45951fe0b9962c81fd6c4d80e.1725915318873.1725915318873.1725915318873.1&b=57037109.1.1725915318873&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 328f5fc8-a241-4c6c-95cb-76d25dbfa046
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 328f5fc8-a241-4c6c-95cb-76d25dbfa046
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPFxDO5A7z0pX6DU4kg8CrDvOLiL1ixEc7%2BhsZRGJ0VriHyaJIillFsXR4vj5oPu%2BXVFjl%2Fu6exScs5LjkJKeX1OpUu8pZckFJmMTlYu4cqhJHO6oyBQACRXE%2BAo9DHmeBQ2Jy6qBJldyBeWNw0G"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-fgd74
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8c0a14181ca141b2-EWR
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 222ms
53ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=e7da54a7-2f38-4f6a-9f57-178fe485ef3c&fci=317c2043-a6ad-46ce-9569-a6811fce9479&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=880384190&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2F&pu=https%3A%2F%2Ffraud.net%2F&t=AI+Fraud+Detection+for+Enterprises+%7C+Fraud.net&cts=1725915318878&vi=741a65c45951fe0b9962c81fd6c4d80e&nc=true&u=57037109.741a65c45951fe0b9962c81fd6c4d80e.1725915318873.1725915318873.1725915318873.1&b=57037109.1.1725915318873&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 13b2ee61-5ab7-400f-b508-11f753bc3c3b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 13b2ee61-5ab7-400f-b508-11f753bc3c3b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fM3LHIVYWWTiB3eKPxHv41ng2hSiMgB%2FPixomOmTDEeTT6lEnQWJeh3PC0ilTVRXsyzX9JgZoilLUVtjgYzKohXymwXHzCiV5p4OSrfnWzegr%2FYbLvzY78EUYgK5xjUo3viUgd%2BnJGMMZU0YVV8f"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-62r7p
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8c0a14181ca341b2-EWR
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 71ms
70ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=741a65c45951fe0b9962c81fd6c4d80e&__hstc=57037109.741a65c45951fe0b9962c81fd6c4d80e.1725915318873.1725915318873.1725915318873.1&__hssc=57037109.1.1725915318873&currentUrl=https%3A%2F%2Ffraud.net%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e999977df66d60ae8dfc8643e6838a3fb900b38c479382d8f2977ac5b2f36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 637f5bb0-3a1d-4b28-b88e-c037a8d9d327
content-encoding: br
x-envoy-upstream-service-time: 42
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 637f5bb0-3a1d-4b28-b88e-c037a8d9d327
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-p77g8
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WhzPEFvMC39e43M%2BciZxrXPgXr7AmDzuSGe3ROASUhNFX%2BmU2sWoaydeMTa1acj9iSRHi1q2dawjn13966z9ZRgLPrXlm6zkz2w8yJ4NYnHDPHsb85oxszFwN1ML%2FmEhbwUVqXy6bgQaXXWHQe5Y"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8c0a14179e8c1879-EWR

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame 33B7 0
0 26ms
26ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jdec6jNTKQGQRHTfQuZCYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jdec6jNTKQGQRHTfQuZCYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Sep 2024 20:55:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cropped-fraud_512-32x32.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/ 697 B
1 KB 7ms
7ms Other
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2018/09/cropped-fraud_512-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c6e98fc90d10e4b2724543463c3fe889e96933775b51aa030906c88c4f4873d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-nc: HIT jfk 1
date: Mon, 09 Sep 2024 20:55:19 GMT
x-ac: 2.jfk _atomic_dca HIT
strict-transport-security: max-age=15552000
last-modified: Mon, 17 Sep 2018 13:55:29 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2018/09/cropped-fraud_512-32x32.png>; rel="canonical"
content-length: 697
alt-svc: clear, h3=":443"; ma=86400
expires: Mon, 16 Sep 2024 20:55:19 GMT

GET
H2 200 igfad
aggle.net/ 43 B
502 B 89ms
88ms Image
image/gif 3.33.163.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aggle.net/igfad?pid=A7D4T45C&sync=S&md5_email=1e6bd43c500349562c46e266cab7821c&_=1725915318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 70a4cd5d0ba7c6b43eae942a9cfa53f75bb275cce10031e5d6afec299f94c708

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Mon, 09 Sep 2024 20:55:19 GMT
cache-control: no-cache, no-store
expires: Mon, 09 Sep 2024 20:55:20 GMT
server: gunicorn
content-length: 43
content-type: image/gif

GET
H2 200 igfad
aggle.net/ 43 B
694 B 85ms
85ms Image
image/gif 3.33.163.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aggle.net/igfad?pid=A7D4T45C&pih1=1e6bd43c500349562c46e266cab7821c&_=1725915318
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 70a4cd5d0ba7c6b43eae942a9cfa53f75bb275cce10031e5d6afec299f94c708

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Mon, 09 Sep 2024 20:55:19 GMT
cache-control: no-cache, no-store
expires: Mon, 09 Sep 2024 20:55:20 GMT
server: gunicorn
content-length: 43
content-type: image/gif

GET
H2 200 om.base.b11e04e1700f7342a2f9.css
cdn-asset.optimonk.com/assets/css/ 178 KB
29 KB 5ms
4ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-asset.optimonk.com/assets/css/om.base.b11e04e1700f7342a2f9.css

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.js?v=1725915315728

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

828a3847e83f9160cfb73f9f26d56585632a53e5529c2d7907a966a19c36ce37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 885
x-dns-prefetch-control: off
cdn-cachedat: 09/09/2024 14:33:22
cdn-pullzone: 580384
x-xss-protection: 1; mode=block
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2c739-Wnpp/bjBv8Df74+6DIDQbRgf4Rk"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 86a12e0df86aec68f7191b527798ec3c
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 7 KB
814 B 29ms
27ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600,800%7CRaleway:400&display=swap

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.8863a9ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c458060eb90e7a1a687af8a682f011454b1eaf36b4444d9fd3a12ab91ca0d0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Sep 2024 20:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Sep 2024 20:55:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Sep 2024 20:55:21 GMT

GET
H2 200 Orange%20and%20Gray%20G_1697494560591.png
editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/ 27 KB
28 KB 10ms
9ms Image
image/webp 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/Orange%20and%20Gray%20G_1697494560591.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 48fca59e67a7d7c9b89625fab9eb7982a02a738c3bc9bb7c1f424547820336b6

