fraud.periculum.io Open in urlscan Pro
2600:9000:2510:4400:14:9e0c:8040:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fraud.periculum.io/
Effective URL:
https://fraud.periculum.io/signin
Submission: On January 12 via api (January 12th 2024, 9:59:27 pm UTC) from US — Scanned from US

Summary HTTP 92 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 1 countries across 27 domains to perform 92 HTTP transactions. The main IP is 2600:9000:2510:4400:14:9e0c:8040:93a1, located in United States and belongs to AMAZON-02, US. The main domain is fraud.periculum.io.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 13th 2023. Valid for: a year.

This is the only time fraud.periculum.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2600:9000:251... 2600:9000:2510:4400:14:9e0c:8040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
1 6	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
6	2600:141b:500... 2600:141b:5000::b81d:8fb9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
1 1	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2004	15169 (GOOGLE) (GOOGLE)
5 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2600:9000:251... 2600:9000:2512:e600:1d:be94:4b80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:310... 2606:4700:3108::ac42:2921	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.96.52 18.164.96.52	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:c... 2600:1901:0:c072::	15169 (GOOGLE) (GOOGLE)
2	13.226.34.119 13.226.34.119	16509 (AMAZON-02) (AMAZON-02)
2	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.92.188 52.219.92.188	16509 (AMAZON-02) (AMAZON-02)
2	54.230.163.59 54.230.163.59	16509 (AMAZON-02) (AMAZON-02)
1	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.93.29.232 3.93.29.232	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:320... 2a06:98c1:3200::90:1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:303... 2606:4700:3031::ac43:aec3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
92	29

12 2600:9000:2510:4400:14:9e0c:8040:93a1 (United States)

ASN16509 (AMAZON-02, US)

fraud.periculum.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::2008 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:141b:5000::b81d:8fb9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9d (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2512:e600:1d:be94:4b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3108::ac42:2921 (United States)

ASN13335 (CLOUDFLARENET, US)

services.dojah.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-52.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:c072:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

browser-intake-us5-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.34.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-119.ewr53.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.92.188 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-w.us-east-2.amazonaws.com

dojah-files.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.163.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-59.ewr53.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.93.29.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-29-232.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::90:1 (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:aec3 (United States)

ASN13335 (CLOUDFLARENET, US)

logs.dojah.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	periculum.io fraud.periculum.io	5 MB
8	posthog.com app.posthog.com — Cisco Umbrella Rank: 24140	68 KB
7	dojah.io services.dojah.io	3 KB
7	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778 www.linkedin.com — Cisco Umbrella Rank: 944 px4.ads.linkedin.com — Cisco Umbrella Rank: 7294	6 KB
7	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	128 KB
6	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1877	49 KB
6	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 648	34 KB
4	intercom.io widget.intercom.io — Cisco Umbrella Rank: 4747 api-iam.intercom.io — Cisco Umbrella Rank: 4779	11 KB
3	browser-intake-us5-datadoghq.com browser-intake-us5-datadoghq.com — Cisco Umbrella Rank: 9696	548 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	93 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 48860 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 51950	26 KB
2	dojah.services logs.dojah.services Failed	1 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 8076 Failed	275 KB
2	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 23083 Failed	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	123 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 55924	1016 B
1	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 27018	1 KB
1	hubapi.com api-eu1.hubapi.com — Cisco Umbrella Rank: 38468	1 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 25843	21 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 25371	22 KB
1	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 36712	4 KB
1	amazonaws.com dojah-files.s3.amazonaws.com	37 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4091	256 B
1	google.com www.google.com — Cisco Umbrella Rank: 6	408 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 184	381 B
92	27

	Domain	Requested by
12	fraud.periculum.io	fraud.periculum.io
8	app.posthog.com	fraud.periculum.io
7	services.dojah.io	fraud.periculum.io
6	snap.licdn.com	www.googletagmanager.com snap.licdn.com js-eu1.hsadspixel.net
6	ssl.google-analytics.com	1 redirects www.googletagmanager.com fraud.periculum.io
4	px.ads.linkedin.com	4 redirects
4	static.hotjar.com	www.googletagmanager.com
3	browser-intake-us5-datadoghq.com	fraud.periculum.io
3	script.hotjar.com	static.hotjar.com script.hotjar.com
2	connect.facebook.net	js-eu1.hsadspixel.net connect.facebook.net
2	api-iam.intercom.io	js.intercomcdn.com
2	logs.dojah.services	fraud.periculum.io
2	js.intercomcdn.com	widget.intercom.io
2	widget.intercom.io	fraud.periculum.io
2	js-eu1.hs-scripts.com	www.googletagmanager.com js-eu1.hs-analytics.net
2	px4.ads.linkedin.com	fraud.periculum.io
2	fonts.googleapis.com	fraud.periculum.io
2	www.googletagmanager.com	fraud.periculum.io
1	www.facebook.com
1	forms-eu1.hsforms.com
1	forms-eu1.hscollectedforms.net	fraud.periculum.io
1	track-eu1.hubspot.com
1	api-eu1.hubapi.com	fraud.periculum.io
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
1	dojah-files.s3.amazonaws.com
1	vc.hotjar.io	fraud.periculum.io
1	www.linkedin.com	1 redirects
1	www.google.com	fraud.periculum.io
1	stats.g.doubleclick.net	1 redirects
92	32

This site contains no links.

Subject Issuer	Validity	Valid
*.fraud.periculum.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.posthog.com Amazon RSA 2048 M02	`2023-12-17` - `2025-01-14`	a year	crt.sh
dojah.io GTS CA 1P5	`2023-12-16` - `2024-03-15`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.browser-intake-us5-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-23`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-22` - `2024-01-20`	3 months	crt.sh
dojah.services E1	`2023-11-17` - `2024-02-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://fraud.periculum.io/signin
Frame ID: 4E909D6D8771374F6375C2D9D3AF707A
Requests: 84 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.4e5192b6.js
Frame ID: C6D1E7BAEB3FFB5FDD379955E734E8D7
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.4e5192b6.js
Frame ID: 129770E24E799CFBBE601E4C2DCAFC3A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Making KYC Easy for All

Page URL History Show full URLs

https://fraud.periculum.io/ Page URL
https://fraud.periculum.io/signin Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

