fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.fraudnetmailer.com/?cid=66646953&sid=1428179&lid=4175862&o=0
Effective URL:
https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&...
Submission: On December 13 via api (December 13th 2021, 11:38:16 pm UTC) from SG — Scanned from CA

Summary HTTP 149 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 59 IPs in 4 countries across 49 domains to perform 149 HTTP transactions. The main IP is 199.16.172.83, located in United States and belongs to AUTOMATTIC, US. The main domain is fraud.net.
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.

This is the only time fraud.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	216.119.193.71 216.119.193.71	33561 (LUNAVI-WY) (LUNAVI-WY)
1	148.59.128.120 148.59.128.120	33561 (LUNAVI-WY) (LUNAVI-WY)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
6	199.16.172.83 199.16.172.83	2635 (AUTOMATTIC) (AUTOMATTIC)
43	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.63.47 13.225.63.47	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.225.214.95 13.225.214.95	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.7.240.128 52.7.240.128	14618 (AMAZON-AES) (AMAZON-AES)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::1732:35c2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.214.74 13.225.214.74	16509 (AMAZON-02) (AMAZON-02)
2 13	2600:9000:21d... 2600:9000:21da:8a00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.230.162.34 54.230.162.34	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f04... 2a03:2880:f041:11:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	54.230.162.91 54.230.162.91	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 3	104.18.100.194 104.18.100.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.214.66 13.225.214.66	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	52.70.137.221 52.70.137.221	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	40.91.78.9 40.91.78.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14 17	35.174.191.125 35.174.191.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	52.40.8.68 52.40.8.68	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f14... 2a03:2880:f141:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.230.162.15 54.230.162.15	16509 (AMAZON-02) (AMAZON-02)
1	52.210.84.221 52.210.84.221	16509 (AMAZON-02) (AMAZON-02)
1 2	184.29.129.7 184.29.129.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.7.125.156 52.7.125.156	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 2	68.67.179.113 68.67.179.113	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
1	50.112.217.250 50.112.217.250	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:b972	() ()
149	59

3 216.119.193.71 (Canada) 1 redirects

ASN33561 (LUNAVI-WY, US)
PTR: smtp71.fraudnetemail.com

www.fraudnetmailer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.59.128.120 (Canada)

ASN33561 (LUNAVI-WY, US)

software.clickback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.16.172.83 (United States)

ASN2635 (AUTOMATTIC, US)

fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149360532.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-47.ewr53.r.cloudfront.net

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.214.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-95.ewr50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.240.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-240-128.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::1732:35c2 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-74.ewr50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:21da:8a00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-34.ewr53.r.cloudfront.net

media.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f041:11:face:b00c:0:3 (Denver, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-91.ewr53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.100.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-66.ewr50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.137.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-137-221.compute-1.amazonaws.com

device.fraud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.91.78.9 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.174.191.125 (Ashburn, United States) 14 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-191-125.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.8.68 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-8-68.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f141:82:face:b00c:0:25de (Denver, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.162.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-15.ewr53.r.cloudfront.net

s.dca0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.84.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-84-221.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.29.129.7 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-7.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.125.156 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-125-156.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.113 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.217.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-217-250.us-west-2.compute.amazonaws.com

11a6b76b-9acd-604e-3ff1-9d6f591369c2.z1.dca0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:b972 (None, )

ASN- ()

f.hubspotusercontent30.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	pressablecdn.com 149360532.v2.pressablecdn.com	732 KB
30	adroll.com 16 redirects s.adroll.com d.adroll.com	143 KB
9	fraud.net fraud.net media.fraud.net device.fraud.net	52 KB
8	hubspot.com api.hubspot.com forms.hubspot.com track.hubspot.com	7 KB
8	stripe.com checkout.stripe.com js.stripe.com q.stripe.com m.stripe.com	75 KB
6	clarity.ms 1 redirects b.clarity.ms c.clarity.ms	23 KB
5	linkedin.com 5 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	5 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	64 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	12 KB
3	facebook.com www.facebook.com	512 B
3	adsymptotic.com 1 redirects p.adsymptotic.com	636 B
3	facebook.net connect.facebook.net	200 KB
3	google-analytics.com www.google-analytics.com	57 KB
3	hsforms.com forms.hsforms.com	4 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	37 KB
3	fraudnetmailer.com 1 redirects www.fraudnetmailer.com	3 KB
2	openx.net 1 redirects us-u.openx.net	393 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	3lift.com 1 redirects eb2.3lift.com	737 B
2	yahoo.com ups.analytics.yahoo.com ads.yahoo.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	817 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	dca0.com s.dca0.com 11a6b76b-9acd-604e-3ff1-9d6f591369c2.z1.dca0.com	2 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
2	stripe.network m.stripe.network	17 KB
2	gaug.es secure.gaug.es	4 KB
2	gstatic.com fonts.gstatic.com	61 KB
2	hsforms.net js.hsforms.net	287 KB
1	hubspotusercontent30.net f.hubspotusercontent30.net	215 KB
1	pippio.com 1 redirects pippio.com	555 B
1	rlcdn.com 1 redirects idsync.rlcdn.com	319 B
1	taboola.com sync.taboola.com	221 B
1	pubmatic.com simage2.pubmatic.com	547 B
1	outbrain.com sync.outbrain.com	477 B
1	rubiconproject.com pixel.rubiconproject.com	798 B
1	google.ca www.google.ca	548 B
1	google.com www.google.com	548 B
1	hs-banner.com js.hs-banner.com	16 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	usemessages.com js.usemessages.com	21 KB
1	zoominfo.com ws.zoominfo.com	1 KB
1	hs-scripts.com js.hs-scripts.com	985 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	63 KB
1	clickback.com software.clickback.com	1 KB
149	49

	Domain	Requested by
43	149360532.v2.pressablecdn.com	fraud.net 149360532.v2.pressablecdn.com
17	d.adroll.com	14 redirects s.adroll.com fraud.net
13	s.adroll.com	2 redirects www.googletagmanager.com fraud.net s.adroll.com d.adroll.com
6	fraud.net	www.fraudnetmailer.com fraud.net 149360532.v2.pressablecdn.com
4	track.hubspot.com
4	b.clarity.ms	bat.bing.com b.clarity.ms
3	www.facebook.com	fraud.net
3	p.adsymptotic.com	1 redirects fraud.net
3	px.ads.linkedin.com	3 redirects
3	connect.facebook.net	www.fraudnetmailer.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fraud.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	q.stripe.com	www.fraudnetmailer.com
3	forms.hsforms.com	js.hsforms.net fraud.net js.hscollectedforms.net
3	js.stripe.com	fraud.net js.stripe.com
3	www.fraudnetmailer.com	1 redirects ajax.googleapis.com
2	us-u.openx.net	1 redirects fraud.net
2	ib.adnxs.com	1 redirects fraud.net
2	x.bidswitch.net	1 redirects fraud.net
2	eb2.3lift.com	1 redirects fraud.net
2	pixel.advertising.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects fraud.net
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	c.clarity.ms	1 redirects fraud.net
2	api.hubspot.com	js.usemessages.com
2	device.fraud.net	media.fraud.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	secure.gaug.es	fraud.net
2	fonts.gstatic.com	fonts.googleapis.com
2	js.hsforms.net	fraud.net js.hsforms.net
2	fonts.googleapis.com	fraud.net js.hsforms.net
1	f.hubspotusercontent30.net
1	11a6b76b-9acd-604e-3ff1-9d6f591369c2.z1.dca0.com	s.dca0.com
1	cm.g.doubleclick.net	1 redirects
1	pippio.com	1 redirects
1	idsync.rlcdn.com	1 redirects
1	ads.yahoo.com	fraud.net
1	sync.taboola.com	fraud.net
1	simage2.pubmatic.com	fraud.net
1	sync.outbrain.com	fraud.net
1	ups.analytics.yahoo.com	fraud.net
1	pixel.rubiconproject.com	fraud.net
1	in.hotjar.com	script.hotjar.com
1	s.dca0.com	s.adroll.com
1	m.stripe.com	m.stripe.network
1	www.google.ca	fraud.net
1	www.google.com	fraud.net
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	ws.zoominfo.com	www.fraudnetmailer.com
1	media.fraud.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	fraud.net
1	checkout.stripe.com	fraud.net
1	ajax.googleapis.com	www.fraudnetmailer.com
1	software.clickback.com	www.fraudnetmailer.com
149	68

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
www.fraudnetmailer.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
software.clickback.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-17` - `2022-06-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tls.automattic.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-17`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.fraud.net Amazon	`2021-10-11` - `2022-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-22` - `2021-12-21`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh
dca0.com Amazon	`2021-09-13` - `2022-10-12`	a year	crt.sh
*.z1.dca0.com Amazon	`2021-03-10` - `2022-04-08`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Frame ID: 83D9BA7F7623FA7E33DF24990441306C
Requests: 137 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 243280926FBECD20C1C121FFDE7132BA
Requests: 3 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: E8BD3C6C03766A2A12DC77E76A6E5F29
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B9F72F082C0EF84C1D8E449469EB764F
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: C568BF435A67A3BED0B8E6C400D6C895
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 016F5B4BF4AE6F36CDA53E13A52104B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Award-Wining Fraud Prevention | Get a Free Demo

Page URL History Show full URLs

https://www.fraudnetmailer.com/?cid=66646953&sid=1428179&lid=4175862&o=0 HTTP 302
https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0 Page URL
https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-... Page URL

Page Statistics

149
Requests

88 %
HTTPS

41 %
IPv6

49
Domains

68
Subdomains

59
IPs

4
Countries

2248 kB
Transfer

7518 kB
Size

87
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/fraud-net/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fraudnet/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fraudnetmailer.com/?cid=66646953&sid=1428179&lid=4175862&o=0 HTTP 302
https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0 Page URL
https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.fraudnetmailer.com/?cid=66646953&sid=1428179&lid=4175862&o=0 HTTP 302
https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

Request Chain 87

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1639438691587%26url%3Dhttps%253A%252F%252Ffraud.net%252Fdemo-request%252F%253Futm_source%253Dclickback%2526utm_medium%253Demail%2526utm_campaign%253Denterprise-grade%2526utm_term%253Dmass%2526utm_content%253Dclickback-enterprise-grade%2526sid%253D1428179%2526rID%253D66646953%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&cookiesTest=true&liSync=true&e_ipv6=AQLSbi9ouFX1BwAAAX22KS7cHcvAF9XJSEHiC3Qy__B1LzwB3Rx-zJqGip_OxMhm8rZa3W9uXZA HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=57a56d48-1001-4a2b-bd08-b1abfda524e9 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=57a56d48-1001-4a2b-bd08-b1abfda524e9&_expected_cookie=6ea8d392052faaf7f59c7223765ee699

Request Chain 91

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 92

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 102

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=365D6E35F701423B954C182CDEFE21AA&RedC=c.clarity.ms&MXFR=231F12C4C473681532CF03C8C07366C9 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=365D6E35F701423B954C182CDEFE21AA&MUID=03A83655BE0A6A293D352759BF726B2A

Request Chain 116

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&pv=99882027322.67151&cookie=&adroll_s_ref=https%3A//www.fraudnetmailer.com/&keyw= HTTP 302
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

Request Chain 121

https://d.adroll.com/cm/index/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expiration=1670974692 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expiration=1670974692&C=1

Request Chain 122

https://d.adroll.com/cm/n/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expires=365

Request Chain 123

https://d.adroll.com/cm/onevideo/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPbc6997da-5c6d-11ec-a55d-0292bfa562bf

Request Chain 124

https://d.adroll.com/cm/outbrain/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

Request Chain 125

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 126

https://d.adroll.com/cm/taboola/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

Request Chain 127

https://d.adroll.com/cm/triplelift/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 128

https://d.adroll.com/cm/r/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 129

https://d.adroll.com/cm/b/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

Request Chain 130

https://d.adroll.com/cm/x/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

Request Chain 131

https://d.adroll.com/cm/l/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=9ea457b69996fa3a9aa8e9d6bbe3ac58 HTTP 307
https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d