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:21 GMT
x-downloadsize: 68777
cdn-edgestorageid: 885
x-bo-processingtime: 49
x-bo-version: 1.0.25
cdn-cachedat: 08/28/2024 20:03:03
cdn-pullzone: 573677
content-length: 27766
x-bo-server: DE-243
last-modified: Wed, 28 Aug 2024 20:03:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 159
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 59.63%
cdn-requestid: 31f0dce1491bae06330374f8977a0469
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Finzly%20Brainscap%20_1694703683743.png
editor-upload-cdn.optimonk.com/userImages/177110/6503201d00bed800238d6fcd/ 89 KB
90 KB 7ms
7ms Image
image/webp 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/6503201d00bed800238d6fcd/Finzly%20Brainscap%20_1694703683743.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 3a5b10a5ae63f86ce9059ee67b064fead2fd3bf0290a6f4832adaca4411e5ff2

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:21 GMT
x-downloadsize: 194338
cdn-edgestorageid: 885
x-bo-processingtime: 158
x-bo-version: 1.0.25
cdn-cachedat: 08/28/2024 20:03:03
cdn-pullzone: 573677
content-length: 91488
x-bo-server: DE-266
last-modified: Wed, 28 Aug 2024 20:03:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 202
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 52.92%
cdn-requestid: 2fcac67b447404b9012a2d2a2f85083f
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 9ms
7ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 06:47:40 GMT
x-content-type-options: nosniff
age: 310062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 06:47:40 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 9ms
8ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 06:47:40 GMT
x-content-type-options: nosniff
age: 310062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 06:47:40 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 10ms
10ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 06:47:40 GMT
x-content-type-options: nosniff
age: 310062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 06:47:40 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
22 KB 9ms
9ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,800%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 06:27:30 GMT
x-content-type-options: nosniff
age: 311272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22432
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Sep 2025 06:27:30 GMT

POST ost
oirt.aggle.net/ 0
0

OPTIONS ost
oirt.aggle.net/ Frame 0
0

POST
H2 200 jlg Show response
oirt.aggle.net/ 16 B
557 B 97ms
95ms Fetch
application/json 44.242.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/jlg
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.74.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-74-134.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
server: gunicorn
vary: Origin
p3p: CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin: https://fraud.net
content-type: application/json
cache-control: no-store
access-control-allow-credentials: true
content-length: 16

OPTIONS
H2 200 jlg
oirt.aggle.net/ Frame 0
0 88ms
87ms Preflight
text/html 44.242.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/jlg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.74.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-74-134.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 09 Sep 2024 20:55:23 GMT
server: gunicorn
vary: Origin

POST
H2 200 ack Show response
oirt.aggle.net/ 460 B
668 B 95ms
93ms Fetch
application/json 44.242.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/ack
Requested by: Host: s.opensend.com
URL: https://s.opensend.com/os.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.74.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-74-134.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: b765202630761bc712ef378fb08824a83d48d504b3026349c0b92337c27ddb6c

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
server: gunicorn
vary: Origin
p3p: CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin: https://fraud.net
content-type: application/json
cache-control: no-store
access-control-allow-credentials: true
content-length: 460

OPTIONS
H2 200 ack
oirt.aggle.net/ Frame 0
0 88ms
88ms Preflight
text/html 44.242.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/ack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.74.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-74-134.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fraud.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://fraud.net
allow: POST, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 09 Sep 2024 20:55:23 GMT
server: gunicorn
vary: Origin

GET
H2 200 shared-2a20c7a7.js Show response
onsite2.optimonk.com/script.esm/ 8 KB
4 KB 11ms
10ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/shared-2a20c7a7.js
Requested by: Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/index-4a29d334.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 39865c447d7ed131c36563e21f1b9b9a85f124f97ba2bec06548ab5e9b081586

Request headers

Referer: https://onsite2.optimonk.com/script.esm/index-4a29d334.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljsazSURFXPSSmiQLogXz2f7i5fmxnXbz8cAI4MX9w-XGivm1S0DZw6R_wP2CAzlHZE3vOP8Cm8DeA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:08 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1571220d6dc83d5fd8227e6f452b6865"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616328758073
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=4X3h1A==, md5=FXEiDW3IPV/YIn5vRStoZQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 8026
cdn-cache: HIT
cdn-requestid: 90c940272ac050c26e7196c3893af590
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 popup-a8b42d52.js Show response
onsite2.optimonk.com/script.esm/ 10 KB
5 KB 10ms
10ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/popup-a8b42d52.js
Requested by: Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/index-4a29d334.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 3fe825d046f329602e135c09e209b42c8e46bf977fe7c1635e5cf33649734863

Request headers

Referer: https://onsite2.optimonk.com/script.esm/index-4a29d334.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljsYRJsFR3iFIWgtMMEOhEMxXWwiV6isPxOguLe_e3LCFhi3El8s2wkdLF0J2pybZWAwDA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:16
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:06 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"cb22f387d583289137dcc902bea4edcd"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616326544803
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=TZ+nsA==, md5=yyLzh9WDKJE33MkCvqTtzQ==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 9879
cdn-cache: HIT
cdn-requestid: 6c6ae388bed8ac33574cd285d39f8f06
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ReportUserAlert-c15509e5.js Show response
onsite2.optimonk.com/script.esm/ 1007 B
2 KB 17ms
15ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/ReportUserAlert-c15509e5.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 357b66a4c5b0d934e7e113673550dcd98a2458241c594afad9d3a76e3807fb50

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-a8b42d52.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljtp-GyIlVhf3fGLZUBgN_Is2t_9hLnT35ZAVKP6cmQWWfWxhCpW99z4Le5-xV_QHVZSwdTilWfG7Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/02/2024 10:11:55
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Mon, 02 Sep 2024 10:09:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"e82d865fe834efa427527f8d31f5f9a4"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725271787982187
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=OdK1fA==, md5=6C2GX+g076QnUn+NMfX5pA==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 1007
cdn-cache: HIT
cdn-requestid: e78bba23f436b8a46a90b5e9d3a8bf00
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ExperienceRuleValidator-9cd6a682.js Show response
onsite2.optimonk.com/script.esm/ 3 KB
2 KB 12ms
10ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/ExperienceRuleValidator-9cd6a682.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: a7eac1042b62bcc915df613a95bdaaeb572d90e92cc342dc3441e8a98edbb837

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-a8b42d52.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljsR1Dxi5KuF1rtkKqwcxaahpOkBl_wfj8PUh4aLgVtZOQcD3Dnx-kjPNJKox7d6bio44Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:17
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:01 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3f7bc58f95e6b301c64dfe5f80239d5a"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616321308071
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=qlHLLQ==, md5=P3vFj5XmswHGTf5fgCOdWg==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 3418
cdn-cache: HIT
cdn-requestid: 75221d4e08e242246770262bb9c1de4c
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 FollowupCouponValidator-f4471bef.js Show response
onsite2.optimonk.com/script.esm/ 543 B
1 KB 13ms
12ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/FollowupCouponValidator-f4471bef.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: e245119042c5d0e470d86f45d3b1e2480972885c8a596a237827e24e8ca34937