92
Requests

82 %
HTTPS

50 %
IPv6

27
Domains

32
Subdomains

29
IPs

1
Countries

5838 kB
Transfer

18634 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fraud.periculum.io/ Page URL
https://fraud.periculum.io/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1792509343&utmhn=fraud.periculum.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1098699473&utmr=-&utmp=%2F&utmht=1705096757099&utmac=UA-179023337-1&utmgtm=45He41a0n81M5LZXQVv856981866&utmcc=__utma%3D206729156.1485874228.1705096757.1705096757.1705096757.1%3B%2B__utmz%3D206729156.1705096757.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1679196901&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-179023337-1&cid=1485874228.1705096757&jid=1679196901&_v=5.7.2&z=1792509343 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179023337-1&cid=1485874228.1705096757&jid=1679196901&_v=5.7.2&z=1792509343

Request Chain 10

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4219209%26time%3D1705096757116%26url%3Dhttps%253A%252F%252Ffraud.periculum.io%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQL7YakMtg55BQAAAYz_r8MzDfkga83nCNGrHPfngpe47j5Ps_i-OU2vFc06vMLfJKul-w

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096759439&url=https%3A%2F%2Ffraud.periculum.io%2Fsignin HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096759439&url=https%3A%2F%2Ffraud.periculum.io%2Fsignin&e_ipv6=AQKblFGP2ayH6AAAAYz_r8kHmv8q9HIX6D5gN8mNGudkoXd5veqQioYXkS7MpFldBtd-Ww

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
fraud.periculum.io/ 3 KB
1 KB 451ms
212ms Document
text/html 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eea32369af1971656166685db6deb1bd22b218e970c325ce9ad8312ba262c897

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Fri, 12 Jan 2024 21:59:17 GMT
etag: W/"d18112d0b08858c18113f5888b220464"
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-id: 2SxVzGWfzpYuIH2OpGCBVvFEPLrAjxHvUiJWwxwppG8GzGyTRwXZJA==
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 main.f8012bdf.js Show response
fraud.periculum.io/static/js/ 7 MB
2 MB 214ms
213ms Script
application/javascript 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68e8511feeb7faafb0f7c2d32dff654462e5d9a23ee23763c02db527d560bc48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"5acdb2b27de0ace3beb35ccd64be40a1-2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: ZUZED4L1Atww5_29PbE-4fJmF3A63mP0KOlApQAJ-HCthtHiuTvVzg==

GET
H2 200 main.46c9a140.css
fraud.periculum.io/static/css/ 166 KB
46 KB 144ms
143ms Stylesheet
text/css 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/css/main.46c9a140.css
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 757129c0a1d988c8bbed710c884d02f0a7d58c88935810c22ffe35b31eb9a881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"c76abb9d72d35b4f3c66bf9815498c27"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 7prVGoO1_633MQGMxJeuVbKO7FK0rN29EdbjiWFEbEjxOlRftaIG9g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
62 KB 227ms
84ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

148019610414d1a5788f1d3fdc29c6415163c39c4e9f5b6a6dae17fb74deeeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62972
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jan 2024 21:59:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
834 B 251ms
106ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sometype+Mono:wght@400;500&display=swap

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/css/main.46c9a140.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b56d7339b684d2e816acd83e2ede3668070baf653cab42271329efbe85afcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 21:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:59:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 21:59:16 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 241ms
63ms Script
text/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jan 2024 20:02:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7004
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 12 Jan 2024 22:02:32 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
787 B 247ms
72ms Script
application/javascript 2600:141b:5000::b81d:8fb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000::b81d:8fb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bbed830caf31bfde1f3efc8aac364b6c2d3c3932cdae9b930bda0dc5c0f833e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2024 17:26:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61420
accept-ranges: bytes
content-length: 577

GET
H2 200 hotjar-2966880.js Show response
static.hotjar.com/c/ 9 KB
4 KB 373ms
143ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2966880.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

f10ed15c8a8deee4ee5273e505b018ad1e69eaba37ee7e4d308cfba2ce44fe0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/c5120745cb25a0e061a8e585a757da87
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: QOhELv4y8ykbqtpHUk5DcuGONFXw_7OlU5INGHJvqFjHtK5_Oj5jmw==

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 70ms
69ms Script
application/javascript 2600:141b:5000::b81d:8fb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000::b81d:8fb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ffc62a8cb421683a8b3899582cab2dada2337f5991bf8738a4f27f9e1089c097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2024 17:26:19 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61431
accept-ranges: bytes
content-length: 15733

GET
H2

200

ga-audiences
www.google.com/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1792509343&utmhn=fraud.periculum.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-179023337-1&cid=1485874228.1705096757&jid=1679196901&_v=5.7.2&z=1792509343
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179023337-1&cid=1485874228.1705096757&jid=1679196901&_v=5.7.2&z=1792509343

42 B
408 B

243ms
86ms

Image
image/gif

2607:f8b0:4006:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179023337-1&cid=1485874228.1705096757&jid=1679196901&_v=5.7.2&z=1792509343

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/

Protocol

Server

2607:f8b0:4006:80d::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 21:59:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Jan 2024 21:59:17 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-179023337-1&cid=1485874228.1705096757&jid=1679196901&_v=5.7.2&z=1792509343
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4219209%26time%3D1705096757116%26url%3Dhttps%253A%252F%252Ffraud.periculum.io%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQL7YakMtg55BQAAAYz_r8MzDfkga83nCNGrHPfngp...

0
487 B

264ms
77ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQL7YakMtg55BQAAAYz_r8MzDfkga83nCNGrHPfngpe47j5Ps_i-OU2vFc06vMLfJKul-w
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3EBC0AE37F9645799E4B185C25DFC165 Ref B: MIAEDGE1319 Ref C: 2024-01-12T21:59:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOxsaX5Ekq593vQCH2dA==

Redirect headers

date: Fri, 12 Jan 2024 21:59:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E0CAD035F627441BBE766C2A1D0344D7 Ref B: MIA301000102017 Ref C: 2024-01-12T21:59:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096757116&url=https%3A%2F%2Ffraud.periculum.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQL7YakMtg55BQAAAYz_r8MzDfkga83nCNGrHPfngpe47j5Ps_i-OU2vFc06vMLfJKul-w
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOxsaSVDpr9cnrgw6/AQ==

POST
H2 200 /
app.posthog.com/e/ 13 B
433 B 276ms
84ms XHR
application/json 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/e/?ip=1&_=1705096757633&ver=1.77.1

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: JFK50-P7
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fraud.periculum.io
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: kzgA2xgsCzmVzHPP3OrdRTTR_4nwRbY6CVojtg6mXOiem9_EWznJ5g==