Request Chain 132

https://d.adroll.com/cm/o/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=9ea457b69996fa3a9aa8e9d6bbe3ac58 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9ea457b69996fa3a9aa8e9d6bbe3ac58

Request Chain 133

https://d.adroll.com/cm/g/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&advertisable=HVT2SOYWOBESJB535C7MUS&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=nqRXtpmW-jqaqOnWu-OsWA HTTP 302
https://d.adroll.com/cm/g/in

149 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

clickTracker.aspx Show response
www.fraudnetmailer.com/external_pages/
Redirect Chain

https://www.fraudnetmailer.com/?cid=66646953&sid=1428179&lid=4175862&o=0
https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

7 KB
3 KB

110ms
110ms

Document
text/html

216.119.193.71
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.119.193.71 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS: smtp71.fraudnetemail.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b297942165b2851c498af42b15d2ae5ce9f8f8e89a92faa9512afcf7b0622286

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: Authorization
date: Mon, 13 Dec 2021 23:38:08 GMT
content-length: 2707

Redirect headers

cache-control: private
content-type: text/html
location: /external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: Authorization
date: Mon, 13 Dec 2021 23:38:08 GMT
content-length: 207

GET
H2 200 CookieWriteJS.js Show response
software.clickback.com/Cookie/ 2 KB
1 KB 199ms
58ms Script
application/x-javascript 148.59.128.120
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://software.clickback.com/Cookie/CookieWriteJS.js
Requested by: Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.59.128.120 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f78b58df5ef0e99f170c595a2356eca920adba3a904963d4b1642be7aa3c9cca

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.fraudnetmailer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:08 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 19:25:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a5393165b0a5d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Authorization
content-length: 861

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 80ms
23ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.fraudnetmailer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:21:53 GMT

POST
H2 200 UpdateGRT
www.fraudnetmailer.com/external_pages/clicker.aspx/ 10 B
110 B 57ms
57ms XHR
application/json 216.119.193.71
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fraudnetmailer.com/external_pages/clicker.aspx/UpdateGRT
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.119.193.71 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS: smtp71.fraudnetemail.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 23:38:08 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Authorization
content-length: 30

GET
H2 200 Primary Request / Show response
fraud.net/demo-request/ 44 KB
11 KB 1109ms
1047ms Document
text/html 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953

Requested by

Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e9d539f28d635e2700312f80d71e4fef92511d8bb8a7e7be3c7a244a554f21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.fraudnetmailer.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 23:38:10 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
host-header: Pressable
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
access-control-allow-credentials: false
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/" <https://fraud.net/wp-json/wp/v2/pages/90047>; rel="alternate"; type="application/json" <https://fraud.net/?p=90047>; rel=shortlink
content-encoding: br
x-ac: 2.yyz _atomic_dca

GET
H2 200 style.min.css
149360532.v2.pressablecdn.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 69ms
17ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/css/dist/block-library/style.min.css?ver=745cae5d46390134dab018000e89ec78

Requested by

Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/css/dist/block-library/style.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 52 KB
2 KB 96ms
44ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.5.0.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ea94e4c463f9c63c310c3ad8e0ed47b4b2cf30493001df2afc77da9134c606d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 23:38:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 23:38:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 23:38:10 GMT

GET
H2 200 tooltips.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 9 KB
2 KB 69ms
17ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css?ver=745cae5d46390134dab018000e89ec78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/tooltips.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 encyclopedia.css
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/ 8 KB
1 KB 69ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css?ver=745cae5d46390134dab018000e89ec78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dfd8fc52661d5dea960e9d5188679653e393a127461aa940fe22d2c9a777f5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/css/encyclopedia.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button.css
checkout.stripe.com/v3/checkout/ 4 KB
1 KB 151ms
19ms Stylesheet
text/css 13.225.63.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/v3/checkout/button.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.63.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-63-47.ewr53.r.cloudfront.net

Software

Cloudfront /

Resource Hash

576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Dec 2021 19:59:14 GMT
server: Cloudfront
age: 55
etag: W/"aa9c16d967e4074a065955880128c839"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3496707421faf86f68ae341aa8b7d1b9.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-pop: EWR53-C1
vary: Accept-Encoding
x-amz-cf-id: Cm0m_CAj6SEbZfBZweAumGnE9n3NPL4UAfGfszZj6QJ9EnTS0mrtQw==

GET
H2 200 simpay-public.min.css
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/css/ 933 B
581 B 69ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/css/simpay-public.min.css?ver=2.6.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d7e7998e89700fa5cd1ca9f0e9b75559fdb7f933b3108850faa3050a96025a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:50:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/css/simpay-public.min.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.css
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/ 17 KB
3 KB 75ms
24ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css?ver=2.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

892e8d0bb31137bab6b36dc26d1ff356fb78df4eeecb22fd748cbffa7244411a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:54:00 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/css/uncode-privacy-public.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/ 6 KB
1 KB 74ms
24ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/newsletter/style.css?ver=7.3.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:49:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/newsletter/style.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 571 KB
77 KB 84ms
34ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c6162910b841ebeddc424a6620879e8c6f02669b7179e8dce8714a2bd2628aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:13 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/css/style.css>; rel="canonical"
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 uncode-icons.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 60 KB
12 KB 84ms
34ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fc3585334db84f341ccd0e9ad6a28ef86f709d833adfe532fbb5e82f77623293

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:13 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/css/uncode-icons.css>; rel="canonical"
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 style-custom2.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/ 274 KB
26 KB 74ms
24ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/style-custom2.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9b8223abbc3b34f9a605cdb7227ac0bd983c5b17310e576973ca109580281dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 18:09:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/css/style-custom2.css>; rel="canonical"
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 main.css
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 16 KB
5 KB 74ms
25ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.css?ver=1.16.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.css>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 87 KB
31 KB 84ms
34ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/jquery/ 11 KB
4 KB 84ms
34ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ai-uncode.min.js Show response
fraud.net/wp-content/themes/uncode/library/js/ 4 KB
1 KB 40ms
40ms Script
application/javascript 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-content/themes/uncode/library/js/ai-uncode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
etag: W/"61aa133a-e27"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 2.yyz _atomic_dca
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 init.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/ 114 KB
25 KB 84ms
35ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e5c7b4ae3317862b3a5428b50ef2b1db2ac54c9eafc9aa7757f1b51c5e302bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/library/js/init.min.js>; rel="canonical"
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 fnlogo-e1559250900846.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 5 KB
5 KB 40ms
34ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/fnlogo-e1559250900846.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

35c0f671c529cba502561161d2442e63375af379424beec33d5ee43bb7a391b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Sep 2021 19:39:19 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/fnlogo-e1559250900846.png>; rel="canonical"
content-length: 4853
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 Demo_Statistic_Block-uai-258x89.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 40ms
34ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Demo_Statistic_Block-uai-258x89.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f91556a9a226aaec5c3c005295e0479ab1cd139976b9fb733721b60e39edcea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Dec 2021 13:15:54 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Demo_Statistic_Block-uai-258x89.jpg>; rel="canonical"
content-length: 7866
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 565 KB
144 KB 56ms
30ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb966db33412f37dd64a1a0f6a71fcb3753f4bb8d47861ca2efad938c0802a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:10 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 88
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Dec 2021 03:45:55 UTC
server: cloudflare
etag: W/"4346d76226aaf9e287787895e67a00d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqJ8IavIkWVDzYfcsfwFU4UOiaVUTTFGLHuHsbXNc7ldZ1Dvzsk0yhfxXw9dOWnYM1ikZD1PcJJ0f4DD%2FqdhD0GQA%2Bt5ndIIdht1CBtb%2FN8Cjjj3JKUZVACGwk85KDt6Ekhe2PlAnKeIcd7b"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: M3DEx7ofZjbXpKwMUSyc8h0q9vFCjwN2
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6bd3064a48ca7138-YUL
x-amz-cf-id: jTiMwTWqY2NwyxOuqrVzn76oc80wTuBPbCZQfRDx1zrMk_Ovk-JUzg==
x-hs-target-asset: FormsNext/static-5.426/bundles/project_with_deps.js

GET
H2 200 1280px-Gartner_logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 48ms
42ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Sep 2021 16:15:20 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1280px-Gartner_logo.svg.png>; rel="canonical"
content-length: 2561
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 Arvato_Logo_2016.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 48ms
43ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Sep 2021 16:15:22 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Arvato_Logo_2016.png>; rel="canonical"
content-length: 3779
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 download-uai-258x74.jpeg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 8 KB
8 KB 48ms
43ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/download-uai-258x74.jpeg>; rel="canonical"
content-length: 8164
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 48ms
43ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/mastercard_hrz_pos_300px_2x-e1634923002359-uai-258x47.png>; rel="canonical"
content-length: 4235
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 icba-logo-blue-uai-258x116.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 7 KB
7 KB 48ms
44ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Dec 2021 13:09:11 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/icba-logo-blue-uai-258x116.png>; rel="canonical"
content-length: 7262
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 1200px-AmazonWebservices_Logo.svg.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 4 KB
4 KB 48ms
44ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 1.yyz _atomic_dca
last-modified: Fri, 03 Sep 2021 16:15:29 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/1200px-AmazonWebservices_Logo.svg.png>; rel="canonical"
content-length: 4152
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 microsoft_PNG4.png
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 3 KB
3 KB 48ms
44ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
x-ac: 2.yyz _atomic_dca
last-modified: Fri, 03 Sep 2021 16:15:26 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/microsoft_PNG4.png>; rel="canonical"
content-length: 2756
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 tooltipster.bundle.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 39 KB
10 KB 20ms
17ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js?ver=4.2.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltipster.bundle.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltips.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/ 1 KB
738 B 18ms
14ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Mon, 09 Mar 2020 08:30:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/encyclopedia-pro/assets/js/tooltips.js>; rel="canonical"
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 268 KB
71 KB 97ms
28ms Script
application/javascript 13.225.214.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-95.ewr50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

30726bc426c4ce795d62fd1f2fe2ee850d32f2a5406689d28a21440f4707ba1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 21:47:08 GMT
server: Cloudfront
etag: W/"b35bd15d611ce1a5b3a94cddd4ba0ba8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: EWR50-C1
timing-allow-origin: *
x-amz-cf-id: cfnWRH9UKuL91BoBNXBI_Q2ZaKxUsqlqzrOUGyxWtnU432Wiwj3yPQ==

GET
H2 200 simpay-polyfill.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/ 87 KB
29 KB 25ms
16ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/simpay-polyfill.min.js?ver=2.6.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ed5b5b47d4098e216aaf66aaeae492679b972a2dc1eb87f3ee8d35a270fd354c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:50:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/js/simpay-polyfill.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 accounting.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/vendor/ 3 KB
1 KB 25ms
16ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/vendor/accounting.min.js?ver=2.6.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:50:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/js/vendor/accounting.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simpay-public-shared.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/ 2 KB
1 KB 25ms
16ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/simpay-public-shared.min.js?ver=2.6.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

85aa2e9c6d374fd0e1b3ceb32661a4690f2053fea75be500ac0f9b0589117279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:50:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/js/simpay-public-shared.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 underscore.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 19 KB
8 KB 27ms
16ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 19:33:19 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/underscore.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 backbone.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 23 KB
8 KB 27ms
17ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/backbone.min.js?ver=1.4.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bfa9441fac08fbebcfc65e202a788744aab8e4b1f634eaaf800256dce5012813

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/backbone.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api-request.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 1 KB
673 B 27ms
16ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/api-request.min.js?ver=745cae5d46390134dab018000e89ec78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/api-request.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-api.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 14 KB
4 KB 26ms
17ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/wp-api.min.js?ver=745cae5d46390134dab018000e89ec78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bdd9517fdb9df0b1631029d96536adb3a35cbdef273de0e877411c47af444f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/wp-api.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simpay-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/ 30 KB
9 KB 26ms
17ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/stripe/includes/core/assets/js/simpay-public.min.js?ver=2.6.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26a8af12d3cf5a92839123367f8a2f503960a81481bc44cb4ba9c9ff24b2d920