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-a8b42d52.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljvHCUbsSgvf_Q_wHFvFG5j-hC9V18lv5QJ90dOE9U7mxUbNlgHyzGKcTn6k3Ud8efY5xVHI6Xvpvg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:17
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:02 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6f14770772ef0e27e6a477b255553533"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616322340565
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=0WUz1w==, md5=bxR3B3LvDifmpHeyVVU1Mw==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 543
cdn-cache: HIT
cdn-requestid: 8b6c57b5473fd71d9f0847c40464d729
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 FollowupCouponManager-7ee6f306.js Show response
onsite2.optimonk.com/script.esm/ 4 KB
3 KB 12ms
11ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://onsite2.optimonk.com/script.esm/FollowupCouponManager-7ee6f306.js
Requested by: Host: fraud.net
URL: https://fraud.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 0eda23544cb883b0cedc5afc8cba5fa6161ca1edc4feba4971ed13a641b3fb14

Request headers

Referer: https://onsite2.optimonk.com/script.esm/popup-a8b42d52.js
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:23 GMT
content-encoding: br
cdn-edgestorageid: 885
x-guploader-uploadid: AD-8ljuugsTkEAoiF-1dNP2CQI-o6CbYwrPjRhTeVAqeSjpAPpS3o1vyUw48OQvT8lsAEoG14LV2rXHDjw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-cachedat: 09/06/2024 09:52:17
cdn-pullzone: 2335222
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified: Fri, 06 Sep 2024 09:52:02 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"ab9e448118b52ffbd5923691f36cecd0"
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1725616322193589
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=JCV76g==, md5=q55EgRi1L/vVkjaR82zs0A==
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
x-goog-stored-content-length: 3946
cdn-cache: HIT
cdn-requestid: bce1f4b0176dc39b282c534750c070a0
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Orange%20and%20Gray%20G_1697494560591.png
editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/ 27 KB
0 0ms
0ms Image
image/webp 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://editor-upload-cdn.optimonk.com/userImages/177110/652db14076055e002433c370/Orange%20and%20Gray%20G_1697494560591.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 48fca59e67a7d7c9b89625fab9eb7982a02a738c3bc9bb7c1f424547820336b6

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:21 GMT
x-downloadsize: 68777
cdn-edgestorageid: 885
x-bo-processingtime: 49
x-bo-version: 1.0.25
cdn-cachedat: 08/28/2024 20:03:03
cdn-pullzone: 573677
content-length: 27766
x-bo-server: DE-243
last-modified: Wed, 28 Aug 2024 20:03:03 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 159
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
x-bo-compressionratio: 59.63%
cdn-requestid: 31f0dce1491bae06330374f8977a0469
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 report Show response
front.optimonk.com/public/177110/creative/66cf30d56384280024f76f55/ 16 B
386 B 271ms
270ms XHR
application/json 188.166.193.169
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/177110/creative/66cf30d56384280024f76f55/report?action=showed&time=1725915323&campaign_id=44&uuid=8ea02831-a789-f248-a84c-4056dfbe2593&puid=8ea02831-a789-f248-a84c-4056dfbe2593-66cf30d56384280024f76f55&ctx=eyJhY2NvdW50SWQiOjE3NzExMCwiZGV2aWNlSWQiOiIyNGViOWUxZi01ZGJjLWJhZmEtM2ZkMC01MmFkZDI0ZGQwZWIiLCJzaXRlVHlwZSI6IndvcmRwcmVzcyIsInNpdGVJZCI6ImZyYXVkLm5ldCIsInNob3BpZnlZIjpudWxsLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjguMC4wLjAgU2FmYXJpLzUzNy4zNiIsInVybCI6Imh0dHBzOi8vZnJhdWQubmV0LyIsImNhbm9uaWNhbFVybCI6Imh0dHBzOi8vZnJhdWQubmV0LyIsInZpc2l0b3JJbkV4cGVyaW1lbnQiOiJbXSIsImRldmljZVR5cGUiOiJkZXNrdG9wIn0%3D

Requested by

Host: onsite2.optimonk.com
URL: https://onsite2.optimonk.com/script.esm/embedded.8863a9ec.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.193.169 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 20:55:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-length: 16
x-xss-protection: 1; mode=block
server: nginx
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-ratelimit-remaining: 4
x-ratelimit-reset: 1725915326
x-ratelimit-limit: 5

POST
H3 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
40 B 51ms
51ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://fraud.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 Sep 2024 20:55:24 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length: 26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fraud.net
URL: blob:https://fraud.net/06e8d59d-0b39-4ca5-a4c0-d38d7588c746

Domain: device.fraud.net
URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2

Domain: device.fraud.net
URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2