POST
H2 200 /
app.posthog.com/decide/ 626 B
1 KB 268ms
83ms XHR
application/json 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/decide/?v=3&ip=1&_=1705096757649&ver=1.77.1

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: JFK50-P7
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fraud.periculum.io
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: IaXPCldpNbrbNOviqxtQe5cKQQuKKfhIyK6ysguTyDYVlAiM8UHvBQ==

GET
H2 200 modules.01a61edd76e9459a4476.js
script.hotjar.com/ 219 KB
55 KB 241ms
70ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2966880.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 48490
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55621
last-modified: Fri, 12 Jan 2024 08:30:49 GMT
etag: "c6b381ec2a77add5ff4703aac0792891"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: fpgqHXGE3U2ParGJulWv02ftzCbQ269ChKA5v1vvNo7GrDQRoqAIUw==

GET
BLOB 200
OK ba204cda-9670-48e5-b6c3-2b9510a67eb3
https://fraud.periculum.io/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fraud.periculum.io/ba204cda-9670-48e5-b6c3-2b9510a67eb3
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 25813
Content-Type

GET
H2 401 profile
services.dojah.io/users/me/ 64 B
414 B 126ms
123ms XHR
application/json 2606:4700:3108::ac42:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.dojah.io/users/me/profile
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Environment: Sandbox
Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"40-EjLM4IHHhEL2uY5Ptl23Bx4FVCI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBLTVvBWR0VjRvs7sUp4vXrFlT45bNjeA%2BsiWDhGuPo6FXzoXP6wB3QWLiEGOmt9plUqT0BnqXZ3fTK9A0o%2BU2xe6WATR6JG%2FaSUbW8L69naZ9%2BhxVxPGuTbtlLlwbzW6lUOZSM%2B8w%2BMURF%2BvN90gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8448aa731b9f6dc5-MIA
content-length: 64

OPTIONS
H2 204 profile
services.dojah.io/users/me/ Frame 0
0 293ms
108ms Preflight 2606:4700:3108::ac42:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.dojah.io/users/me/profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,environment
Access-Control-Request-Method: GET
Origin: https://fraud.periculum.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: authorization,environment
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8448aa725a7a6dc5-MIA
content-length: 0
date: Fri, 12 Jan 2024 21:59:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOH1HbjYxBaLJRP9TYC3DdvuEltRynTBzyo0Snd1jQf3h8U0o3JA%2FIeizkfsRdTY6fevRgq0g9qr83BsW9VQbzBD8S3QlYg6AQLhxZ48Vr0btxLM%2Fr8uXEeHMtLtMD%2Bgf6Tvv8Jn9O18l%2BxGo7UKhA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
BLOB 200
OK b85f7851-17cc-4d6b-a5d3-88c644967cdf
https://fraud.periculum.io/ 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fraud.periculum.io/b85f7851-17cc-4d6b-a5d3-88c644967cdf
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 recorder-v2.js
app.posthog.com/static/ 101 KB
32 KB 75ms
74ms Script
application/javascript 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.posthog.com/static/recorder-v2.js?v=1.77.1
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: J3QUIs9ezqjtyaJsS1Da84wudPYbbel7
content-encoding: gzip
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 18:52:00 GMT
last-modified: Thu, 11 Jan 2024 16:45:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 11238
x-amz-server-side-encryption: AES256
etag: W/"58dafd97be3683ef488e9fc8d2a12cd7"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: n1bAfVeMLk3NjZkqIl6k2cl5GVyyZeOvxaX4mfvt0Qz57KCVkVXOAg==

GET
H2 204 2966880
vc.hotjar.io/sessions/ 0
256 B 314ms
123ms XHR
text/plain 18.164.96.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2966880?s=0.25&r=0.09312603095555572
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-52.jfk50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:18 GMT
via: 1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: j4gdH4sNJ2gYLVm0bfEXsptStDKKB7Bo78P2oc0dnFgh7OSnQPtwlA==

GET
H2 200 browser-perf.28a8c6b22b3c0474c577.js
script.hotjar.com/ 4 KB
2 KB 62ms
61ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 14:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 1321904
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1589
last-modified: Thu, 21 Dec 2023 13:38:49 GMT
etag: "d065ec1659ab8dbb93042fdf9a225634"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Ndm8Rn2K4zFeyfg_N4-DCoX4XLj0R-HfiJZXk5s3i_4Yzv0ci_vl1A==

GET
H2 401 profile
services.dojah.io/users/me/ 64 B
349 B 128ms
126ms XHR
application/json 2606:4700:3108::ac42:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.dojah.io/users/me/profile
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Environment: Sandbox
Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"40-EjLM4IHHhEL2uY5Ptl23Bx4FVCI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOJVN9x18K92TTiw7JuDTL%2BOYnLujWt0UVizWsSevnN724V6tbvkKESrtiKvNpghd4uBbRHE1TpUJ97PtJ0v0ZGbroiMmbDosFxB%2FZakT82ZzKE6jEUh%2B0l1zFLtitAzSY%2Bhrz8CsUKPVBl5SC1tNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8448aa749dfb6dc5-MIA
content-length: 64

OPTIONS
H2 204 profile
services.dojah.io/users/me/ Frame 0
0 81ms
80ms Preflight 2606:4700:3108::ac42:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.dojah.io/users/me/profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,environment
Access-Control-Request-Method: GET
Origin: https://fraud.periculum.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: authorization,environment
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8448aa740d276dc5-MIA
content-length: 0
date: Fri, 12 Jan 2024 21:59:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJTo44HdC6Bl6abgqvqiJ9Vo8ayYMePF6N%2B4ZoVcfOAnaWn7WCPvvqqJEC9ZkER9r%2B3ixdhsB5ebTILvwt94TcEcO8j4BCy0yr8vFi%2Fr1kF2n5ErmwE9ayIGYTfZxAa9gK6IPegdMkXmiWEDQA3KMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

GET 25464359.js
js-eu1.hs-scripts.com/ 0
0

GET
H2 200 hotjar-2966880.js
static.hotjar.com/c/ 9 KB
4 KB 64ms
63ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2966880.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/c5120745cb25a0e061a8e585a757da87
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: IHcHcGEgSdci_Cjy-P7xXlGpkQjnA1CXIDL3SMdwK2N6Rb7fhRfkhA==