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:50:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/stripe/includes/core/assets/js/simpay-public.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js-cookie.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 27ms
19ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js?ver=2.2.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:54:00 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/js-cookie.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 uncode-privacy-public.min.js Show response
149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/ 3 KB
1 KB 29ms
20ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js?ver=2.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0aa9d1092b115b4ff46e8a46b5a11cca2b44aac23bf442bfee4d73ede19ceccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:54:00 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/plugins/uncode-privacy/assets/js/uncode-privacy-public.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 154 KB
38 KB 29ms
20ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-and-player.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 1 KB
621 B 29ms
21ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=745cae5d46390134dab018000e89ec78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/mediaelement-migrate.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/ 906 B
566 B 32ms
24ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=745cae5d46390134dab018000e89ec78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/mediaelement/wp-mediaelement.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 578 KB
160 KB 32ms
24ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/plugins.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 2.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/plugins.min.js>; rel="canonical"
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 app.min.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/ 175 KB
39 KB 32ms
25ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/js/app.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5c4976fe73a786bf224661d57dae28bea5e373d6c2fc8135bdcf51c28f16498b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode/library/js/app.min.js>; rel="canonical"
expires: Mon, 20 Dec 2021 23:38:10 GMT

GET
H2 200 main.js Show response
149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/ 1 KB
605 B 40ms
33ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/static/main.js?ver=1.16.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Fri, 03 Dec 2021 12:53:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-content/themes/uncode-for-fraud/static/main.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
149360532.v2.pressablecdn.com/wp-includes/js/ 1 KB
793 B 40ms
33ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-includes/js/wp-embed.min.js?ver=745cae5d46390134dab018000e89ec78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-ac: 1.yyz _atomic_dca
strict-transport-security: max-age=15552000
link: <http://fraud.net/wp-includes/js/wp-embed.min.js>; rel="canonical"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 177 KB
63 KB 110ms
50ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca13a42dd2efa22497ec09aab346fbc9d352d688a6cfcda402d1bf19dbdea83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64000
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 21:18:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 23:38:11 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 270 B
329 B 957ms
943ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2f8572d575f314fa354a075e206eafdce813a769c302ea9b46d4d8eead9d1a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 13 Dec 2021 23:38:11 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 2.yyz _atomic_dca
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 75ms
21ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=greek%2Cvietnamese%2Ccyrillic%2Cgreek-ext%2Clatin%2Ccyrillic-ext%2Clatin-ext&ver=2.5.0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 22:58:42 GMT
x-content-type-options: nosniff
age: 2369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 22:58:42 GMT

GET
H2 200 dc1a8256-5eef-4064-b547-fbee87165331 Show response
forms.hsforms.com/embed/v3/form/2113031/ 13 KB
3 KB 103ms
75ms Script
application/javascript 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2113031/dc1a8256-5eef-4064-b547-fbee87165331?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39c3d75f8cd9fc4a5323407cc61755b036bce5d2cb7f47cd3586a8cbad21e6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 365cd892-d1cd-4d20-9e9b-c748d5516c3c
cf-ray: 6bd3064b6ca4ca67-YUL
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B2EA81CD363A5D2D459AF325D091F04A491C843D7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 270 B
237 B 880ms
879ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6c422f3e1d3227e9b67ab0f7d5ea657ce38a5535015dbb29e29c2c027e24efab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 13 Dec 2021 23:38:11 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 2.yyz _atomic_dca
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
fraud.net/wp-admin/ 2 KB
491 B 904ms
903ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-admin/admin-ajax.php

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode-for-fraud/library/js/init.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c409ad15f6ea14b0c815d47032ed54c65c6ac57f3e1fdb72185c56bb2a133072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
host-header: Pressable
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 13 Dec 2021 23:38:12 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 2.yyz _atomic_dca
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 uncode-icons.woff2
149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/ 145 KB
146 KB 56ms
17ms Font
application/font-woff2 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff2

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d8685227ba656570ae56e1daa4b5a27c0f496168204b3eba649d55c76a2d242b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://149360532.v2.pressablecdn.com/wp-content/themes/uncode/library/css/uncode-icons.css
Origin: https://fraud.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:11 GMT
x-ac: 2.yyz _atomic_dca
last-modified: Fri, 03 Dec 2021 12:53:14 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/themes/uncode/library/fonts/uncode-icons.woff2>; rel="canonical"
content-length: 148772
expires: Mon, 20 Dec 2021 23:38:11 GMT

GET
H2 200 / Show response
fraud.net/wp-json/wp/v2/ 164 KB
8 KB 713ms
713ms XHR
application/json 199.16.172.83
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.net/wp-json/wp/v2/

Requested by

Host: 149360532.v2.pressablecdn.com
URL: https://149360532.v2.pressablecdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.172.83 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1dd093687f031bb4d51f22db1ed0c467cbef9e54d8fb9ceb8a84c443a59560c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
server: nginx
link: <https://fraud.net/wp-json/>; rel="https://api.w.org/"
date: Mon, 13 Dec 2021 23:38:11 GMT
allow: GET
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Cookie, Origin
access-control-allow-credentials: false
x-ac: 2.yyz _atomic_dca
host-header: Pressable
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 116ms
25ms Script
application/javascript 52.7.240.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.240.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-240-128.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 23:38:11 GMT
Last-Modified: Sat, 23 Oct 2021 02:33:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6173747c-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame 2432 240 B
959 B 23ms
22ms Document
text/html 13.225.214.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-95.ewr50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Mon, 13 Dec 2021 23:38:08 GMT
cache-control: max-age=60
etag: "f7902241893e7a497417843cb15dc858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-amz-cf-id: SCzOkRc3gHw3YtmbS7j2qxchBzJWgOZJoG6ULRRvIlg4mIq1BloNwA==
age: 3

POST
H2 200 csp-report
q.stripe.com/ Frame 2432 0
348 B 760ms
563ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 466
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
25ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4577
date: Mon, 13 Dec 2021 22:21:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 14 Dec 2021 00:21:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 107ms
49ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14333
x-xss-protection: 0
server: cafe
etag: 8469929769973419123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 23:38:11 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 84ms
27ms Script
application/x-javascript 2600:141b:13::1732:35c2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::1732:35c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 23:38:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=34832
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
11 KB 73ms
37ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90bd855f92aec63cef7a79cd868ffc8b0923a4eded158336fc3eb213fbe90166

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 21:48:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C455F80F8BC4B6CB4D6CC6E32780A8D Ref B: YMQ01EDGE0807 Ref C: 2021-12-13T23:38:11Z
etag: "0b35237fde6d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10224

GET
H2 200 hotjar-2001329.js Show response
static.hotjar.com/c/ 4 KB
2 KB 71ms
22ms Script
application/javascript 13.225.214.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-74.ewr50.r.cloudfront.net

Software

Resource Hash

4c494725a63aecfb451cc9cbca947ee434c03d5a758a861aea7be3d928e70199

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: EWR50-C1
x-cache-hit: 1
etag: W/780591f9f013ca9f115d21ce031ab9b5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1884
via: 1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
x-amz-cf-id: PCzzQJl2FSof4_dt2SY2shfd3aB7f-vPMyNoW3GTY_rQj6rgUmSF1A==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 47 KB
16 KB 84ms
31ms Script
text/javascript 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eef431caaf038231bd760cfb02bc99f7a6cf8b496703bc38ed9f3337ea19802a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: buqx9Ixn5Jcappa8vAvpi1PhQEs716Xq
Content-Encoding: gzip
Etag: W/"21456fcecffb49f383892fc6fcfebbfc"
Age: 3383
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
Last-Modified: Mon, 06 Dec 2021 21:01:54 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 22:41:48 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: L6eo-PrwEXNF6mpNa9gy9imHaXc4CigPehFszG2vqp2tEBYhmYWmtw==

GET
H2 200 2113031.js Show response
js.hs-scripts.com/ 2 KB
985 B 56ms
24ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2113031.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 451ac4a3888ade1f60a6836a9283608ec1b784a5cc40438f39fdd2aa05124137

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
cf-polished: origSize=2487
x-hubspot-correlation-id: 7abbd668-0244-40c6-be57-14bbc846822d
last-modified: Mon, 13 Dec 2021 22:54:03 GMT
server: cloudflare
x-trace: 2B26AAE96346B91EF7D64A9F2A9EFF19739A54AF08000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.net
expires: Mon, 13 Dec 2021 23:39:11 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6bd3064d38df4bb9-YUL
cf-bgj: minify

GET
H2 200 analytics.js Show response
media.fraud.net/shield/js/v1/ 98 KB
30 KB 112ms
22ms Script
application/javascript 54.230.162.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.fraud.net/shield/js/v1/analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVZ4N9X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-34.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:37:25 GMT
content-encoding: gzip
last-modified: Thu, 28 Feb 2019 18:42:24 GMT
server: AmazonS3
age: 46
etag: "7479109d61e7cc42fa7496c3a2a11d5e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7059c9fc065ed611eb4484ede494f845.cloudfront.net (CloudFront)
cache-control: max-age=300, no-transform, public
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-length: 30572
x-amz-cf-id: EVP3u1x2iHtE59UPSsNbzdpiYYffEjox0ft31iCvFiH7OU1xVHsfrA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 163ms
52ms Script
application/x-javascript 2a03:2880:f041:11:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f041:11:face:b00c:0:3 Denver, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: r5QPGS88FfBfp2ZmlbE9a+imjSW1ZdFo+q+Ro87MoJYom730PIn8o6voG6BnvAYRCG08UoAibcXdndmYUUOo1A==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 13 Dec 2021 23:38:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 60e76b46e4c4e9001293ca88 Show response
ws.zoominfo.com/pixel/ 1 KB
1 KB 156ms
102ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60e76b46e4c4e9001293ca88

Requested by

Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ee375c456c5b8dc5b78e3e61729cd5c237da74862f954a310e7592004f994472

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6bd3064da955ecf6-YUL
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ Frame E8BD 565 KB
143 KB 48ms
35ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb966db33412f37dd64a1a0f6a71fcb3753f4bb8d47861ca2efad938c0802a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 89
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Dec 2021 03:45:55 UTC
server: cloudflare
etag: W/"4346d76226aaf9e287787895e67a00d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ql5dmq1uqu0BQWudgzk6iOF5QoI6VqqM2dxujJnSS9%2BqMlrQ%2Fh6GOfUwF3neeH8k5w7nSqNQKqNG6gTE9bQsBVbrZm4mNDGzqOp1%2BnSJWuzsO9fxGzwot29h03nFiTVs6gcCPLv%2FzgkX7K5i"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: M3DEx7ofZjbXpKwMUSyc8h0q9vFCjwN2
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6bd3064d3cda7138-YUL
x-amz-cf-id: jTiMwTWqY2NwyxOuqrVzn76oc80wTuBPbCZQfRDx1zrMk_Ovk-JUzg==
x-hs-target-asset: FormsNext/static-5.426/bundles/project_with_deps.js

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2432 1 KB
1 KB 42ms
33ms Script
application/javascript 13.225.214.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-95.ewr50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31
x-cache: Hit from cloudfront
date: Mon, 13 Dec 2021 23:37:40 GMT
via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Cloudfront
etag: W/"5213886b88cd72e6d0aebc89868e5d13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: EWR50-C1
timing-allow-origin: *
x-amz-cf-id: Dqy_wQHrr-PIHKML4PS-6YcFC1_7y0uoip0DBpbJTsrvQHKM3m_Npg==

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 51ms
38ms Image
image/gif 52.7.240.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=5d2ff78cc994471481492bdc&h[resource]=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&h[referrer]=https%3A%2F%2Fwww.fraudnetmailer.com%2F&h[title]=Award-Wining%20Fraud%20Prevention%20%7C%20Get%20a%20Free%20Demo&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1639438691411