Domain: oirt.aggle.net
URL: https://oirt.aggle.net/ost

Domain: oirt.aggle.net
URL: https://oirt.aggle.net/ost

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 03:44:27	Name: _GRECAPTCHA Value: 09AI66gCA2HFm8gJxTOjzNaftfMRs3UHRjKVNserG-Ni4wCs9DXz5rb4kbi4G7xMMJDBBVDA0IitMf-9SV-zGDq-Q
i.liadm.com/s	1970-01-21 00:08:27	Name: _li_ss Value: CgsKCQj_____BxD1GA
i6.liadm.com/s	1970-01-21 00:08:27	Name: _li_ss Value: CgA
.hsforms.net/	1970-01-20 23:25:17	Name: __cf_bm Value: oSCdsr6wIqzAOdnHJnBJXnIDbiTlqLnKWSxbiyZ5R3M-1725915315-1.0.1.1-12ykYf3a.gWMqbrQlWhNASvxccPkp3nOYF_80mx_SssOxvCDLwNwSBfBSf54S7u11bGKptbooIj41hGpJxtajA
fraud.net/	1970-01-21 08:10:51	Name: optiMonkClientId Value: 24eb9e1f-5dbc-bafa-3fd0-52add24dd0eb
fraud.net/	1970-01-21 08:10:51	Name: optiMonkClient Value: N4IgjA7BZgDCAuUBjAho4BfANCAZgG6KQBMArAJxhkDMYAbLgDZEKmXV30B0sZZuAHYB7AA6swmTEA==
fraud.net/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1725915316
.fraud.net/	1970-01-21 01:34:51	Name: _gcl_au Value: 1.1.737559216.1725915316
.ws.zoominfo.com/	1970-01-21 08:10:51	Name: visitorId Value: 86534de8e2e727594d8b84fe2967c689c51c7076c09934e7067197f74531632e
.zoominfo.com/	1970-01-20 23:25:17	Name: __cf_bm Value: 18KvhldThGOg_ef2mefAsqaSQyPqI73AptXuw5si0Eo-1725915316-1.0.1.1-4cxzXXCBGbaPU_1RuSAdIe0KM0nB5WC0VHxCKCvfFvUyg.A5CyqB4jVKlbqQ1ZUr2oXF5RUiFbP1UNxW5sPCvg
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: U0fefsqeBqsu7Y8rl_F.OkqV6oD4vNPMMFSXJEeUJI4-1725915316555-0.0.1.1-604800000
.fraud.net/	1970-01-21 09:01:15	Name: _ga_GPKLFPPQY0 Value: GS1.1.1725915316.1.0.1725915316.60.0.0
.g2crowd.com/	1970-01-20 23:25:17	Name: __cf_bm Value: 5TtiNIuPRj8wg3R7TiySsXjOItFu4JY5vkw21icYdGg-1725915316-1.0.1.1-VDlG2ieiFPy.__jKAZA8FQ4kXYpeDLctEueWren.I_CLV1HNzoLRLSaBepRqCVV4wF7l1UJmsAxbjWD_Fcr08Q
.fraud.net/	1970-01-21 09:01:15	Name: _ga Value: GA1.2.429145462.1725915317
.fraud.net/	1970-01-20 23:26:41	Name: _gid Value: GA1.2.939377633.1725915317
.fraud.net/	1970-01-20 23:25:15	Name: _gat_UA-35675858-1 Value: 1
fraud.net/	1970-01-21 08:10:51	Name: uncode_privacy[consent_types] Value: %5B%5D
fraud.net/	1970-01-20 23:25:17	Name: _sp_ses.c750 Value: *
fraud.net/	1970-01-21 09:01:15	Name: _sp_id.c750 Value: 2799cdeb-3253-4a25-8bdf-1302a640329c.1725915317.1.1725915317.1725915317.7add5581-f60c-4e1b-a7f4-b06465f58645
.fraud.net/	1970-01-21 01:34:51	Name: _fbp Value: fb.1.1725915317099.109692229442810833
.fraud.net/	1970-01-20 23:26:41	Name: _uetsid Value: d19e22a06eed11ef90204ff2f23177fe
.fraud.net/	1970-01-21 08:46:51	Name: _uetvid Value: d19e53806eed11ef9df08922ace4efbe
.bing.com/	1970-01-21 08:46:51	Name: MUID Value: 07399F9A46D66B933EC18B6F477E6AE4
.bat.bing.com/	1970-01-20 23:35:20	Name: MR Value: 0
fraud.net/	1970-01-20 23:25:18	Name: _gauges_unique_hour Value: 1
fraud.net/	1970-01-20 23:26:41	Name: _gauges_unique_day Value: 1
.hsforms.com/	1970-01-20 23:25:17	Name: __cf_bm Value: pxhuZNR6ermtdoLxjsY2vxI7rGza1HNsYXI5Yd8R.CE-1725915317-1.0.1.1-t.Ul7CFm8j.9KmnUzIPZ7u918lsfMxGUx1EBaAyg.jiA7aWA85CvCmGoSuQPmDRg_JdYQP8KhifUkWff0HynmQ
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: QUMaiBCDr14WTwaMyaA8x5ac0Ox64zrcmd8MNpQiDhk-1725915317558-0.0.1.1-604800000
fraud.net/	1970-01-21 00:09:53	Name: _gauges_unique_month Value: 1
fraud.net/	1970-01-21 08:10:51	Name: _gauges_unique_year Value: 1
fraud.net/	1970-01-21 08:10:51	Name: _gauges_unique Value: 1
.linkedin.com/	1970-01-21 01:34:51	Name: li_sugr Value: f1e75e50-0d1c-4125-88fc-3f6ca6337586
.linkedin.com/	1970-01-21 08:10:51	Name: bcookie Value: "v=2&1896c303-1f7c-4658-8c45-372856c7943b"