GET
H3 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 64ms
64ms Image
image/gif 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1082192651&utmhn=fraud.periculum.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1098699473&utmr=-&utmp=%2F&utmht=1705096758484&utmac=UA-179023337-1&utmgtm=45He41a0n81M5LZXQVv856981866&utmcc=__utma%3D206729156.1485874228.1705096757.1705096757.1705096757.1%3B%2B__utmz%3D206729156.1705096757.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 09:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46518
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
browser-intake-us5-datadoghq.com/api/v2/ 53 B
340 B 312ms
153ms Fetch
application/json 2600:1901:0:c072::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Adojah-app&dd-api-key=pubf8d082354267167e10e0c4e07b86d8dd&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=70a7e27e-3934-49c0-a675-d70e91ba473c&batch_time=1705096758563

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Jan 2024 21:59:18 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
dd-request-id: 70a7e27e-3934-49c0-a675-d70e91ba473c

GET
H2 200 976.06dc4ca2.chunk.js
fraud.periculum.io/static/js/ 1 KB
1 KB 212ms
211ms Script
application/javascript 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/js/976.06dc4ca2.chunk.js
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:19 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"aaf252feea03d81fd315017bf05a3707"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: fcx_pgvUUTeDRsjM-tItVSQA_a3SiCicESELfWZp2A8rb0chTfZlyg==

GET
H2 200 fl4foli7
widget.intercom.io/widget/ 7 KB
3 KB 220ms
75ms Script
application/javascript 13.226.34.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/fl4foli7
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-119.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 4ceqowmW.nmBWc43p1i.DJgb0LiYTZkg
content-encoding: gzip
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 21:56:56 GMT
x-amz-cf-pop: EWR53-C2
age: 148
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2704
last-modified: Fri, 12 Jan 2024 11:21:46 GMT
server: AmazonS3
etag: "2ace172fd93b5aca54d6f43d00ade73c"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: DGK_WH8Mx6cMCtMe4wcoehpiae846VOBNb1JZ05d7E3K71FdDTeg3Q==

GET
H2 200 context
services.dojah.io/users/company/ 663 B
633 B 95ms
95ms Fetch
application/json 2606:4700:3108::ac42:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.dojah.io/users/company/context?subdomain=fraud.periculum.io
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"297-yPSKZHQ0SQ7L4aYVG73oBqAGZlM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCAnTloRcOeFGNQ7FRuECLN3patfG%2FzFWKy30JcZXfnVrWKlV4urJ6YHuHD7%2BDPZigY1VxvAMbFpkd4yYImk0QCPtPr80ZtbU9fIe1LliyoimJshx0Z31uRB2Z2T%2FBVpS%2FX%2BPXwxH5BLRBMVHLVYvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8448aa75bf666dc5-MIA

GET
H2 200 Primary Request signin Show response
fraud.periculum.io/ 3 KB
1 KB 141ms
140ms Document
text/html 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/signin
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/976.06dc4ca2.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eea32369af1971656166685db6deb1bd22b218e970c325ce9ad8312ba262c897

Request headers

Referer: https://fraud.periculum.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Fri, 12 Jan 2024 21:59:19 GMT
etag: W/"d18112d0b08858c18113f5888b220464"
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-id: 4Szc2VxFgb57VHtoQAj88JEFt9UCnWzOgZY1gbFhDy5Si9e4by-OrA==
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

POST rum
browser-intake-us5-datadoghq.com/api/v2/ 0
0

POST replay
browser-intake-us5-datadoghq.com/api/v2/ 0
0

GET frame-modern.4e5192b6.js
js.intercomcdn.com/ Frame C6D1 0
0

GET vendor-modern.4798fff6.js
js.intercomcdn.com/ Frame C6D1 0
0

POST /
app.posthog.com/s/ 0
0

POST /
app.posthog.com/e/ 0
0

POST rum
browser-intake-us5-datadoghq.com/api/v2/ 0
0

POST /
logs.dojah.services/api/10/envelope/ 0
0

GET
H2 200 main.f8012bdf.js Show response
fraud.periculum.io/static/js/ 7 MB
2 MB 226ms
224ms Script
application/javascript 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68e8511feeb7faafb0f7c2d32dff654462e5d9a23ee23763c02db527d560bc48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"5acdb2b27de0ace3beb35ccd64be40a1-2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: crdwM1AvPiyHB4Nnr1IS9UVQQdzjgfsRyx9w8MhD8MKK1F6i_M4Hcw==

GET
H2 200 main.46c9a140.css
fraud.periculum.io/static/css/ 166 KB
46 KB 129ms
128ms Stylesheet
text/css 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/css/main.46c9a140.css
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 757129c0a1d988c8bbed710c884d02f0a7d58c88935810c22ffe35b31eb9a881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"c76abb9d72d35b4f3c66bf9815498c27"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: D8hs8Cwv4m2Vq2Xwo0-RK_u8MgOezWzBUFM_wrKbU65Tig6e3LgbpA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
62 KB 91ms
90ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

148019610414d1a5788f1d3fdc29c6415163c39c4e9f5b6a6dae17fb74deeeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62972
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jan 2024 21:59:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
521 B 77ms
76ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sometype+Mono:wght@400;500&display=swap

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/css/main.46c9a140.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b56d7339b684d2e816acd83e2ede3668070baf653cab42271329efbe85afcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 21:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:59:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 21:59:19 GMT

GET
H3 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jan 2024 20:02:32 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7007
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 12 Jan 2024 22:02:32 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
787 B 67ms
66ms Script
application/javascript 2600:141b:5000::b81d:8fb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000::b81d:8fb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bbed830caf31bfde1f3efc8aac364b6c2d3c3932cdae9b930bda0dc5c0f833e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2024 17:26:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61417
accept-ranges: bytes
content-length: 577

GET
H2 200 hotjar-2966880.js Show response
static.hotjar.com/c/ 9 KB
4 KB 64ms
64ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2966880.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

f10ed15c8a8deee4ee5273e505b018ad1e69eaba37ee7e4d308cfba2ce44fe0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/c5120745cb25a0e061a8e585a757da87
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: vHomcFVIO5wz7aLsg-dw7uBh00tdL2PvAlBR69AXbkOb6ntoATaZJw==

GET
H2 200 modules.01a61edd76e9459a4476.js Show response
script.hotjar.com/ 219 KB
55 KB 84ms
83ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2966880.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

1fe0a1d0440db1d043d00405be45a6494bef459ddabc0649fcefe29741978345

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 48492
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55621
last-modified: Fri, 12 Jan 2024 08:30:49 GMT
etag: "c6b381ec2a77add5ff4703aac0792891"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: KTviMg7vmZXetgbC1qDb3nDj5socFQsKG7mCkX7t0uJ78eifkmfv7g==