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.240.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-240-128.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 23:38:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Dec 2021 23:38:11 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 52ms
20ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 802919f100d6c4d9b60f706598988c11c18a6455327d5c316f3d450fc835f0fc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
via: 1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 73
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9481/bundles/project.js&cfRay=6bb01a8cef604bbe-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 09 Dec 2021 05:55:10 UTC
server: cloudflare
etag: W/"ab6bab38501f59ac0e74d2ab0ce8ec04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Opr6vabKuULKPwzQPVAVy.DEAc.ESqOr
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6bd3064dc8247139-YUL
x-amz-cf-id: D4ULHdMja7AE2CHTBqT1EahQU0tT_uS5naqaPTrtDGEfGI7MY2EXOg==
x-hs-target-asset: conversations-embed/static-1.9481/bundles/project.js

GET
H2 200 2113031.js Show response
js.hs-analytics.net/analytics/1639438500000/ 62 KB
20 KB 53ms
20ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1639438500000/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6430c91bc6bd0be0fcd4c34882f762b4267625d738b0ad19c77ae5a20d368b3e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 0
x-amz-server-side-encryption: AES256
x-amz-request-id: PM0JPA28Q385TRWY
x-amz-id-2: X0CgTCP1aBv86fVh6KQK3aSbTkRjIVNdgFx68HVCH0U5IXmF0gk7mNKvfzwglbe7DOAkVYVuKkY=
last-modified: Mon, 19 Jul 2021 14:20:15 GMT
server: cloudflare
etag: W/"57624c3065379878b363a9b35b9fa184"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 6bd3064dcdf07156-YUL
expires: Mon, 13 Dec 2021 23:43:11 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 57ms
24ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Origin: https://fraud.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
via: 1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 30965
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6bc0e1268c6a5eed-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6bd3064dce894bc5-YUL
last-modified: Fri, 10 Dec 2021 01:08:50 UTC
server: cloudflare
etag: W/"a20da5f3327ff62c3dfbc71571e4fc6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk.
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: -XTWDlLTbEODokWdytM11SEl7zZ3tm-cyLwR80QYYYaajBhAnMCCkw==
x-hs-target-asset: lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 82 KB
26 KB 63ms
23ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Origin: https://fraud.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
via: 1.1 68261aebcfc232344da2ef3bf1d3f9eb.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 30965
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.260/bundles/project.js&cfRay=6bc3736839ec54bb-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6bd3064ddb617154-YUL
last-modified: Tue, 07 Dec 2021 01:47:22 UTC
server: cloudflare
etag: W/"6a87c3fbb201ae0e1e27682863544b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: MgiHycm2IQFcF7nscbJ1l6RorgU5R2aj
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: n4rwubEirAB5ZhQbg_yfO7P0w845wkDlV7Ss2HiXEgv2gVDVhRnj_Q==
x-hs-target-asset: collected-forms-embed-js/static-1.260/bundles/project.js

GET
H2 200 2113031.js Show response
js.hs-banner.com/ 60 KB
16 KB 81ms
46ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2113031.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2113031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8545132e3cb981a9964c4773891ee0e1b9c9eee72ca40f462f560350659e0f47

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: S1Z05EXWJY0QDXNH
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 2EAp3hkGcGp5jl/FCrFEewPsecDpvvyCRe0v/iqpY1kUvHKrEHAUd446J531X5igfzZxL78TocQ=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 19:33:30 GMT
server: cloudflare
etag: W/"c6647e2c475af6bc267046354ffa7130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 0hGZDI5oR1pywfmwaym.IUhzsddqfp06
access-control-allow-origin: https://fraud.net
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6bd3064dd94d4bb8-YUL
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 13 Dec 2021 23:43:11 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B9F7 932 B
1 KB 51ms
10ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Mon, 13 Dec 2021 23:38:11 GMT
via: 1.1 varnish
age: 30
x-request-id: d6300bdb-09bc-4bf8-ba36-cce3a3036389
x-served-by: cache-yul12820-YUL
x-cache: HIT
x-cache-hits: 101
x-timer: S1639438691.493489,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 69ms
23ms Script
application/javascript 54.230.162.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-91.ewr53.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 460926
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1322f71561d45d48a5334ac75abd0c2f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: yb7fQbU5Xr5XEvo0M6gvIu7g_801J9KRkopiNVVk99L9ixduNTtoBQ==

GET
H2 200 4000327.js Show response
bat.bing.com/p/action/ 682 B
765 B 76ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4000327.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: cbc9e4c016291391cdc8b5fed3eb8e57b821c289874884783b24f1d60ce80ab7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4BE7F2C365E442380B84C1B296ECBB6 Ref B: YMQ01EDGE0807 Ref C: 2021-12-13T23:38:11Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 585

GET
H2 204 0
bat.bing.com/action/ 0
151 B 37ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4000327&tm=gtm002&Ver=2&mid=e600da1e-192d-4a8e-be5d-5a3ec63fc16c&sid=bbdc10205c6d11eca396c9b84bdfc110&vid=bbdd3cc05c6d11ec89420b54f18a3018&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Award-Wining%20Fraud%20Prevention%20%7C%20Get%20a%20Free%20Demo&p=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&r=https%3A%2F%2Fwww.fraudnetmailer.com%2F&lt=1666&evt=pageLoad&msclkid=N&sv=1&rn=432354
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF366286514846B5B71C88177B3E89AF Ref B: YMQ01EDGE0807 Ref C: 2021-12-13T23:38:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E8BD 3 KB
622 B 69ms
41ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 22:41:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 23:38:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 23:38:11 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D186217%26time%3D1639438691587%26url%3Dhttps%253A%252F%252Ffraud.net%252Fdemo-requ...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=186217&time=1639438691587&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=57a56d48-1001-4a2b-bd08-b1abfda524e9
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=57a56d48-1001-4a2b-bd08-b1abfda524e9&_expected_cookie=6ea8d392052faaf7f59c7223...

43 B
142 B

40ms
38ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=57a56d48-1001-4a2b-bd08-b1abfda524e9&_expected_cookie=6ea8d392052faaf7f59c7223765ee699
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6bd306532c53ca4b-YUL
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=57a56d48-1001-4a2b-bd08-b1abfda524e9&_expected_cookie=6ea8d392052faaf7f59c7223765ee699
date: Mon, 13 Dec 2021 23:38:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6bd30652dc25ca4b-YUL
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

POST
H2 200 csp-report
q.stripe.com/ Frame B9F7 0
122 B 758ms
757ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
x-envoy-upstream-service-time: 659
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame B9F7 0
123 B 501ms
500ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.fraudnetmailer.com
URL: https://www.fraudnetmailer.com/external_pages/clickTracker.aspx?cid=66646953&sid=1428179&lid=4175862&o=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
x-envoy-upstream-service-time: 403
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame C568 2 KB
1 KB 63ms
19ms Document
text/html 13.225.214.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2001329.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-66.ewr50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-amz-cf-id: mrScQhh1cEhlNeGJkZfDVHaBL8PESvULyynyLqrC2YjG8WnAvXoJMg==
age: 978305

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HVT2SOYWOBESJB535C7MUS/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

21ms
21ms

Script
application/javascript

2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 249557823ab8e41dec2ed10311f8ff98.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 16515
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 19:02:56 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 3WvWeCwaudkDVuhA8NTlCX0XSHZ2KSXoTs4MHD7PgFxXu7mOcnhWIw==

Redirect headers

Date: Mon, 13 Dec 2021 07:03:49 GMT
Via: 1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
Age: 59662
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: OQ6L8dCSTXj7W62ubh5OkCrtxeBSy0grd71dG5JWNrKsrMo1oKVwBA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

20ms
20ms

Script
application/javascript

2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 249557823ab8e41dec2ed10311f8ff98.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 10680
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 20:40:11 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uP9fQ8sTNkpgq_0ZrIrLioFyHR_3KHpPz0dtpSG9Xi2F3UCHLiuHaA==

Redirect headers

Date: Mon, 13 Dec 2021 07:03:49 GMT
Via: 1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
Age: 59662
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: HB71KrubmJx0TB-pXsWT4Du_ulAgtjLuxpgQJbV_UcognnHXBwlswA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/ 0
786 B 64ms
20ms Script
text/javascript 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: KHSj5c.2mbMz9IPiAhI3jfo0VXjY7Lli
Via: 1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 1230
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 11 Dec 2021 11:00:05 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 23:23:11 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: TGePDwnQddJ1pJIKa08IvaGhCYHhuLT3eWsMxotYbQcP2_LGYc5sEg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/ 3 KB
2 KB 99ms
50ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998743206/?random=1639438691607&cv=9&fst=1639438691607&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&ref=https%3A%2F%2Fwww.fraudnetmailer.com%2F&tiba=Award-Wining%20Fraud%20Prevention%20%7C%20Get%20a%20Free%20Demo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ebf754c969f50dfdaf6898186c688d37130b4964da92f6a811d5b15cef57eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 97 KB
37 KB 75ms
46ms Script
application/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PGJR3MN&t=gtm4&cid=1169040477.1639438692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

431d857d985d9dc839f6f3f7dccac1c5daf46e7209dab9fcd54b8c0113d5fed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38196
x-xss-protection: 0
expires: Mon, 13 Dec 2021 23:38:11 GMT

OPTIONS
H2 200 tp2
device.fraud.net/com.snowplowanalytics.snowplow/ Frame 0
0 88ms
24ms Preflight 52.70.137.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.137.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-137-221.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-length: 0
access-control-allow-origin: https://fraud.net
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
device.fraud.net/com.snowplowanalytics.snowplow/ 2 B
331 B 82ms
25ms XHR
text/plain 52.70.137.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://device.fraud.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: media.fraud.net
URL: https://media.fraud.net/shield/js/v1/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.137.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-137-221.compute-1.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 13 Dec 2021 23:38:11 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame E8BD 16 KB
16 KB 45ms
20ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fraud.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 22:28:21 GMT
x-content-type-options: nosniff
age: 176990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 11 Dec 2022 22:28:21 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 86ms
58ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2113031&conversations-embed=static-1.9481&mobile=false&messagesUtk=3e68b838fb954f7aaaac949613a1250a&traceId=3e68b838fb954f7aaaac949613a1250a&referrer=https%3A%2F%2Fwww.fraudnetmailer.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://fraud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6bd3064f3c49ecea-YUL
access-control-allow-origin: https://fraud.net
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 18e1f9ed-593d-4a9e-9842-c4e93b4fa583
x-trace: 2BF408BD19085F31606F6B1D08B24306ACC5F3E6F3000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybNqeGOZCcQEknpYKPLkvMYT3V3uWsFQ2gJEktRFZLon%2BNY3TN4PFBQVOWSLR9gsqoiM88%2BHe%2FC7kO5ebKyopHRZMSv2SAHhOoAQnBRpewHyeeeMWjoQGHVJMnznMDZzXzgj9tKrttoTZIANZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 411 B
1 KB 82ms
68ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69ee0541551d66400ed43b2e36abf32e2fb5ca8f89b75ee83f9226ebc9816f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
X-HubSpot-Messages-Uri: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ad3a09d7-725f-4d60-b6bd-cfb7809d6276
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 298
server: cloudflare
x-trace: 2B249B25A8E9D47311E644E18EC3C913D520499139000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEhV14jmSl7gnLi3DctahW2uQtMncQ5YM24mPgpYmK9%2BdGWhKmydHV9%2FNcMstiYEhKwskYt2jFVW3OUDFSY%2BhP9UCxtU6onmjge9fQu5n2DjTZncDdN%2FX5BPhTW7w5dM0RWJTNlyfby1p79wwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6bd3064fbabd715a-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 clarity.js Show response
b.clarity.ms/s/0.6.30/ 52 KB
22 KB 123ms
39ms Script
application/javascript 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/s/0.6.30/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4000327.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:10 GMT
content-encoding: br
etag: "1d7ed4598a2cbb1"
last-modified: Thu, 09 Dec 2021 21:42:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=365D6E35F701423B954C182CDEFE21AA&RedC=c.clarity.ms&MXFR=231F12C4C473681532CF03C8C07366C9
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=365D6E35F701423B954C182CDEFE21AA&MUID=03A83655BE0A6A293D352759BF726B2A