.linkedin.com/	1970-01-20 23:26:41	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3168:u=1:x=1:i=1725915317:t=1726001717:v=2:sig=AQFQLgHy8rZW_rhpzygdx9B-nBV9tpF9"
.fraud.net/	1970-01-21 08:10:51	Name: _hjSessionUser_2001329 Value: eyJpZCI6IjhmOGU0OGNmLWFhMDQtNTdlZC1iYjAwLWMxY2M3OTlmNzNiZCIsImNyZWF0ZWQiOjE3MjU5MTUzMTc2MzYsImV4aXN0aW5nIjp0cnVlfQ==
.d.adroll.com/	1970-01-21 08:54:03	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 08:54:03	Name: receive-cookie-deprecation Value: 1
.fraud.net/	1970-01-20 23:25:17	Name: _hjSession_2001329 Value: eyJpZCI6IjY3YzU4OTgwLWI1NjQtNGRmZC04NGY5LWZjNTYzNWY1YzdmMSIsImMiOjE3MjU5MTUzMTc2MzcsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.vimeo.com/	1970-01-21 09:01:15	Name: vuid Value: pl143187091.1660232553
.vimeo.com/	1970-01-20 23:25:17	Name: __cf_bm Value: 2eN9TkCd27y.OHOkd5cSisAqr4aZCyvP._RgwBarFa4-1725915317-1.0.1.1-UF2r0NYXGMIeT9yRrUdYh7PMpJwERrF8gp89KjiYscoHNCR9AiDBNHutm.VxPVSP
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: w1a8.EzwReGWfFA2189Ih8jq_4vCuDn43fzIVLwwKS4-1725915317827-0.0.1.1-604800000
.linkedin.com/	1970-01-21 00:08:27	Name: UserMatchHistory Value: AQLdXLnimSbkWQAAAZHYkcYxidx9PcciCmMhNFVfcJnzAmRMOLtwKtjUAUx3zYCTOsznZeorroOLrw
.linkedin.com/	1970-01-21 00:08:27	Name: AnalyticsSyncHistory Value: AQIBVnbT0DFKaAAAAZHYkcYx1nAScTVCVcC_2BN9VwqpNDmwDE1RJr0y4GgT_1HJ84ELNCCAQes0KZ4tb6LcJA
.fraud.net/	1970-01-21 08:11:12	Name: __adroll_fpc Value: 2846258df21b118c262ce7c70190f6d8-1725915317977
.www.linkedin.com/	1970-01-21 08:10:51	Name: bscookie Value: "v=1&2024090920551742830e44-e3fe-4719-8737-53d485bfa112AQHg0n1FJ8zZAcsJkOle8NIPxiTsiMP4"
x.adroll.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.fraud.net/	1970-01-21 08:10:51	Name: __ar_v4 Value: %7CHVT2SOYWOBESJB535C7MUS%3A20240909%3A1%7CML43PNVWLZH6BAVX2UYHRM%3A20240909%3A1%7C6SMH2DHXINFNDD52UNEEKG%3A20240909%3A1
.aggle.net/	1970-01-21 08:10:51	Name: __uidcei Value: 0a56520b-0bcb-4588-b73a-758be51ac3ed
.aggle.net/	1970-01-21 08:10:51	Name: __ustcel Value: gAAAAABm32C2q3KuQ0lx7CJI4LqPLFgVyDcGspSO34Dzm9E5riIuOfdeNBrGVo18b_zRpmTQ0MVcvOLt6oGkP6Gtlqtkyoioe4yityuE2KQY3E4VxAPJO7k
.taboola.com/	1970-01-21 08:10:51	Name: t_gid Value: 6e10dbdc-103b-43cb-bf49-8d57beb18161-tuctdd8e636
.taboola.com/	1970-01-21 08:10:51	Name: t_pt_gid Value: 6e10dbdc-103b-43cb-bf49-8d57beb18161-tuctdd8e636
.openx.net/	1970-01-21 08:10:51	Name: i Value: b97ae91f-b37a-4a46-80c4-fe3984fbe290\|1725915318
.adnxs.com/	1970-01-21 01:34:51	Name: XANDR_PANID Value: VT0mqp7sp6A4hUie6pFPnKOUcB6mkCBW-T0fNIqypfw92EncHT4rpRq4nDv9ugbYcaMuVrk_DGRRBAa7rwNJob42D09ZvZy7IzUs0MCB3fc.
.adnxs.com/	1970-01-21 09:01:15	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:34:51	Name: uuid2 Value: 6367705196286952663
.pubmatic.com/	1970-01-21 01:34:51	Name: KRTBCOOKIE_10 Value: 22808-NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&KRTB&22883-NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&KRTB&23504-NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM&KRTB&23615-NWY5ZmQ4Y2ZiMzRhM2M2Mjg1MzcwMzA4NDI0NTJjOGM
.pubmatic.com/	1970-01-21 00:08:27	Name: PugT Value: 1725915317
.doubleclick.net/	1970-01-21 09:01:15	Name: IDE Value: AHWqTUntAzTnC8GzHI4wokvcsQ8GQ_lTpV0mAwouS1uvGXGkdmvqw_NMPtu7BCaft8I
.3lift.com/	1970-01-21 01:34:51	Name: tluidp Value: 1520214268126461167873
.3lift.com/	1970-01-21 01:34:51	Name: tluid Value: 1520214268126461167873
.adnxs.com/	1970-01-21 01:34:51	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2ImMq4aG)!@wnfH1Ya.O4]7Q=E?-ciTRJ7hr:%k1fyoZ1+]]F$idvlMF2SWMF.Bcw-5Bsw)N)'w:zh+`R8>]RH8!NN3FR@PsXH%!'VriWhEeo