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 79ms
79ms Script
application/javascript 2600:141b:5000::b81d:8fb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000::b81d:8fb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ffc62a8cb421683a8b3899582cab2dada2337f5991bf8738a4f27f9e1089c097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2024 17:26:19 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61429
accept-ranges: bytes
content-length: 15733

GET
H3 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 130ms
129ms Image
image/gif 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=144694814&utmhn=fraud.periculum.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1724597388&utmr=0&utmp=%2Fsignin&utmht=1705096759353&utmac=UA-179023337-1&utmgtm=45He41a0n81M5LZXQVv856981866&utmcc=__utma%3D206729156.1485874228.1705096757.1705096757.1705096757.1%3B%2B__utmz%3D206729156.1705096757.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qmAgAABAAAGBAAAAAgAAAAAE~

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 09:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46519
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096759439&url=https%3A%2F%2Ffraud.periculum.io%2Fsignin
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096759439&url=https%3A%2F%2Ffraud.periculum.io%2Fsignin&e_ipv6=AQKblFGP2ayH6AAAAYz_r8kHmv8q9HIX6D5gN8mNGudkoXd5veqQioYXkS7MpFldB...

0
364 B

87ms
85ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096759439&url=https%3A%2F%2Ffraud.periculum.io%2Fsignin&e_ipv6=AQKblFGP2ayH6AAAAYz_r8kHmv8q9HIX6D5gN8mNGudkoXd5veqQioYXkS7MpFldBtd-Ww
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/signin
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:18 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 97C03D33F1644785A4561D01F819C5E7 Ref B: MIAEDGE1319 Ref C: 2024-01-12T21:59:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOxsaqooODy2nZPoMe/w==

Redirect headers

date: Fri, 12 Jan 2024 21:59:19 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 38D5C362C1994EE489CA9A172C722ACB Ref B: MIA301000102017 Ref C: 2024-01-12T21:59:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4219209&time=1705096759439&url=https%3A%2F%2Ffraud.periculum.io%2Fsignin&e_ipv6=AQKblFGP2ayH6AAAAYz_r8kHmv8q9HIX6D5gN8mNGudkoXd5veqQioYXkS7MpFldBtd-Ww
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOxsapLGjl2AvfCo9Jgg==

GET
H2 200 recorder-v2.js Show response
app.posthog.com/static/ 101 KB
32 KB 75ms
75ms Script
application/javascript 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.posthog.com/static/recorder-v2.js?v=1.77.1
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2731df5d36de8c6c5f2a52a1d98fd418cc92a78605ac8006c571f28bcc6c5b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: J3QUIs9ezqjtyaJsS1Da84wudPYbbel7
content-encoding: gzip
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 18:52:00 GMT
last-modified: Thu, 11 Jan 2024 16:45:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 11240
x-amz-server-side-encryption: AES256
etag: W/"58dafd97be3683ef488e9fc8d2a12cd7"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pULi0qQ3yPmh_oor7SzZ2iW_KMdD3hYO4bDUROq_82U-Xcb7QAokdQ==

POST
H2 200 / Show response
app.posthog.com/e/ 13 B
433 B 90ms
88ms XHR
application/json 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/e/?ip=1&_=1705096759926&ver=1.77.1

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jan 2024 21:59:19 GMT
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: JFK50-P7
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fraud.periculum.io
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: tdg0fWsh-FG2BYZecIuUxyMZGDADCNbZjufiGKZLI37Uzr95ea7jlA==

POST
H2 200 / Show response
app.posthog.com/decide/ 626 B
1 KB 85ms
84ms XHR
application/json 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/decide/?v=3&ip=1&_=1705096759927&ver=1.77.1

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fb116fd7531e725b0eb15e8a5c765ef6edf8d13bc744edd45b6d8e0e5977c19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jan 2024 21:59:19 GMT
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: JFK50-P7
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fraud.periculum.io
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: NxoS-B9vdq-9L6AReOPVZ_X5X8lAnkjAW3t-k503c7lZktnPG2ynCQ==

GET
H2 200 688.ec7b30ff.chunk.js Show response
fraud.periculum.io/static/js/ 7 KB
3 KB 167ms
166ms Script
application/javascript 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/js/688.ec7b30ff.chunk.js
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5d10536f493978a23cba3edac9242be21f1fbbbe12be2d014e5c0e2b4b09141

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"3978ad6a0e72e8c6e5e958a1e27c8281"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: Ii1mrXJj7urpTU5drYE80lR6oTiPghBR21GlwcZiLLMAFm7VjlZYYA==

GET
BLOB 200
OK bf39b3ad-dec0-4521-8bd9-da7fd63c5a2a
https://fraud.periculum.io/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fraud.periculum.io/bf39b3ad-dec0-4521-8bd9-da7fd63c5a2a
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/signin
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db7c9dc3fcd69a665031d75b0eecd8095bd3cd05ff0121ff4410e77716f95805

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 25813
Content-Type

GET
H2 200 context Show response
services.dojah.io/users/company/ 663 B
617 B 116ms
83ms Fetch
application/json 2606:4700:3108::ac42:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.dojah.io/users/company/context?subdomain=fraud.periculum.io
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5f63f352200c3e3eba6e331227f3319383b6a3657bb1a09f99a7cdf8d06dcbc3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"297-yPSKZHQ0SQ7L4aYVG73oBqAGZlM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WVoT9FO4r4CPtvf7kn33GtKn3DYHVCzMnS28tj38yCRYUELS2lxqIZGindLEGVQTFkTOysruUq83AXt0g%2B%2FLF87Pc4UhLbS5yeDjreEWZTnkGEvUtq2k9kA69e68kenRQhRLsjGekc93Ob1B3f7OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8448aa7e7be46dc5-MIA

GET
BLOB 200
OK 79d73998-6ef2-4e3d-8dc8-fe113e125ac2
https://fraud.periculum.io/ 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fraud.periculum.io/79d73998-6ef2-4e3d-8dc8-fe113e125ac2
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/signin
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 fl4foli7 Show response
widget.intercom.io/widget/ 7 KB
3 KB 75ms
60ms Script
application/javascript 13.226.34.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/fl4foli7
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-119.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c440cdce6aee19487f3a4884aab754d9575abcda96113304ec95a37e4bd274ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 4ceqowmW.nmBWc43p1i.DJgb0LiYTZkg
content-encoding: gzip
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 21:56:56 GMT
x-amz-cf-pop: EWR53-C2
age: 150
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2704
last-modified: Fri, 12 Jan 2024 11:21:46 GMT
server: AmazonS3
etag: "2ace172fd93b5aca54d6f43d00ade73c"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: gQMjKpUcEu6rscwNbo-p28NSIRkTmgoysU9FV8FUUy5QVLzWLxEI-g==