42 B
441 B

76ms
75ms

Image
image/gif

40.91.78.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=365D6E35F701423B954C182CDEFE21AA&MUID=03A83655BE0A6A293D352759BF726B2A
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Server: 40.91.78.9 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:11 GMT
last-modified: Fri, 05 Nov 2021 17:18:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "bf4ee43669d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D05756C7EBD4493B59B88B597A14C15 Ref B: YMQ01EDGE0807 Ref C: 2021-12-13T23:38:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=365D6E35F701423B954C182CDEFE21AA&MUID=03A83655BE0A6A293D352759BF726B2A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 1567786626743241 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 108ms
55ms Script
application/x-javascript 2a03:2880:f041:11:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1567786626743241?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f041:11:face:b00c:0:3 Denver, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65e6823488ccbbe14fa92b58d3e13f9dbd23a08b178eecd22a5652766b806147

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88849
x-xss-protection: 0
pragma: public
x-fb-debug: bPyppRi0qww+EAdj6RBYjKc+CUvFDmMZxTmX1NPNDzCRUym8Zwk5bqElHm1DJRuFqOaYl3knfXfe0m5eMhHnRw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Dec 2021 23:38:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame B9F7 85 KB
16 KB 12ms
12ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 12
x-cache: HIT
content-length: 15786
x-request-id: 22b99952-198a-49cb-ae60-b532b09afdf4
x-served-by: cache-yul12820-YUL
server: Fastly
x-timer: S1639438692.795867,VS0,VE0
date: Mon, 13 Dec 2021 23:38:11 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 39

GET
H2 200 HVT2SOYWOBESJB535C7MUS Show response
d.adroll.com/consent/check/ 396 B
866 B 81ms
24ms Script
application/javascript 35.174.191.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HVT2SOYWOBESJB535C7MUS?arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&_s=e28c714fa4f34b546686fa9412179950&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.191.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-191-125.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 2e5c59841ff62b14162e3457b02369703e69bd7618cf6d2fca4a9ffdbc6200db

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:11 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 396
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
675 B 45ms
44ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2113031&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cbc70984-e202-484d-b190-18df16160926
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4d5rj6zHHlpHi2s%2FrthklgtezO%2BxdDiJNd4FqFdCPykt0LFRkzTNc84XajNakaLnajF60GsgvhTJJ21lWeRuk0EUAPqj0R%2FqqSXYUzkumM1zIrx992doOiQnPqAeywHe5sBmW8QaIFDfzRsBWu%2FQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6bd306501d17ecea-YUL
access-control-allow-headers: *

GET
H2 200 /
www.google.com/pagead/1p-user-list/998743206/ 42 B
548 B 88ms
39ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998743206/?random=1639438691607&cv=9&fst=1639436400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&ref=https%3A%2F%2Fwww.fraudnetmailer.com%2F&tiba=Award-Wining%20Fraud%20Prevention%20%7C%20Get%20a%20Free%20Demo&async=1&fmt=3&is_vtc=1&random=823488204&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/998743206/ 42 B
548 B 92ms
42ms Image
image/gif 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/998743206/?random=1639438691607&cv=9&fst=1639436400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&ref=https%3A%2F%2Fwww.fraudnetmailer.com%2F&tiba=Award-Wining%20Fraud%20Prevention%20%7C%20Get%20a%20Free%20Demo&async=1&fmt=3&is_vtc=1&random=823488204&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 45ms
43ms XHR
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=302772247&t=pageview&_s=1&dl=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&dr=https%3A%2F%2Fwww.fraudnetmailer.com%2F&ul=en-us&de=UTF-8&dt=Award-Wining%20Fraud%20Prevention%20%7C%20Get%20a%20Free%20Demo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1530940688&gjid=1220393631&cid=1169040477.1639438692&tid=UA-35675858-1&_gid=1545709802.1639438692&_r=1&gtm=2wgc10WVZ4N9X&z=138235264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fraud.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
494 B 65ms
50ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: cf488687-029a-485b-8e6c-dcae1351a9b2
x-trace: 2B22B7B5D536DFA44D5221934064D64F97CA40A460000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6bd306514c044bd1-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H2 200 Demo_Statistic_Block.jpg
149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/ 27 KB
27 KB 19ms
18ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149360532.v2.pressablecdn.com/wp-content/uploads/sites/2/2021/09/Demo_Statistic_Block.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

eebf55d77e0020adb5ce3be26cba1a23d6f3baa347c585f9010f18c99d01b519

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 13 Dec 2021 23:38:12 GMT
x-ac: 2.yyz _atomic_dca
last-modified: Tue, 07 Sep 2021 19:07:16 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://fraud.net/wp-content/uploads/sites/2/2021/09/Demo_Statistic_Block.jpg>; rel="canonical"
content-length: 27162
expires: Mon, 20 Dec 2021 23:38:12 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame B9F7 156 B
523 B 295ms
104ms XHR
application/json 52.40.8.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.8.68 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-8-68.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c11aab2534a94b3a41cd860787084cfd482a31e95db46e5821fbde65acc3cda6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 162ms
53ms Image
image/gif 2a03:2880:f141:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1567786626743241&ev=PageView&dl=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&rl=https%3A%2F%2Fwww.fraudnetmailer.com%2F&if=false&ts=1639438692141&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639438692139.18933057&it=1639438691728&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f141:82:face:b00c:0:25de Denver, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 13 Dec 2021 23:38:12 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
89 B 43ms
43ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: b.clarity.ms
URL: https://b.clarity.ms/s/0.6.30/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 13 Dec 2021 23:38:11 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 ctx.v1.1.min.js Show response
s.dca0.com/ 6 KB
2 KB 61ms
19ms Script
application/javascript 54.230.162.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dca0.com/ctx.v1.1.min.js?1635953272
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.162.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-162-15.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14a3a7e077c77e3180a74584291e139dd0301b610fe5ec6888fdba19e7e8781c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:37:59 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 16:48:23 GMT
server: AmazonS3
age: 13
etag: W/"1ef4dd0ba87baa7e952ed9b8e839b84e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29cdae592cbcdf154c4515153175497f.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: yMsc7bj1Ok70hU_wziNCkKxZjlNaBn0Rpi83rWAwi_vIDjOZ7kurlw==

GET
H/1.1

200
OK

6SMH2DHXINFNDD52UNEEKG.js Show response
s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/
Redirect Chain

https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dcl...
https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js

5 KB
2 KB

23ms
21ms

Script
text/javascript

2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8409097810be7150a9e804cfc8e430a219a60d28afc5ae443ec992c320540d79

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: oa1FzQjeu3VuDDAjc8pW4PZuLPXcCIvn
Content-Encoding: gzip
Etag: W/"53491973916f3f557000134edf135605"
Age: 1231
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 249557823ab8e41dec2ed10311f8ff98.cloudfront.net (CloudFront)
Last-Modified: Fri, 20 Aug 2021 19:59:50 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 23:23:13 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fX2_ZNmZQ2jFhTbLPYsnGlo9gma_rdl4s5mOVA8iypAY15aYSbl3Hw==

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *fraud.net/*
date: Mon, 13 Dec 2021 23:38:12 GMT
x-segment-eid: 6SMH2DHXINFNDD52UNEEKG
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM/6SMH2DHXINFNDD52UNEEKG.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: FN Homepage
x-pixel-eid: ML43PNVWLZH6BAVX2UYHRM
x-segment-name: d1dcd5e9
x-advertisable-eid: HVT2SOYWOBESJB535C7MUS
content-length: 0
x-conversion-currency

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2001329/ 146 B
323 B 320ms
110ms XHR
application/json 52.210.84.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2001329/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.84.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-84-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK onsiteloader.js Show response
s.adroll.com/onsite_personalization/production/0.1/loader/ 2 KB
2 KB 29ms
28ms Script
application/javascript 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&pv=99882027322.67151&cookie=&adroll_s_ref=https%3A//www.fraudnetmailer.com/&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: jCG0Y9XUUOQKBmsnFB0TVFtRkjlhb5c.
Content-Encoding: gzip
Etag: W/"73534cc70057d4d96ec3c5a56ad5d4ef"
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 23:38:12 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 249557823ab8e41dec2ed10311f8ff98.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: tXNo5qYtZPbOLWW8ptxn5ijuzJmCi6C7C7s_6jhNeBEe9uKkOg8nbw==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
4 KB 23ms
22ms Script
text/javascript 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/HVT2SOYWOBESJB535C7MUS/ML43PNVWLZH6BAVX2UYHRM?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&pv=99882027322.67151&cookie=&adroll_s_ref=https%3A//www.fraudnetmailer.com/&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: UrPMxdhqju2JKludk3zDj0ATEn0Uyopq
Content-Encoding: gzip
Etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
Age: 1069
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
Last-Modified: Tue, 07 Dec 2021 19:45:50 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 23:20:24 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -po6iVh0pe6iRSN7j6MxmCwEU2H0q639MdWywIiFSlZLqpWUqXXz5A==

GET
H3 200 411617989444864 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 53ms
52ms Script
application/x-javascript 2a03:2880:f041:11:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/411617989444864?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f041:11:face:b00c:0:3 Denver, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e23806095adb1dfe910365793ee0088d34e5ff4aedbc835a1542ab0106666d79

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88827
x-xss-protection: 0
pragma: public
x-fb-debug: CNA8s/OwlS4zmetHp4S0Vgu2/PaG1pzx5+/dynLESJiqUNfQ5Hy1dpSEtGSVDfJsDEAetBWooeLZiwwrRzLq/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Dec 2021 23:38:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_camp...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expiration=1670974692
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expiration=1670974692&C=1

43 B
1 KB

28ms
27ms

Image
image/gif

184.29.129.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expiration=1670974692&C=1
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Server: 184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-7.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 23:38:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 23:38:12 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 23:38:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expiration=1670974692&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 13 Dec 2021 23:38:12 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expires=365

42 B
798 B

329ms
82ms

Image
image/gif

8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expires=365
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&expires=365
pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_c...
https://pixel.advertising.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPbc6997da-5c6d-11ec-a55d-02...