.yahoo.com/	1970-01-21 08:11:12	Name: A3 Value: d=AQABBLZg32YCEPVECJSkb9y637I5N14WSiAFEgEBAQGy4GbpZtxC0iMA_eMAAA&S=AQAAAkRZL4xOvggAJQVZCE7UKv8
.casalemedia.com/	1970-01-21 08:10:51	Name: CMID Value: Zt9gttHM6LoAAHGgAAOUSgAA
.casalemedia.com/	1970-01-21 01:34:51	Name: CMPS Value: 3434
.casalemedia.com/	1970-01-21 01:34:51	Name: CMPRO Value: 3434
.rlcdn.com/	1970-01-21 08:10:51	Name: rlas3 Value: VdMnNb3AyQAzMRmWq1o8EVb2ied6hVJ2Tev5ocuG/1w=
.d.adroll.com/	1970-01-21 08:54:03	Name: __adroll Value: 5f9fd8cfb34a3c628537030842452c8c-g_1725915318-a_1725915317
.adroll.com/	1970-01-21 08:54:03	Name: __adroll_shared Value: 5f9fd8cfb34a3c628537030842452c8c-g_1725915318-a_1725915317
.bidswitch.net/	1970-01-21 08:10:51	Name: tuuid Value: ade05c3b-6924-4992-8b5f-802417104641
.bidswitch.net/	1970-01-21 08:10:51	Name: c Value: 1725915318
.bidswitch.net/	1970-01-21 08:10:51	Name: tuuid_lu Value: 1725915318
.rubiconproject.com/	1970-01-21 08:10:51	Name: audit_p Value: 1\|Ja8yhq4eXGke20NoPfZq94ip5rmsUFCBRieyykEMGXfRuZ+dvyOZuHjOexQ9DKk+2rjPQmrL0GZw0S94mtzOH6X03m07ywdlM/uPx/DKN374rAYyTkhAP/sNQVHbrqaOQyEk/hAX2wJvJhXKnccfpUGzr1qdY5fl+qXfGrCyJR6q6HBPyxusbj+sFLB/WmBAiyTz+DOnHeDc6UO785F0Pw==
.rubiconproject.com/	1970-01-21 08:10:51	Name: khaos Value: M0VHF2SI-26-CR71
.rubiconproject.com/	1970-01-21 08:10:51	Name: khaos_p Value: M0VHF2SI-26-CR71
.rubiconproject.com/	1970-01-21 08:10:51	Name: audit Value: 1\|Ja8yhq4eXGke20NoPfZq94ip5rmsUFCBRieyykEMGXfRuZ+dvyOZuHjOexQ9DKk+2rjPQmrL0GZw0S94mtzOH6X03m07ywdlM/uPx/DKN374rAYyTkhAP/sNQVHbrqaOQyEk/hAX2wJvJhXKnccfpUGzr1qdY5fl+qXfGrCyJR6q6HBPyxusbj+sFLB/WmBAiyTz+DOnHeDc6UO785F0Pw==
.rubiconproject.com/	1970-01-21 01:34:51	Name: receive-cookie-deprecation Value: 1
.analytics.yahoo.com/	1970-01-21 08:10:51	Name: IDSYNC Value: 1770~2klw
.lijit.com/	1970-01-20 23:26:41	Name: lijitAcc3PC Value: 1
.rlcdn.com/	1970-01-21 00:51:39	Name: pxrc Value: CLbB/bYGEgUI6AcQABIFCOhHEAA=
.liadm.com/	1970-01-21 09:01:15	Name: lidid Value: b0a4655a-1375-4a07-a344-7c1ccb80c9cf
.pippio.com/	1970-01-21 08:10:51	Name: did Value: fBmyZr-zUyCoz3RY
.pippio.com/	1970-01-21 08:10:51	Name: didts Value: 1725915318
.pippio.com/	1970-01-21 00:51:39	Name: nnls Value:
.pippio.com/	1970-01-21 00:51:39	Name: pxrc Value: CLbB/bYGEgYIgr0rEAA=
.pxdrop.lijit.com/	1970-01-20 23:26:41	Name: lijitPage_default_c026_append Value: 1_0_1725915318626
.pxdrop.lijit.com/	1969-12-31 23:59:59	Name: lijitBcnLcy Value: 21
.aggle.net/	1970-01-21 01:34:51	Name: aggcid Value: 0f6651b2-2b57-4ad7-91ba-7f8990de753e
.fraud.net/	1970-01-21 03:44:27	Name: __hstc Value: 57037109.741a65c45951fe0b9962c81fd6c4d80e.1725915318873.1725915318873.1725915318873.1
.fraud.net/	1970-01-21 03:44:27	Name: hubspotutk Value: 741a65c45951fe0b9962c81fd6c4d80e
.fraud.net/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraud.net/	1970-01-20 23:25:17	Name: __hssc Value: 57037109.1.1725915318873
.hubspot.com/	1970-01-20 23:25:17	Name: __cf_bm Value: bTyRsbDrphH9O3mSUnB4JgydgSqgOR008S3RGdY97A0-1725915319-1.0.1.1-sdhLOxxDwqUS4pHRUXShAp_XAubRHXtWUI82bIKwAX0D928sCJWySVZYcvpAQD2J0iDuFbgEVNrPH.OdKjnrIQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: DVHHnDTrdZR4GooN2IoAInGuYHb4g5n6Wlqu3pFMgdA-1725915319102-0.0.1.1-604800000
.alocdn.com/	1970-01-21 08:10:51	Name: uuid Value: e81563dc-76ff-4893-9258-809dbff44565
.aggle.net/	1970-01-21 01:34:51	Name: aggiid Value: gAAAAABm32C33c5B7_fqVJbC6qJgpYSgBnn6TRqj4ydFEWtHXoBN-eCycbfJ3fXX0ssPEo43uF568bEaCabayjiwhV_O_LMjmDl56y__-pvihlIgygitoVRtK2ZvU755o4lKwWrl4WbE
.aggle.net/	1970-01-21 01:34:51	Name: aggsid Value: gAAAAABm32C3oYYsBXNrFcU9_xKtnk92LJLBKs_VXu6sHblBueCP_u9Yh8jJcrITVFDhWrvrplyS4_s8GV7EsUtqDsKp560_-bn_rZCKDv0ZY74l2iR0-5k