GET
H2 200 25464359.js Show response
js-eu1.hs-scripts.com/ 2 KB
635 B 162ms
143ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/25464359.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10d29e69c87d340c17ee21077f13950a8aed2f4148fe035f4bf126f86cbe625

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: ab171bdf-ed06-4b60-9c00-6c11ca428132
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2028
age: 2
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ab171bdf-ed06-4b60-9c00-6c11ca428132
cf-bgj: minify
last-modified: Fri, 12 Jan 2024 21:59:18 GMT
server: cloudflare
x-trace: 2B5BF8C4DD4FA15F12E47FBA34CF7ECDDE55D93300000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.periculum.io
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6748d5b5db-g9lmg
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8448aa7f8c447037-CDG

GET
H2 200 hotjar-2966880.js Show response
static.hotjar.com/c/ 9 KB
4 KB 64ms
62ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2966880.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5LZXQV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

f10ed15c8a8deee4ee5273e505b018ad1e69eaba37ee7e4d308cfba2ce44fe0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 3
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/c5120745cb25a0e061a8e585a757da87
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: Myuwdk56idIkaSWOJnNEXEyDI9V5NHXqPhs90TGQNCelyZC4kVMckA==

GET
H3 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 63ms
62ms Image
image/gif 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=4&utmn=1610355987&utmhn=fraud.periculum.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Verify%20Customer%20Identity%20Easily%20%7C%20KYC%20Verification%20%7C%20Dojah&utmhid=1724597388&utmr=0&utmp=%2Fsignin&utmht=1705096760186&utmac=UA-179023337-1&utmgtm=45He41a0n81M5LZXQVv856981866&utmcc=__utma%3D206729156.1485874228.1705096757.1705096757.1705096757.1%3B%2B__utmz%3D206729156.1705096757.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 09:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46520
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Atakk-Medium.f8710653749ae312a5e8.ttf
fraud.periculum.io/static/media/ 140 KB
55 KB 153ms
152ms Font
font/ttf 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/media/Atakk-Medium.f8710653749ae312a5e8.ttf
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/css/main.46c9a140.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e04ed0b8227dfd75e35e831fc013f2621e17a8918188b57b33dcc36c7e15112a

Request headers

Referer: https://fraud.periculum.io/static/css/main.46c9a140.css
Origin: https://fraud.periculum.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"e0b805ef51366c622a41dc7b131a1d45"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: font/ttf
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: uH1OXQFt098lXiODQc4WdP1R4Jh1osEIdGsLAfM8qgo4Zvcj8ghjiA==

GET
H2 200 Atakk-Regular.475009490b70b6d8231a.ttf
fraud.periculum.io/static/media/ 140 KB
55 KB 129ms
128ms Font
font/ttf 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fraud.periculum.io/static/media/Atakk-Regular.475009490b70b6d8231a.ttf
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/css/main.46c9a140.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03f15ba7f4fa71e82a9fcecbb6d2d87d44995fae2e0e17e9d82431dee91c1230

Request headers

Referer: https://fraud.periculum.io/static/css/main.46c9a140.css
Origin: https://fraud.periculum.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"0bac0b43411399f277c698cf120e5067"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: font/ttf
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: WOOFAOOcCGYmV6goYU43KSMQz3pAO7yzrK_YJZ2TNoyFSGDf8zlTxg==

GET
H2 200 logo.38056aae2c18e5a2c775fbc8c16c49e8.svg
fraud.periculum.io/static/media/ 5 KB
2 KB 151ms
149ms Image
image/svg+xml 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fraud.periculum.io/static/media/logo.38056aae2c18e5a2c775fbc8c16c49e8.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13b9268a825f1a72af9fe116d4f7cedc0f2411727c050bdc2cfeecb1a8619caa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"3c564063bfc30f8d3a2d3c8fa8cb859a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: 1Lkn3YrMgH5-zlvVztEulIpQK2zs4an1D3yusqhc1Rn9R1Pbv6g92g==

GET
H2 200 google-logo.dc9699ba06f2e04d56a562a667ed15f0.svg
fraud.periculum.io/static/media/ 1 KB
992 B 145ms
144ms Image
image/svg+xml 2600:9000:2510:4400:14:9e0c:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fraud.periculum.io/static/media/google-logo.dc9699ba06f2e04d56a562a667ed15f0.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:14:9e0c:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d099ab79960e500338d50d1b131627ce01d8cc283364c775202b521bffb72638

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: gzip
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 12:03:21 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
etag: W/"0c4350cd56e3f48d0bef9b150b3e3dca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=0, s-maxage=2
x-amz-cf-id: JuTCrdDqCQVbBPOKsWIaDSikk7vUagRcKo9_zMgHh8gqabfbWyBWcQ==

GET
H2 200 information-banner Show response
services.dojah.io/support/ 434 B
607 B 514ms
513ms Fetch
application/json 2606:4700:3108::ac42:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.dojah.io/support/information-banner?auth=true
Requested by: Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0a7fd6f5377acac39378f2c03317fc293a8e2e3a4fb2f17cca181c8f3233f593

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1b2-32226tUTsRRGv9qE7YK1hNK++6o"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOd%2BEDobw596eGErThh1aAYDoxSGaf7FEVssI%2FDfI6kH6bk2Qp2k8aXV8xJS60LeBzVS1Qaj7fCNmJF%2FaGj8CNdQugRUHL%2Bnyv7ZeHgJdyOK7mej8RDUSroHsmbG4Ex3oqXu8gFkwRBIkIqbS2Zg5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8448aa800e576dc5-MIA

GET
H/1.1 200
OK 1702905034563.png
dojah-files.s3.amazonaws.com/ 37 KB
37 KB 278ms
118ms Image
image/png 52.219.92.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dojah-files.s3.amazonaws.com/1702905034563.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.92.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 14268fc55c035cf845959e28c1ae28a1d40bc2e1a69c0483ef6f31d1c8ea9e77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 21:59:21 GMT
Content-Encoding: base64
Last-Modified: Mon, 18 Dec 2023 13:10:35 GMT
Server: AmazonS3
x-amz-request-id: R9D3K4MFGGWRKT8N
ETag: "4ce472878aa9cad110ba9b538a1d2584"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 37430
x-amz-id-2: sFXA7vP259oBOlKfBkfRmIt7elRYGLPXwfCq672WG44i2JsHHTaqO+aIV74YF5EIQSABvJ409so=