0
689 B

82ms
28ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPbc6997da-5c6d-11ec-a55d-0292bfa562bf

Requested by

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPbc6997da-5c6d-11ec-a55d-0292bfa562bf
date: Mon, 13 Dec 2021 23:38:12 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_c...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

0
477 B

83ms
22ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 23:38:12 GMT
Cache-Control: no-cache
X-TraceId: 2c064eaff5584288fe4ba2d69e915664
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_c...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
547 B

79ms
25ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-store, no-cache, private
x-lat: va1pug005:0:395
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_ca...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

0
221 B

63ms
19ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9537

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm...
https://eb2.3lift.com/xuid?mid=4714&xuid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
352 B

27ms
27ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign...
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
444 B

98ms
32ms

Image
text/plain

2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Protocol

Server

2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign...
https://x.bidswitch.net/sync?dsp_id=44&user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

43 B
510 B

45ms
44ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 23:38:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
Date: Mon, 13 Dec 2021 23:38:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign...
https://ib.adnxs.com/setuid?entity=172&code=OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

43 B
1 KB

22ms
21ms

Image
image/gif

68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg

Requested by

Protocol

HTTP/1.1

Server

68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 23:38:12 GMT
X-Proxy-Origin: 37.120.205.166; 37.120.205.166; 564.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 0f6e165b-02ec-4aca-bb6e-5052dff403d6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 23:38:12 GMT
X-Proxy-Origin: 37.120.205.166; 37.120.205.166; 564.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: a9d615b9-1df3-4ef4-8273-5f7b9c4979b1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DOWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

px
p.adsymptotic.com/d/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign...
https://idsync.rlcdn.com/377928.gif?partner_uid=9ea457b69996fa3a9aa8e9d6bbe3ac58
https://pippio.com/api/sync?pid=5324&_=2
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d

43 B
97 B

44ms
43ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6bd306546da6ca4b-YUL
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

date: Mon, 13 Dec 2021 23:38:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=9ea457b69996fa3a9aa8e9d6bbe3ac58
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9ea457b69996fa3a9aa8e9d6bbe3ac58

43 B
61 B

46ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9ea457b69996fa3a9aa8e9d6bbe3ac58
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9ea457b69996fa3a9aa8e9d6bbe3ac58
date: Mon, 13 Dec 2021 23:38:12 GMT
via: 1.1 google
server: OXGW/16.221.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=nqRXtpmW-jqaqOnWu-OsWA
https://d.adroll.com/cm/g/in

42 B
538 B

29ms
29ms

Image
image/gif

35.174.191.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: fraud.net
URL: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Protocol: H2
Server: 35.174.191.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-191-125.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 23:38:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cluster-id Show response
11a6b76b-9acd-604e-3ff1-9d6f591369c2.z1.dca0.com/api/ 15 B
115 B 380ms
94ms XHR
text/plain 50.112.217.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://11a6b76b-9acd-604e-3ff1-9d6f591369c2.z1.dca0.com/api/cluster-id?uid=2c87c211-964e-0f40-edb5-04d3e75ad01c
Requested by: Host: s.dca0.com
URL: https://s.dca0.com/ctx.v1.1.min.js?1635953272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.217.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-217-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1a705253fc73b53f33e32ff67c743cb5c2b47b9cd549c61c634d0ad3bea22e80

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 23:38:12 GMT
content-length: 15
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK main.39c29e42.js Show response
s.adroll.com/onsite_personalization/production/0.1/static/js/ 337 KB
100 KB 60ms
20ms Script
application/javascript 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ba04f59e1ace305fc96df31e6419048e24808c3a321a78a8fa7c016cffabd0

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Origin: https://fraud.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: yVR5Sd_RfsEZHtWqCP10342E._wEjGM2
Content-Encoding: gzip
Etag: W/"808ad987f5fe2b621fd1c0f22d30edcb"
Age: 79975
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Via: 1.1 34d27d5dec8d9c8d04bc61d1e0056be3.cloudfront.net (CloudFront)
Last-Modified: Fri, 10 Dec 2021 09:32:44 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 01:25:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: X-0AyXzO20dxTl7D8sU_C0uMC-T94cV7ap2KVfUwxkjqRZCWyT4Opg==

GET
H/1.1 200
OK main.2a90a3dd.css
s.adroll.com/onsite_personalization/production/0.1/static/css/ 25 KB
4 KB 320ms
320ms Stylesheet
text/css 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/css/main.2a90a3dd.css
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: stG5rI47SkR3xxZTGnejIIBdHw6mvWlq
Content-Encoding: gzip
Etag: W/"3b96be16936102d8935969d4c53c212f"
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 23:38:13 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Via: 1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: aAaL4f-AmXEo-TajvBnUXdd-qemopIe9RU56GC2H0iYacOHMHR0X4Q==

POST
H2 204 collect Show response
b.clarity.ms/ 0
25 B 62ms
61ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: b.clarity.ms
URL: https://b.clarity.ms/s/0.6.30/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 13 Dec 2021 23:38:11 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 110ms
53ms Image
image/gif 2a03:2880:f141:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=411617989444864&ev=PageView&dl=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&rl=https%3A%2F%2Fwww.fraudnetmailer.com%2F&if=false&ts=1639438692365&cd[segment_eid]=6SMH2DHXINFNDD52UNEEKG&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=29&fbp=fb.1.1639438692139.18933057&it=1639438691728&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f141:82:face:b00c:0:25de Denver, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 13 Dec 2021 23:38:12 GMT

GET
H/1.1 200
OK no_builder_customizations.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 B
752 B 293ms
293ms XHR
binary/octet-stream 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/no_builder_customizations.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: Qq4r8F1tiHtgStZBEhtkqfS84yGuBoes
Via: 1.1 34d27d5dec8d9c8d04bc61d1e0056be3.cloudfront.net (CloudFront)
Etag: "99914b932bd37a50b983c5e7c90ae93b"
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 2
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 23:38:13 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ByOJ9LYy6feZmBI-QWVJMnsGmXxQHowXIEKBDGejfYmkJz-16xzhwQ==

GET
H/1.1 200
OK config.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/ 2 KB
2 KB 356ms
311ms XHR
binary/octet-stream 2600:9000:21da:8a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/HVT2SOYWOBESJB535C7MUS/config.json
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: gdsCJ91e36preZqcIA6RaB5svplwGuhr
Via: 1.1 151ae48d84442f69dffa181fc68bc1da.cloudfront.net (CloudFront)
Etag: "04a72a37c10f648fb8263045b284cb6c"
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 1697
Last-Modified: Tue, 07 Sep 2021 06:39:56 GMT
Server: AmazonS3
Date: Mon, 13 Dec 2021 23:38:13 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: izoEU58UfnUr_CSs2Dvyjj0KYu5lzAt00DsjUNPBbd621auSLOUBOA==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
555 B 75ms
46ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=dc1a8256-5eef-4064-b547-fbee87165331&fci=fa4a97c7-1ac4-407e-aba4-8a778338021a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F&r=https%3A%2F%2Fwww.fraudnetmailer.com%2F&pu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&t=Award-Wining+Fraud+Prevention+%7C+Get+a+Free+Demo&cts=1639438692659&vi=81ccfef35ab112eff4774e1cc3d9a193&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 72c59269-ed98-40c0-a1b7-78a6eeb68529
cf-ray: 6bd306556bd67150-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfqjY%2Bne0oyYITL2XtCQiIQey%2F2vhal0WxvieQsTIu6orsQo2eXMqHUJkXg6MBwzKQG3fE938fmsxYZT7YLnB7cfZnWf%2BEJddiW6%2BZLBS5aAmVrRPS6TaLKWoLbF3%2B3Q0g45rHaPnu6CeSKsk%2FrA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
998 B 74ms
45ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=dc1a8256-5eef-4064-b547-fbee87165331&fci=fa4a97c7-1ac4-407e-aba4-8a778338021a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F&r=https%3A%2F%2Fwww.fraudnetmailer.com%2F&pu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&t=Award-Wining+Fraud+Prevention+%7C+Get+a+Free+Demo&cts=1639438692661&vi=81ccfef35ab112eff4774e1cc3d9a193&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 72247c90-7f91-4001-a23f-9b7a77f0799c
cf-ray: 6bd306556bd77150-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCetVvwv5nQy183UjY9cX3WvDXNSuG3qw1suNmGJWZj2z8eSpcY6y8byoqAtiNSCQLvN74sXAJgSNPvUD%2BBE8wc1rFNugMfZqcaQfAtmmVZuDmrRZV42YUoggYmovCXCmnan2lcfIK1FIcT%2B2Ucm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
550 B 79ms
50ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F&r=https%3A%2F%2Fwww.fraudnetmailer.com%2F&pu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&t=Award-Wining+Fraud+Prevention+%7C+Get+a+Free+Demo&cts=1639438692668&vi=81ccfef35ab112eff4774e1cc3d9a193&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5196d819-e74d-4b50-b31d-3cadac3cd152
cf-ray: 6bd306556bd87150-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JySdxT5ZejuP6N%2FD0bo1Qcqp7aiL7Zc9uXj88wTR6sbcbcy8KKMTsu5dDGkfUHp4VsHCAeIcQ8MDsbj8TTNZGW3p%2Bw3kllHmHQgo1W88lFp6R9KqqyOvPTBl5mFoFiNttju0MwAQ7g3ljjYL0F3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 200 HVT2SOYWOBESJB535C7MUS
d.adroll.com/pex/ 42 B
124 B 27ms
26ms Ping
image/gif 35.174.191.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pex/HVT2SOYWOBESJB535C7MUS?adroll_fpc=68693c978ec79abf47ae495d5714e376-1639438692173&arrfrr=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&xid_ch=f&ev=xidctx&es=%7BSrk-kLH-T-Smk%7D&esv=&pv=99882027322.67151
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.191.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-191-125.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
server: nginx/1.20.0
content-length: 42
content-type: image/gif

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
460 B 44ms
44ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 7e886abb-ecc6-4c3f-b2f8-0cd6cee8ae9a
x-trace: 2BD35794312904A51EA34FFD0EAA6E805EBBDAADF0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6bd3065569b94bd1-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 016F 0
15 B 53ms
52ms Document
text/plain 2a03:2880:f141:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f141:82:face:b00c:0:25de Denver, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://fraud.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953

Response headers

content-type: text/plain
access-control-allow-origin: https://fraud.net
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 13 Dec 2021 23:38:12 GMT

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 3 KB
2 KB 76ms
76ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2113031&utk=81ccfef35ab112eff4774e1cc3d9a193&__hstc=57037109.81ccfef35ab112eff4774e1cc3d9a193.1639438692655.1639438692655.1639438692655.1&__hssc=57037109.1.1639438692656&referrer=https%3A%2F%2Fwww.fraudnetmailer.com%2F&currentUrl=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194d0acf151d41b2855363b73ebe3ac7e4a5f830a6f8edd2b46422e9ffb2f4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6b8333f4-bf9a-4582-a3e6-957e6fffec1e
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XzR48Pf8i8OUU2QVskwP8PD1N0%2FahMBArXMaHlGIVbOBXXajSXKkSqXI%2FKAboUAkxkLFez%2BTi3Kepmp5QkhC70YLp%2B2O82GnvLGkJZwLbpxQrLCKLQAsflMEHwoHfj6ZMdwSKOo5%2Bss2jp4HxJg"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6bd306557b34715a-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
785 B 62ms
47ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=bc9192b5-f06a-4140-b0db-e8af13b64bb6&lfi=2677081&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=2113031&rcu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F&r=https%3A%2F%2Fwww.fraudnetmailer.com%2F&pu=https%3A%2F%2Ffraud.net%2Fdemo-request%2F%3Futm_source%3Dclickback%26utm_medium%3Demail%26utm_campaign%3Denterprise-grade%26utm_term%3Dmass%26utm_content%3Dclickback-enterprise-grade%26sid%3D1428179%26rID%3D66646953&t=Award-Wining+Fraud+Prevention+%7C+Get+a+Free+Demo&cts=1639438692794&vi=81ccfef35ab112eff4774e1cc3d9a193&nc=true&u=57037109.81ccfef35ab112eff4774e1cc3d9a193.1639438692655.1639438692655.1639438692655.1&b=57037109.1.1639438692656&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 23:38:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 223edfec-c93a-4160-9fa5-5829aa2d3f8e
cf-ray: 6bd306561fb1ca5f-YUL
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=au%2B2jeKVqvoTdjwn%2B9DZbK2pnblrXh5T6VgAuCltSzQsuzIqa2gSNnoLOEpxQfUz26VO%2Bbi7n%2FXPR7Sl%2BXusCV5K4Dm6zkHRvLwoX4S%2BlzpX4euq%2FoHV07ElcLnDiU7%2F%2FFqEmjUryatfuxFyQ55%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 Logos%2c%20Square%20Dimension%20Promos%20(1).gif
f.hubspotusercontent30.net/hubfs/2113031/ 214 KB
215 KB 190ms
40ms Image
image/gif 2606:4700::6810:b972