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fraud.net/(Line 738) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://fraud.net/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://fraud.net/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://fraud.net/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149360532.v2.pressablecdn.com
aggle.net
alocdn.com
analytics.google.com
app.brightcall.ai
app.convolo.ai
bat.bing.com
cdn-account.optimonk.com
cdn-asset.optimonk.com
cdn-limit.optimonk.com
cdn-renderer.optimonk.com
cm.g.doubleclick.net
connect.facebook.net
content.hotjar.io
cta-service-cms2.hubspot.com
d.adroll.com
device.fraud.net
dsum-sec.casalemedia.com
eb2.3lift.com
editor-upload-cdn.optimonk.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms-na1.hubspot.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
fraud.net
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.d.adroll.com
jfapiprod.optimonk.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
media.fraud.net
oirt.aggle.net
onsite.optimonk.com
onsite2.optimonk.com
perf-na1.hsforms.com
pippio.com
pixel.rubiconproject.com
player.vimeo.com
px.ads.linkedin.com
px4.ads.linkedin.com
pxdrop.lijit.com
s.adroll.com
s.opensend.com
script.hotjar.com
secure.gaug.es
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
td.doubleclick.net
track.cbdatatracker.com
track.hubspot.com
tracking.g2crowd.com
ups.analytics.yahoo.com
us-u.openx.net
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.securemailapp.com
x.adroll.com
x.bidswitch.net
device.fraud.net
fraud.net
oirt.aggle.net
107.178.254.65
108.138.106.101
13.107.42.14
134.122.57.141
141.226.224.48
142.250.65.194
148.59.128.196
15.197.225.128
162.159.128.61
162.159.138.60
172.64.151.101
18.164.124.128
18.238.49.94
188.166.193.169
192.0.77.39
199.16.172.83
2001:4860:4802:32::181
23.196.3.181
23.196.3.205
2600:141b:e800:b::172c:831f
2600:1f18:61c0:2205:33cf:a369:fe86:653f
2600:1f18:61c0:2208:9d42:2610:200e:3961
2600:1f18:61c0:2209:54de:e092:fdc3:dce0
2600:1f18:ed:550f:8694:a3e:b8a1:a64b
2600:9000:23cb:ea00:6:9280:1080:93a1
2606:4700:4400::ac40:9310
2606:4700::6810:6dfe
2606:4700::6810:752b
2606:4700::6810:7674
2606:4700::6810:8cd1
2606:4700::6811:afc9
2606:4700::6812:1fb0
2606:4700::6812:50cc
2606:4700::6812:8911
2606:4700::6812:8e77
2606:4700::6813:afbc
2607:f8b0:4004:c19::9b
2607:f8b0:4006:809::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::200a
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2008
2620:1ec:21::14
2620:1ec:33::10
2a02:6ea0:c454::1
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.167.56.55
3.225.218.10
3.33.163.81
34.117.177.207
34.226.61.186
34.98.64.218
35.211.202.130
35.244.154.8
44.242.74.134
52.206.141.127
52.223.22.214
52.27.154.167
52.72.195.133
54.170.235.127
64.202.112.191
68.67.160.75
69.173.151.100
8.28.7.83
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0091e95e8c3756b1468ac8063de5c5551df6dfdeda001d0e67271e59507e37f7
01d35c780264bd31fb66af96c0b2839cb4a78037e2561385a4e4c36a3c474137
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f
059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21
0ea3e5108301bafe9e6b3c0f441cb248d4496f17339ebbb664413371dcaffc13
0eda23544cb883b0cedc5afc8cba5fa6161ca1edc4feba4971ed13a641b3fb14
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
1054650aaad2b126aa97e4b6f2a4caf3d996a87707100dfbe77819b65f0f005c
13f1c9070b3a17df4544f1dc1ed5f712293e734228521adb7aa81256e2cbecda
14822af6e9685e0d7d7e3eaa1bea7dd7b0d3d3edc787dddd8c8997747342873b
15c15643141bd4c8fb383b7e2c4d8406a7bdf5d31d2e648126c0f6d5a9a85f24
1844811cc02eae22c493f6a121b997aa3c38c6db2de8e6b38940065547cb6d45
1993a894f8c63c14fec96a4f29f33e14d33afc94a1aab689d4459eb10d6cfb49
1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8
1ba8c25f2af18480113ea22a72920c491f92f38ce353abe5fa75601ccb162e6d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e6d77c94818f36ffce64b1481dea24f243efa3a650ab6bdfa3eb30f67b31317
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
20428f93f2673efc5b14ddbb8488222dabf85da17bce338c6b791071f1cf597a
21200fdcf2fb9fb7a01ec311ca3b49dc918347f75cf3c001f5ecd70f69e121c0
228bca20e8d349c846c798529bd21944816dfb4f16d2a77ba27403e63d125636
234d8bdcdbe8ad7ad55b9dc05062cbba29a8aad1cdae054ac36c77ac0ceca285
254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4
27bb1c46f69b49a4dceb4993432295bdea3769aae7a806b059add3b525def50d
27e2004b93f9a10086e59f18b71ce80a05e981885ab67c7a08bca7bcd7ca22ce
291b2531a89ee812b28ff0513545156e38fd1628a43459c2255f29754733d2ef
2a246a6641327b3657c7426dc83505e09fb76ddc039812f75ad48b872fc96505
2c53b6def4332dec44c18b3b39eed77fb6a24b8ebee8282671fb1fd02c191e31
2d94d3066a34b525976103a941c069e16f5ed11534466b0070d88f83a63c9ef7
2e7d55c206337ee9ea9573fbce8e75b67885acbc8dcf871e0fabbb93115912f5
357b66a4c5b0d934e7e113673550dcd98a2458241c594afad9d3a76e3807fb50
39865c447d7ed131c36563e21f1b9b9a85f124f97ba2bec06548ab5e9b081586
3a5b10a5ae63f86ce9059ee67b064fead2fd3bf0290a6f4832adaca4411e5ff2
3a5cecf97c1dc33e9ce6bd80b347c5275c2d2467ec578bfa1403246e3bfd7380
3c496577c3a2683ca878045367f3774a8a82d0e185e3de90b7c32d0ae737ef65
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
3fe825d046f329602e135c09e209b42c8e46bf977fe7c1635e5cf33649734863
40e35369f9d486c91e9f682ebdaa5fa519867c77bcbdea1d905dcb3d16a112cb
41b1c7d6af05be020550025a5e45f94ea6f122654d5c783ce4abddbf66197776
422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d
4332e51624890ca1520d8132cb517a574f5e820e4c27388d1ba593ae6104f377
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449a607424de8313b9432f4c9cd1a4c88c68f06d169ce0019540f5886d20d6bb
465726c1fc7cd0e6ff5a19fdf03a20d95e13f8e5c255c157df0428e3370cfd99
4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0
487edb5b8568e3b54881c2ba7f8b1295c78908f5c53dbe8ef8e6fc737f3e7ca4
48d330c460234a97e28472e988bce90883d37629813e38e114fd195460dff5b9
48fca59e67a7d7c9b89625fab9eb7982a02a738c3bc9bb7c1f424547820336b6
4b3b00234df4da1f9594dd6d05252c7529bfb37548078fc9ecf41c1811df3711
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831
4de50d0f0563103a9a51080cd303fa3c61b059189411435bf36a884bcc7ddd86
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4f3d35c6c4f11dcb2d162feb950a605448fa97de5c9b8d58109ef52eb167d566
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53327d1c55cd5f6aec4c686f3ba84c17c8fdcea1d62760bb61f3d45ef504566d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b9018e50156270cc59c34732966d3461f566ecfc4fa8c0234c41af33e21d86
598649c9ca160b89e08546ab2394ff428128645ab0432d430a55b66f1728e601
5d27d33568e57bb634250ad5fd29627bc444e1fab180d870f755013cf524ad28
5d3a9547f3ac1a0f55d23965a04ce04c7abf2caa2cb7e0eb411002e672f1130b
5f0e7d030892959df288bdac1d32b04784a6bfd595e20d00f963b0e884adb5e7