GET
H2 200 frame-modern.4e5192b6.js Show response
js.intercomcdn.com/ Frame 1297 517 KB
143 KB 69ms
67ms Script
application/javascript 54.230.163.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.4e5192b6.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/fl4foli7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-163-59.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1261b032e20cbb2cc67aa180dd9dbec7f978c416bfbaffb7a3ce14bc32f5d765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: ANdfvucSV_N4OxJdtP1JV_cm680DQCkc
content-encoding: gzip
via: 1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 21:22:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR53-C3
age: 2212
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145917
last-modified: Fri, 12 Jan 2024 11:19:06 GMT
server: AmazonS3
etag: "1edc4df26d28650dc6c722ac1fa57962"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: p9-JtLbBaqTdFmDtTCwy6LgdvraSrXDIyDFtakfv2vbNMDBIIZUj2Q==

GET
H2 200 vendor-modern.4798fff6.js Show response
js.intercomcdn.com/ Frame 1297 426 KB
131 KB 109ms
107ms Script
application/javascript 54.230.163.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.4798fff6.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/fl4foli7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-163-59.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

659646e379eb3281e62c3b079f1f714f8cf487eceee43055c5bdb4d5aaabdb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 9cj9c2CuNtqP5VChZAGc8mhLERNl79DW
content-encoding: gzip
via: 1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 20:57:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR53-C3
age: 3727
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133882
last-modified: Thu, 11 Jan 2024 16:30:00 GMT
server: AmazonS3
etag: "5661811dd3a4c069600081813b6a5bf1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 0k-8W_9Figu7yfF11pNd--tEQm4wg-PZ378Wvr99BrXS2HSsrNpuhQ==

POST
H2 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
137 B 116ms
112ms Fetch
application/json 2600:1901:0:c072::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Adojah-app&dd-api-key=pubf8d082354267167e10e0c4e07b86d8dd&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=8bdf684d-ac58-472c-ac91-439f1b94b833&batch_time=1705096760366

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

275b30c45dbe531b0a6fe73b44e7812ad2bd41cfdfec7ce0260bcafa9838be72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Jan 2024 21:59:20 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
dd-request-id: 8bdf684d-ac58-472c-ac91-439f1b94b833

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
4 KB 591ms
153ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsadspixel.net/fb.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25464359.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9092cb4fb3eafe925fa67a4dc6b62b7c769cbcb9a1420ecaf4b5d80edeae726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
x-amz-version-id: 5iFzgPv7W58VCAVxkHMx4QTA.7HcSoUh
via: 1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P6
age: 433
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.510/bundles/pixels-release.js&cfRay=84489febea4c698c-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 27d367af-1a14-4004-960b-8df2cdf2a394
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 27d367af-1a14-4004-960b-8df2cdf2a394
last-modified: Mon, 08 Jan 2024 15:41:49 UTC
server: cloudflare
etag: W/"ef358d7718df65ca620b75c779a3c331"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-6d95cd8d5-cvl4r
cf-ray: 8448aa838b50784e-CDG
x-amz-cf-id: Uv4vA3TfZRf3JggrdcDVu729cxLbjiOx8jiOwsYfVQO8guvRFseUzQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.510/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/25464359/ 68 KB
22 KB 547ms
145ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/25464359/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25464359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9506176a7d8da54d8d8dad12baebf80cfb683d26278976be2e9e7b43a044b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
x-amz-version-id: FNEkcabdJNM7g8Kxeyr2q3iWJl2Wdg2L
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZHDWET9D1VAJQG8G
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: df0aed57-970e-4f94-833f-9654510b10c4
age: 199
x-envoy-upstream-service-time: 34
x-amz-id-2: Pbl+htHy743C1XLhw55JpNvY4dZUeR8j3VqpyATjSNbgjOU61ogIyngeERl+egkpKm+0EbnADBc=
x-evy-trace-listener: listener_https
x-request-id: df0aed57-970e-4f94-833f-9654510b10c4
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 11 Jan 2024 22:36:47 GMT
server: cloudflare
etag: W/"0d291489f41afeb03951d8634b6aa183"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://app.dojah.io
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-5f696f64f6-z5f9m
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8448aa83491b2280-CDG
expires: Fri, 12 Jan 2024 22:01:01 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 573ms
164ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25464359.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
Origin: https://fraud.periculum.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
x-amz-version-id: JAkD5shSwdxe4gNEROP8R.wQbdFvcCSE
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: c732dcd9-5353-4e34-88d0-f1bdffe31c33
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.451/bundles/project.js&cfRay=8448aa834bb52a0e-CDG
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c732dcd9-5353-4e34-88d0-f1bdffe31c33
last-modified: Wed, 03 Jan 2024 09:59:35 UTC
server: cloudflare
etag: W/"dc52d8d37d1323196ca91b50795df6c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-6d95cd8d5-cvl4r
cf-ray: 8448aa834bb52a0e-CDG
x-amz-cf-id: CqzHfV1wvrTr0qmPg5_DCDWufu-_sFX9xBSrAkrg-vkI5Yk7VNfLUA==
x-hs-target-asset: collected-forms-embed-js/static-1.451/bundles/project.js

GET
H2 200 25464359.js Show response
js-eu1.hs-analytics.net/analytics/1705096500000/ 66 KB
21 KB 585ms
188ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1705096500000/25464359.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25464359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77e5dcd1ff64826e434dc09b57bca06b5a365758b1d797ba3a6642918c80e442

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:20 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: R9D2Z66YRNHV5ARR
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 917486ea-bd08-4c99-8de1-dcfe08f4a4a4
x-envoy-upstream-service-time: 19
x-amz-id-2: qb03UV4hOX3nNml4pLrdWm/GPBGgB4PPoq1yyAmLIPyKbCM5kAX6TRQdFe0ISyyv/IHI8g7JPK0=
x-evy-trace-listener: listener_https
x-request-id: 917486ea-bd08-4c99-8de1-dcfe08f4a4a4
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 16:33:11 GMT
server: cloudflare
etag: W/"0d38fb9df103db7e61f1e74ec53d419b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-5f696f64f6-z5f9m
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8448aa833b6d7021-CDG
expires: Fri, 12 Jan 2024 22:04:20 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 1297 4 KB
2 KB 599ms
458ms XHR
application/json 3.93.29.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4e5192b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.29.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-29-232.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4dacb462a15c59a8b78e15bc7c8fc8e5b75361ef074bf284ba7f071e96848f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-05e935795e5dfa0f8
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 001hrk3vhe7c25fqd530
x-runtime: 0.380705
server: nginx
etag: W/"4dacb462a15c59a8b78e15bc7c8fc8e5"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fraud.periculum.io
x-intercom-version: 890e642a28e1c8fef786fb8db586096fca4b406b
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 json Show response
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 187 B
1 KB 575ms
182ms XHR
application/json 2a06:98c1:3200::90:1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=25464359