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent30.net/hubfs/2113031/Logos%2c%20Square%20Dimension%20Promos%20(1).gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b972 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a14bf160a8f122e234ba8a8d83f8d9b4b5fb4d33622eff078c790b55496795c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-61400955732,P-2113031,FLS-ALL
age: 146474
x-amz-server-side-encryption: AES256
edge-cache-tag: F-61400955732,P-2113031,FLS-ALL
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 9EE13QYYB0P2SXN8
cf-bgj: imgq:85,h2pri
etag: "0692784a5fb020c3f35ad14fe7006521"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1638902569825
date: Mon, 13 Dec 2021 23:38:13 GMT
via: 1.1 44500049c6ef1f11906a2f915943ffbf.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YTO50-C2
x-hs-alternate-content-type: text/plain
cf-polished: status=not_needed
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: none
content-length: 218925
x-amz-id-2: ATREDNioFWgBlbzcILBHnoCp7Z0s/AUiF3wA49qOunup9+H1pc0E+Fkq/gR/EQdmj94lQMwpTmc=
last-modified: Tue, 07 Dec 2021 18:42:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: tNiISK2xH1CPRX0hd1p79dwLTA3o3P_R
accept-ranges: bytes
cf-ray: 6bd3065d3c85ecfe-YUL
x-amz-cf-id: hJ6gzpzyd3Ffatx_dyCNokyGgKk4V5pPbYsabywZKxPI1gKP04eGsg==