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
65d8af74e7a554bde6ede1fa82f21f8d919ec53750e495eb3f9bcd1069136d05
6972b66b95853b03c2bc72665973cc84fc1228c191d43e911ed6aa8e43331b91
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c36c2b74d748eb675737328e6519ea5e69356698f797867f84151696b6db648
6e7be345e3774b6a8448d1070aed099bf40c00990a3d82c9887da32e57c554fd
70a4cd5d0ba7c6b43eae942a9cfa53f75bb275cce10031e5d6afec299f94c708
70ceba313631a8887328812e871ea50456c5afb1f58f0989a1fc039d673b2f74
724658c0036cf42c98598aabf953e8cafec4ce6dee888ead261bbfd28e104f9a
725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
78cada0d0ef4f1560d0bf4022a53790fad68297d09099dbbb3628d8dc62c9275
792ae63e3eb289954761231d45e5a63d6701f588aff8d9911a8353ce7e2d1e18
794b9f4fa15362394d9913554121b956f2ee5f5dc368540a8cc761dc9c7668f1
7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a
7d3bc5db1b5795bc53bc2a7d3e1a492e96c68d64004705272dee00406057f2f7
7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7ee31a17e8c32a3aaf1747906ddcb9fa29586f247f0d61658ab1981694a61d19
7f47f02c93d5de5de03db0ebffa39fe1060767437b086996e295c9818a05b2f2
8024acec341dcc8141dd3175d206cbb1c81d8141254363751ad0ab5f91af3e12
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
828a3847e83f9160cfb73f9f26d56585632a53e5529c2d7907a966a19c36ce37
82c640ec85f1687b7523bcee505819818aed200dd67a76b1307d0e18cbcd3262
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84174f4a74a46dda3cc45a7a3a313d9a17f470afa80a8446b67d2d888fc7278b
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88e984a5157644a26223b80c61f432b5ee292b47be0213c0694c111608699a3f
890dea6530b54e3df6f49041ef9d5cd0b1d452c5b5164d1979a6c05944ea7c51
899db695d83c9611e4f6ce9df91aa731a190141443b9bf58530251f676af25fa
8a5b549f97ff7e1523fed10f7de1b2bd371e1d07a9a5ffb748520609b348bb5d
8ec10bed3af6096be5743e3e5dce99ea22832a46b86f13e19e68966a52fe63b8
908065730650dcb360e26b99281cc2c1bef6576cd10fab2aa1b72de2b6003c11
92432d2bb385e837b1b206f60e78fdc5f0718bad42201cf54e77f6eb2aa97a4f
97894d5d517bdace45e5737e6288178fe70c289d2b8e326ac82f3fa88ec92c58
97f5bc236e0957f97b1cd816c850e067d38d794990644cf0100be692fe47f276
9801c8c01f4b6f9a836df270946d8eeffe8f2d0db88013654b38d4a1c6ab6fe9
983fda9725053de0d9a9e8227b0783df4be757adae3f4d9b2b08e0d24f8d5f71
99c3b544a0d7af4cd2aac0e79596dcbe0f4ebf8277fa646dd5b41fadd89d0044
9a360fc3b255d7c649ffdd07ab330df23d0018ed8f71c4c619660f97bec81f0a
9b67f42b2108632352195b05b181bfc98609d5e88ba981bcf8a6daa5555114f2
a5de82e7ddc386eb666d9d7ae0ce82a94dd5e8d41e339c0a136531ef0ce18e7e
a7eac1042b62bcc915df613a95bdaaeb572d90e92cc342dc3441e8a98edbb837
aa17fa46ba42b260bf413dfcf1d0962c8aa7f5d6f23506ec15bac2a7f2e7fc85
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab0e24f7fcf11a5b894764ac662636b091303c97ab7b1f69ca5b6b24cb214e1f
ab7a0d39522e73d16c5212fb5b33f4b43a6a37cb2c921bebdf7a25bc272da508
ac75f3a93c00894c2aabcce634e39f2a4750c9e542f56b9f5dd678bfad802280
ae36270ca4d3fd7dc6757faf8140749b0e5f06ab09c5cd7ef80e61bb874f67ce
aec9f4f7455da97df0df620ef3773a19089cd36b9af30fc0fc90f79eb8e7f869
af40864cb09a9463e558472afa4cb4d935d2bff2fad08e4db4cf33fcd5ccf9de
afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b
b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58
b0c5713b0404676e491cdfba01ffd6aaf0dce9227bde577b4178afde264c9841
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54944ae239e589612ce901656a07eb947eb34ef16054b2781d5bcee57d63ca0
b5aae3b92b530b0b751a307b0205461da8993bf520abf775b206004e9cd10108
b628ff95829edd2fcb3fc5e787206ff4c9f5a0ef262f05ec2349575de01ed8fe
b765202630761bc712ef378fb08824a83d48d504b3026349c0b92337c27ddb6c
b9504fadf28ad447cd297ead593a6def5ee7eb219ee801acdb39b25bb8564da1
ba140dc9289eab43a55921ef57388e85af30f1f2c9c33dfda8408294c26e9347
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bde3b71f93b22cd94edb3a80c7ca8dc84e6e90f0609084d6254c7b82a1f59fb5
be5349d4081fecf915783ec56264da71a51dc0e8171fd4556d1c7ea43ba1ba30
c00be3d5243ab556e3b2d0297aa17946a69da69e88ab37474280e47033ee48c5
c458060eb90e7a1a687af8a682f011454b1eaf36b4444d9fd3a12ab91ca0d0b9
c5e999977df66d60ae8dfc8643e6838a3fb900b38c479382d8f2977ac5b2f36f
c67e68973edfa62b29667248742a726c45ce09147d4854c8cf9214b848a2464a
c6e98fc90d10e4b2724543463c3fe889e96933775b51aa030906c88c4f4873d2
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9e318a7363d19da0171f2b40f72375e04ec1a91a31082d85a5b13aa20f1e2c5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdbf143856a375cc4f975c8cd17edc52f04ebf0952d96944bf027290fe9ad28e
d012a79ab0515377792601f0e93967d7a6817b79dc629c1d7646b4108326c337
d23369096b16514e42ec85aa9495bebeed9569aee7d01e2feb52c2fff4e626b1
d34714f028b8a056625c6cc214a4a2456052e03cee9bac45c19b138f4560b368
d4fa0ff9b061ce64b83948570d0ca0be8a76f49b9263325eeaa26ac87c86fb95
d8e8e121a8ec7359a4284eca6a2f38e711d7c8792436cc0da4dd30275cec0a6e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd7d32a54f8f81c325ffe074bd515707bd15c12daf19b51312943aaba69c4ff7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de599393ee2636d282e2724a638bd0bcb77bef4dad10207b5beb406df96e9847
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
df81a2c6d1639190dd029f1bf508796113acf7dd3d686a6dbba0d567cd575478
e16e05db60d88b2b5e1866fddf94b16071ac8b61c5dd5028cf401d91f8d6f2c1
e2310cdd13a9432e8234e690dd787286e1daf5603559a8d4eab22d38d4085899
e245119042c5d0e470d86f45d3b1e2480972885c8a596a237827e24e8ca34937
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcd1c22c0109630f06bb782eddd1db4910dbedc483193a7276dcd07e6d4651
e83dc119745c93e5eb29ffac21b9809af235d091f3d55f909d4e74758a0cd090
ec3252df16f423d8a4f1711df333731b41000e730ca00cd50341a8a8769450bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f38e5448eafdb04fe6acbe77b220a0692eb646712ec0260bcb080f781e1d2e15
f557768dc0c8791b80b0d6415b9c5d292503431d5c48f155e23f335883c7fe4c
f93c8551f65ba377f486fa012b49c4fdfbb3247cb0fa9aa1f7f084ea2cb36edf
fa8273933101146ea0678f1d44ffdde8630c02280e33d4ab052d61bfdb7dbb6f
faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684
fe854c6aefd5b77a0164fd6173b3c0532abc5d6a2e3ab64bc3974235727ab850
fef32ae82d6491d9f226abb4babbc2e31abcff70ee4cb29ea2fbf91bd81ed402
ff3fb890c8a0356b8e93e51c5d380b109d4e693d8c7d4bc716654b27ba4700d7
fff22062d6bcd6fcf719d5e2ed34608b4b3dcdd3fd532b5241c1233c5fb0f562

fraud.net Open in urlscan Pro 199.16.172.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

224 Requests

90 %HTTPS

45 %IPv6

50 Domains

81 Subdomains

62 IPs

6 Countries

4298 kBTransfer

10378 kBSize

96 Cookies

5 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

90 %
HTTPS

45 %
IPv6

50
Domains

81
Subdomains

62
IPs

6
Countries

4298 kB
Transfer

10378 kB
Size

96
Cookies

224 HTTP transactions
4 data transactions