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 43ms
43ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: b.clarity.ms
URL: https://b.clarity.ms/s/0.6.30/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fraud.net/demo-request/?utm_source=clickback&utm_medium=email&utm_campaign=enterprise-grade&utm_term=mass&utm_content=clickback-enterprise-grade&sid=1428179&rID=66646953
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://fraud.net
date: Mon, 13 Dec 2021 23:38:13 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fraudnetmailer.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDAUTTCDRT Value: BLEJPAHDKALEKGMINFBMJPKC
fraud.net/	1970-01-20 08:09:34	Name: uncode_privacy[consent_types] Value: %5B%5D
.fraud.net/	1970-01-20 01:33:34	Name: _gcl_au Value: 1.1.1585004402.1639438691
fraud.net/	1970-01-19 23:24:02	Name: _gauges_unique_hour Value: 1
fraud.net/	1970-01-19 23:25:25	Name: _gauges_unique_day Value: 1
fraud.net/	1970-01-20 00:08:37	Name: _gauges_unique_month Value: 1
fraud.net/	1970-01-20 08:09:34	Name: _gauges_unique_year Value: 1
fraud.net/	1970-01-20 08:09:34	Name: _gauges_unique Value: 1
.bing.com/	1970-01-20 08:45:34	Name: MUID Value: 03A83655BE0A6A293D352759BF726B2A
.bat.bing.com/	1970-01-19 23:34:03	Name: MR Value: 0
.fraud.net/	1970-01-19 23:25:25	Name: _uetsid Value: bbdc10205c6d11eca396c9b84bdfc110
.fraud.net/	1970-01-20 08:45:34	Name: _uetvid Value: bbdd3cc05c6d11ec89420b54f18a3018
.ws.zoominfo.com/	1970-01-20 08:09:34	Name: visitorId Value: 999562917401169c5202db248a95a5ce2884ecf5dc9efc164b158646c5ed5fe1
.fraud.net/	1970-01-20 16:55:10	Name: _ga Value: GA1.2.1169040477.1639438692
.fraud.net/	1970-01-19 23:25:25	Name: _gid Value: GA1.2.1545709802.1639438692
fraud.net/	1970-01-19 23:24:00	Name: _sp_ses.c750 Value: *
fraud.net/	1970-01-20 16:55:10	Name: _sp_id.c750 Value: d1516156-9126-4a1f-af81-d1b2dc4997d3.1639438692.1.1639438692.1639438692.e0aca6e6-b487-4bf5-b486-182b0c1172e1
.linkedin.com/	1970-01-20 01:33:34	Name: li_sugr Value: 57a56d48-1001-4a2b-bd08-b1abfda524e9
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:55:52	Name: bcookie Value: "v=2&55b77431-1084-4450-8adc-1393335464ac"
.linkedin.com/	1970-01-19 23:25:25	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2372:u=1:x=1:i=1639438691:t=1639525091:v=2:sig=AQGHBQSRfO6bf5QNmSWbe62vYx_EDsHT"
.fraud.net/	1970-01-20 08:09:34	Name: sp Value: 3996fff3-cc5f-46cf-b057-47460f9f5cdd
.linkedin.com/	1970-01-20 00:07:10	Name: UserMatchHistory Value: AQITY-BgZqd5_gAAAX22KS4Imn6xnj3hg-N_age1WjcfFFP7WDLZZJ69RursMOFP6kFe5PFmM0m4XQ
.linkedin.com/	1970-01-20 00:07:10	Name: AnalyticsSyncHistory Value: AQLJr3OOkm3jKgAAAX22KS4IC_3gDtVcHrmSbtHASxOZe0TT17ojsj5Nk8mlLYsBVTqsspg1bRQ47lsT4ehrMQ
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:55:52	Name: bscookie Value: "v=1&202112132338119a2e6576-1257-4c1e-8e0d-b451de52a7e6AQHNysmqOKEdXe2ZunzG8Hyk_nrayI97"
.fraud.net/	1970-01-20 08:09:34	Name: _clck Value: inr1ei\|1\|ex8\|0
.fraud.net/	1970-01-19 23:23:58	Name: _gat_UA-35675858-1 Value: 1
.c.bing.com/	1970-01-19 23:34:03	Name: MR Value: 0
.c.bing.com/	1970-01-20 08:45:34	Name: SRM_B Value: 03A83655BE0A6A293D352759BF726B2A
.fraud.net/	1970-01-20 01:33:34	Name: _fbp Value: fb.1.1639438692139.18933057
.fraud.net/	1970-01-20 08:09:56	Name: __adroll_fpc Value: 68693c978ec79abf47ae495d5714e376-1639438692173
.fraud.net/	1970-01-20 08:09:34	Name: _hjSessionUser_2001329 Value: eyJpZCI6IjQ3NWQwY2M1LTA5M2QtNWQ3Yy1iNjI3LWMwYzRjN2FlNzUwNSIsImNyZWF0ZWQiOjE2Mzk0Mzg2OTE3NzEsImV4aXN0aW5nIjpmYWxzZX0=
.fraud.net/	1970-01-19 23:24:00	Name: _hjFirstSeen Value: 1
.fraud.net/	1970-01-19 23:24:00	Name: _hjSession_2001329 Value: eyJpZCI6IjI5MTdkNzVlLWRmNDUtNDlmMy1hNGIzLTBhYjQ2YjI2YzMyNCIsImNyZWF0ZWQiOjE2Mzk0Mzg2OTIxOTF9
fraud.net/	1970-01-19 23:23:58	Name: _hjIncludedInPageviewSample Value: 1
.fraud.net/	1970-01-19 23:23:59	Name: _hjAbsoluteSessionInProgress Value: 0
fraud.net/	1970-01-19 23:23:58	Name: _hjIncludedInSessionSample Value: 0
.fraud.net/	1970-01-19 23:25:25	Name: _clsk Value: 13rha7\|1639438692208\|1\|1\|b.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 08:45:34	Name: MUID Value: 03A83655BE0A6A293D352759BF726B2A
.c.clarity.ms/	1970-01-19 23:34:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-19 23:23:59	Name: ANONCHK Value: 0
.fraud.net/	1970-01-20 08:09:34	Name: __ar_v4 Value: %7CHVT2SOYWOBESJB535C7MUS%3A20220012%3A1%7CML43PNVWLZH6BAVX2UYHRM%3A20220012%3A1%7C6SMH2DHXINFNDD52UNEEKG%3A20220012%3A1
.facebook.com/	1970-01-20 01:33:34	Name: fr Value: 00Iy7BIvah7EOc0XM..Bht9lk...1.0.Bht9lk.
.adsymptotic.com/	1970-01-20 01:33:34	Name: U Value: 6ea8d392052faaf7f59c7223765ee699
.casalemedia.com/	1970-01-20 08:09:34	Name: CMID Value: YbfZZKNpMgAnQ9z1ziTOXAAA
.casalemedia.com/	1970-01-20 01:33:34	Name: CMPS Value: 146
m.stripe.com/	1970-01-20 16:55:10	Name: m Value: 2542ac31-e608-46af-a67a-fe47c4dc2d4559949b
.openx.net/	1970-01-20 08:09:34	Name: i Value: b59cd82f-08bc-4987-8c73-68d7fb3b9ca8\|1639438692
.fraud.net/	1970-01-20 08:09:34	Name: __stripe_mid Value: cfea333b-52fa-46dd-9035-a972ec8c68e9fba1c1
.fraud.net/	1970-01-19 23:24:00	Name: __stripe_sid Value: 41b5aa1c-f70a-4501-8155-8e4ec3989f92a7e395
.taboola.com/	1970-01-20 08:09:34	Name: t_gid Value: cc957b2e-fb79-407b-a72b-8fcdb133e90f-tuct8b15ee4
.adnxs.com/	1970-01-20 01:33:34	Name: uuid2 Value: 7880099101120908934
.advertising.com/	1970-01-20 08:11:01	Name: APID Value: UPbc6997da-5c6d-11ec-a55d-0292bfa562bf
.rlcdn.com/	1970-01-20 00:50:22	Name: pxrc Value: COSy340GEgUI6EcQAA==
.pubmatic.com/	1970-01-20 08:59:58	Name: KRTBCOOKIE_10 Value: 22808-OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg&KRTB&22883-OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
.pubmatic.com/	1970-01-20 00:07:10	Name: PugT Value: 1639438692
.pubmatic.com/	1970-01-20 01:33:34	Name: PUBMDCID Value: 2
.casalemedia.com/	1970-01-20 01:33:34	Name: CMPRO Value: 480
.casalemedia.com/	1970-01-19 23:25:25	Name: CMST Value: YbfZZGG32WQA
.casalemedia.com/	1970-01-20 08:09:34	Name: CMRUM3 Value: 6961b7d9642760OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
.outbrain.com/	1970-01-20 01:33:34	Name: obuid Value: d9c22e0e-883a-4dab-8008-c37a9db98087
.outbrain.com/	1970-01-20 00:07:10	Name: adrl Value: OWVhNDU3YjY5OTk2ZmEzYTlhYThlOWQ2YmJlM2FjNTg
.3lift.com/	1970-01-20 01:33:34	Name: tluid Value: 3381649200091752665
.yahoo.com/	1970-01-20 08:09:56	Name: A3 Value: d=AQABBGTZt2ECEMXjAQB2iAfst_vfR3ReZ4oFEgEBAQEquWHBYQAAAAAA_eMAAA&S=AQAAArl11oA_ty8Z811AYn0OpDM
.doubleclick.net/	1970-01-20 16:55:10	Name: IDE Value: AHWqTUkpxi08rXbhy8flwerLmyxu9_H6XVkfKVA0XA39aXRte_M8nI0yfr1SNDhvueA
.bidswitch.net/	1970-01-20 08:09:34	Name: tuuid Value: 1d4d64cf-c69d-419e-a2a7-df9662ed5d60
.bidswitch.net/	1970-01-20 08:09:34	Name: c Value: 1639438692
.bidswitch.net/	1970-01-20 08:09:34	Name: tuuid_lu Value: 1639438692
.adnxs.com/	1970-01-20 01:33:34	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?_q.^m8!]tbPl@/@8$-^=$UfZFlAKIKD[/_COYtEn:`Wc$/GO7s=>1Egg:_QyGXQb:(A/xNLBJ(Zjb#oQuRyVAbpRzqF1`b^3/-3*#!
d.adroll.com/	1970-01-20 08:52:46	Name: __adroll Value: 9ea457b69996fa3a9aa8e9d6bbe3ac58-g_1639438692-a_1639438691
.adroll.com/	1970-01-20 08:52:46	Name: __adroll_shared Value: 9ea457b69996fa3a9aa8e9d6bbe3ac58-g_1639438692-a_1639438691
.pippio.com/	1970-01-20 08:09:34	Name: did Value: OMIX3RGuXkKs_BDl
.pippio.com/	1970-01-20 08:09:34	Name: didts Value: 1639438692
.pippio.com/	1970-01-20 00:50:22	Name: nnls Value:
.pippio.com/	1970-01-20 00:50:22	Name: pxrc Value: COSy340GEgUI3k4QAA==
.analytics.yahoo.com/	1970-01-20 08:11:01	Name: IDSYNC Value: 1770~222n
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPbc6997da-5c6d-11ec-a55d-0292bfa562bf
.yahoo.com/	1970-01-19 23:25:25	Name: APIDTS Value: 1639438692
.rubiconproject.com/	1970-01-20 08:09:34	Name: khaos Value: KX5BGV79-8-I4G9
.rubiconproject.com/	1970-01-20 08:09:34	Name: audit Value: 1\|EF1S99rcFfh9LrAugQES1fd59F1/rYZVArFsGQpeSIOXzu0U2rFvUJFtNeb4Cc2p4+2aKR6jU4pw0S94mtzOH6X03m07ywdlM/uPx/DKN36sl+SJVy6S3lwWkuuUlrCqjJNOEglYhjAKYJ7VWSo2QtdXl9Fff5GGsvFzeHhISWLdsXhQEMUf0D+sFLB/WmBAiyTz+DOnHeDc6UO785F0Pw==
.fraud.net/	1970-01-20 08:45:34	Name: __hstc Value: 57037109.81ccfef35ab112eff4774e1cc3d9a193.1639438692655.1639438692655.1639438692655.1
.fraud.net/	1970-01-20 08:45:34	Name: hubspotutk Value: 81ccfef35ab112eff4774e1cc3d9a193
.fraud.net/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.fraud.net/	1970-01-19 23:24:00	Name: __hssc Value: 57037109.1.1639438692656
.hubspot.com/	1970-01-19 23:24:00	Name: __cf_bm Value: L29fkjHkcOMpHpCFrwpwDta5uBp7jp9VfC0xnX92BiA-1639438692-0-AU0J0Xiih0gItZpP6u72b5b6/HDiHOBzlUcrn+LiUmwbnxFy638alAqdMraBt4aRicLIY2ywxGsST3V+KjB2oJ0=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11a6b76b-9acd-604e-3ff1-9d6f591369c2.z1.dca0.com
149360532.v2.pressablecdn.com
ads.yahoo.com
ajax.googleapis.com
api.hubspot.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
checkout.stripe.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
device.fraud.net
dsum-sec.casalemedia.com
eb2.3lift.com
f.hubspotusercontent30.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
fraud.net
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
media.fraud.net
p.adsymptotic.com
pippio.com
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
s.adroll.com
s.dca0.com
script.hotjar.com
secure.gaug.es
simage2.pubmatic.com
snap.licdn.com
software.clickback.com
static.hotjar.com
sync.outbrain.com
sync.taboola.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
ws.zoominfo.com
www.facebook.com
www.fraudnetmailer.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.18.100.194
107.178.254.65
108.174.10.14
13.225.214.66
13.225.214.74
13.225.214.95
13.225.63.47
141.226.224.48
142.250.64.98
142.250.65.162
148.59.128.120
151.101.0.176
184.29.129.7
192.0.77.39
199.16.172.83
20.75.32.255
2001:4998:14:800::1000
216.119.193.71
2600:141b:13::1732:35c2
2600:9000:21da:8a00:6:9280:1080:93a1
2606:4700::6810:5905
2606:4700::6810:a852
2606:4700::6810:b972
2606:4700::6811:45b0
2606:4700::6811:82ab
2606:4700::6811:b849
2606:4700::6811:d4cc
2606:4700::6811:eacc
2606:4700::6811:eccc
2606:4700::6812:14bf
2606:4700::6813:9a53
2607:f8b0:4006:817::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::200a
2607:f8b0:4006:822::2003
2607:f8b0:4006:824::2002
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f041:11:face:b00c:0:3
2a03:2880:f141:82:face:b00c:0:25de
34.98.64.218
35.174.191.125
35.190.60.146
35.211.178.172
35.71.139.29
40.91.78.9
50.112.217.250
52.210.84.221
52.40.8.68
52.45.33.138
52.7.125.156
52.7.240.128
52.70.137.221
54.187.159.182
54.230.162.15
54.230.162.34
54.230.162.91
68.67.179.113
70.42.32.191
8.28.7.83
8.39.36.142
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0aa9d1092b115b4ff46e8a46b5a11cca2b44aac23bf442bfee4d73ede19ceccf
0b7cc6c8b7fefd78a6ae414419fedf7a729897da31dd6a95d350d3cd5633005c
0f47efcf7e21734e231f323a3d1ecf00c24dee2268687a589042d8de82500dda
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
14a3a7e077c77e3180a74584291e139dd0301b610fe5ec6888fdba19e7e8781c
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
194d0acf151d41b2855363b73ebe3ac7e4a5f830a6f8edd2b46422e9ffb2f4ef
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1a705253fc73b53f33e32ff67c743cb5c2b47b9cd549c61c634d0ad3bea22e80
1b63af7a02c46c6968431dcba892f98a347ad60453f3a6eb801528a1adaf32e8
1dd093687f031bb4d51f22db1ed0c467cbef9e54d8fb9ceb8a84c443a59560c5
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ea94e4c463f9c63c310c3ad8e0ed47b4b2cf30493001df2afc77da9134c606d
23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
254eb6b34064b344d643ff7f75101721a3a536d9f77799558b160c2130f8e9a4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a8af12d3cf5a92839123367f8a2f503960a81481bc44cb4ba9c9ff24b2d920
26bb3223df27d9b62025f9e527d9e348f73e77432560c04a1bfc45d449b61c4c
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
2e5c59841ff62b14162e3457b02369703e69bd7618cf6d2fca4a9ffdbc6200db
2ebf754c969f50dfdaf6898186c688d37130b4964da92f6a811d5b15cef57eaa
2f8572d575f314fa354a075e206eafdce813a769c302ea9b46d4d8eead9d1a4e
30726bc426c4ce795d62fd1f2fe2ee850d32f2a5406689d28a21440f4707ba1b
35c0f671c529cba502561161d2442e63375af379424beec33d5ee43bb7a391b8
39c3d75f8cd9fc4a5323407cc61755b036bce5d2cb7f47cd3586a8cbad21e6db
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
431d857d985d9dc839f6f3f7dccac1c5daf46e7209dab9fcd54b8c0113d5fed0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
44d5486ab2f70ac86114bbe3ba75cca3ec5b407845f08215e0f7c8bf0c75c7a2
451ac4a3888ade1f60a6836a9283608ec1b784a5cc40438f39fdd2aa05124137
4752d6ebb987080a0caca87a76e9e159836fc8b63214fa9bdb36a2c335c767c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bffb0db717d36ea70b90a0d672647a3cc8797a93061be9b863d831fa93a9831
4c494725a63aecfb451cc9cbca947ee434c03d5a758a861aea7be3d928e70199
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a
59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4976fe73a786bf224661d57dae28bea5e373d6c2fc8135bdcf51c28f16498b
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40
6430c91bc6bd0be0fcd4c34882f762b4267625d738b0ad19c77ae5a20d368b3e
654325663f600c925cd64f27cbd3b104bfbd7c731b0f11389d83a3bc1ba40cd7
65e6823488ccbbe14fa92b58d3e13f9dbd23a08b178eecd22a5652766b806147
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69ee0541551d66400ed43b2e36abf32e2fb5ca8f89b75ee83f9226ebc9816f2e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c422f3e1d3227e9b67ab0f7d5ea657ce38a5535015dbb29e29c2c027e24efab
725a72e4c7e67bec83f0504963f37d2d0ca9bb7869b6da94749a812c04a23c42
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
7a5b0199c6fb4de2cc1f6f1b1e69ed74fd456472c187b18e88804bae3f82dfc8
7e9d539f28d635e2700312f80d71e4fef92511d8bb8a7e7be3c7a244a554f21b
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
802919f100d6c4d9b60f706598988c11c18a6455327d5c316f3d450fc835f0fc
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8409097810be7150a9e804cfc8e430a219a60d28afc5ae443ec992c320540d79
8545132e3cb981a9964c4773891ee0e1b9c9eee72ca40f462f560350659e0f47
85aa2e9c6d374fd0e1b3ceb32661a4690f2053fea75be500ac0f9b0589117279
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89192623f01907db9e2db2a307ae59c0dd5170e1cbbd1f7854e4b5485f24a530
892e8d0bb31137bab6b36dc26d1ff356fb78df4eeecb22fd748cbffa7244411a
90bd855f92aec63cef7a79cd868ffc8b0923a4eded158336fc3eb213fbe90166
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b8223abbc3b34f9a605cdb7227ac0bd983c5b17310e576973ca109580281dd0
a14bf160a8f122e234ba8a8d83f8d9b4b5fb4d33622eff078c790b55496795c5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a4df654661d6a1770cd4d647cf1a16adc085a300d1e521e9bc9f2c133d4e22a5
afb60239152b2ab1e5d44c2376662da21a98e3fe19cebdb891660bfa23bb3d4b
b08242455ed9e1a61010b2ba7c997877ac599e2520056232e55f5612f2dc5e58
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b297942165b2851c498af42b15d2ae5ce9f8f8e89a92faa9512afcf7b0622286
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea
bb966db33412f37dd64a1a0f6a71fcb3753f4bb8d47861ca2efad938c0802a9a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdd9517fdb9df0b1631029d96536adb3a35cbdef273de0e877411c47af444f90
bfa9441fac08fbebcfc65e202a788744aab8e4b1f634eaaf800256dce5012813
c11aab2534a94b3a41cd860787084cfd482a31e95db46e5821fbde65acc3cda6
c409ad15f6ea14b0c815d47032ed54c65c6ac57f3e1fdb72185c56bb2a133072
c6162910b841ebeddc424a6620879e8c6f02669b7179e8dce8714a2bd2628aa1
c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8
c87f1cddf8a77ad8523529962263fb03e587a1c998fedb7961bb195a12aaa711
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca13a42dd2efa22497ec09aab346fbc9d352d688a6cfcda402d1bf19dbdea83f
cbc9e4c016291391cdc8b5fed3eb8e57b821c289874884783b24f1d60ce80ab7
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d7e7998e89700fa5cd1ca9f0e9b75559fdb7f933b3108850faa3050a96025a21
d8685227ba656570ae56e1daa4b5a27c0f496168204b3eba649d55c76a2d242b
d9ba04f59e1ace305fc96df31e6419048e24808c3a321a78a8fa7c016cffabd0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
dfd8fc52661d5dea960e9d5188679653e393a127461aa940fe22d2c9a777f5f6
e23806095adb1dfe910365793ee0088d34e5ff4aedbc835a1542ab0106666d79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c7b4ae3317862b3a5428b50ef2b1db2ac54c9eafc9aa7757f1b51c5e302bc5
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ed5b5b47d4098e216aaf66aaeae492679b972a2dc1eb87f3ee8d35a270fd354c
ee375c456c5b8dc5b78e3e61729cd5c237da74862f954a310e7592004f994472
eebf55d77e0020adb5ce3be26cba1a23d6f3baa347c585f9010f18c99d01b519
eef431caaf038231bd760cfb02bc99f7a6cf8b496703bc38ed9f3337ea19802a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f78b58df5ef0e99f170c595a2356eca920adba3a904963d4b1642be7aa3c9cca
f91556a9a226aaec5c3c005295e0479ab1cd139976b9fb733721b60e39edcea4
faaf63b94b9756fc1891adaddce76acddd0be07b78a00c03ac6c60d6a577a684
fc3585334db84f341ccd0e9ad6a28ef86f709d833adfe532fbb5e82f77623293
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

fraud.net Open in urlscan Pro 199.16.172.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

149 Requests

88 %HTTPS

41 %IPv6

49 Domains

68 Subdomains

59 IPs

4 Countries

2248 kBTransfer

7518 kBSize

87 Cookies

2 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fraud.net Open in urlscan Pro
199.16.172.83 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

88 %
HTTPS

41 %
IPv6

49
Domains

68
Subdomains

59
IPs

4
Countries

2248 kB
Transfer

7518 kB
Size

87
Cookies

149 HTTP transactions
3 data transactions