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

447365d1cfad47f9c19a4812a4463e6ed1c03ef3aa46456153c09702e1bec2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f0a16a53-391a-4222-bf85-de84775e370a
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f0a16a53-391a-4222-bf85-de84775e370a
server: cloudflare
x-trace: 2B533C5471A88F3ACD812D80AC3B80B5C6E94310D3000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.periculum.io
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6748d5b5db-jhkhx
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSqLKl9yH%2FvSU84VSV%2BfWBHIm2hOS1NoGX3dgUBqLFj6BZAOSuz1Pi4a0fUAe2VVt1aIh%2FlPomJeNN7Qs1Bj7LCMBI5O25mcsLq0knzy2B0NMzmSCy7cEVvpYXu81xKjd8JiZqStj5HHd06OAO6ftw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8448aa86fa7a22a4-CDG
access-control-allow-headers: *

GET
H2 200 25464359.js Show response
js-eu1.hs-scripts.com/ 2 KB
575 B 150ms
148ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/25464359.js

Requested by

Host: js-eu1.hs-analytics.net
URL: https://js-eu1.hs-analytics.net/analytics/1705096500000/25464359.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10d29e69c87d340c17ee21077f13950a8aed2f4148fe035f4bf126f86cbe625

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: ab171bdf-ed06-4b60-9c00-6c11ca428132
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2028
age: 3
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ab171bdf-ed06-4b60-9c00-6c11ca428132
cf-bgj: minify
last-modified: Fri, 12 Jan 2024 21:59:18 GMT
server: cloudflare
x-trace: 2B5BF8C4DD4FA15F12E47FBA34CF7ECDDE55D93300000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://fraud.periculum.io
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6748d5b5db-g9lmg
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8448aa84dafb7037-CDG

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 599ms
191ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3879799238&v=1.1&a=25464359&r=https%3A%2F%2Ffraud.periculum.io%2F&pu=https%3A%2F%2Ffraud.periculum.io%2Fsignin&t=Making+KYC+Easy+for+All&cts=1705096761020&vi=7e7089163b7c12daba70f68eafbb995f&nc=true&u=90833285.7e7089163b7c12daba70f68eafbb995f.1705096761008.1705096761008.1705096761008.1&b=90833285.1.1705096761009&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2a8986c7-d066-44b3-afb5-8185d8d5e2fc
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2a8986c7-d066-44b3-afb5-8185d8d5e2fc
last-modified: Fri, 12 Jan 2024 21:59:21 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cAMnL80q9IfQ0fVKnwSIw8gn%2BPmUjr5%2BYEtnCK5agivzs4MTqhwgmEoqO3lmtexX2T7MMrILllNTcgIYovccX%2BIVuvfXPOVvpnRb%2BU3dwGiIKMbFRKVEVN7kpapq2VEiweHrNFDjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-64c8987675-5fvr8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8448aa876ab41541-CDG
x-robots-tag: none

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 116 B
455 B 189ms
172ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25464359&utk=7e7089163b7c12daba70f68eafbb995f

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b37530a26afa6822994e5b1e78ccd2d6cdf4fba38cccb23dba1587ae9098efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: adefd1ba-e07a-4d42-bef6-5b28bd9b6b34
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: adefd1ba-e07a-4d42-bef6-5b28bd9b6b34
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://fraud.periculum.io
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-6d95cd8d5-2cshb
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8448aa850e3b2a0e-CDG

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
1016 B 577ms
166ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 21:59:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 085afc84-ee63-4464-ab39-2920a0eb8193
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 085afc84-ee63-4464-ab39-2920a0eb8193
Server: cloudflare
X-Trace: 2B1384E2DE50B7C4ED0F33A495957C61CAD742778D000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-6566f6b7f7-tq6lx
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 8448aa88bed0d598-CDG

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 1297 4 KB
2 KB 298ms
298ms XHR
application/json 3.93.29.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4e5192b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.29.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-29-232.compute-1.amazonaws.com

Software

nginx /

Resource Hash

26e11a38310c5039b39e6ecaa75012b72508b775ea8f7f79ee6aa757744d2a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-05e935795e5dfa0f8
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0003bk8r89mv83sb8jl0
x-runtime: 0.208268
server: nginx
etag: W/"26e11a38310c5039b39e6ecaa75012b7"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fraud.periculum.io
x-intercom-version: 890e642a28e1c8fef786fb8db586096fca4b406b
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 207ms
64ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jan 2024 21:59:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ztiHcVpay2JrKcQlnJwZCKRqI1vOcM+VlhBiNvh9RWbFK2OBI05XuvZZisCKRqiszW1EfJ6JNPjkoghWYuQp7g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
787 B 106ms
105ms Script
application/javascript 2600:141b:5000::b81d:8fb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000::b81d:8fb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bbed830caf31bfde1f3efc8aac364b6c2d3c3932cdae9b930bda0dc5c0f833e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2024 17:26:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61415
accept-ranges: bytes
content-length: 577

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 82ms
82ms Script
application/javascript 2600:141b:5000::b81d:8fb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000::b81d:8fb9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ffc62a8cb421683a8b3899582cab2dada2337f5991bf8738a4f27f9e1089c097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2024 17:26:19 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61427
accept-ranges: bytes
content-length: 15733

GET
H2 200 691600378535886 Show response
connect.facebook.net/signals/config/ 142 KB
37 KB 114ms
113ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/691600378535886?v=2.9.140&r=stable&domain=fraud.periculum.io

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96bfd86d6ca1f8469699de6832936802e854eafc96f2ba873cb1c2be53fcbe55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jan 2024 21:59:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: yOdT9XPGwwfbR2GzwL6gDeBuNgGCpyWvGSbzvp2GdQyGATZy9D2oEbX+DI03S8QJBPofVTAjLinyvxw9XnHesQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 202 rum Show response
browser-intake-us5-datadoghq.com/api/v2/ 53 B
71 B 85ms
78ms Fetch
application/json 2600:1901:0:c072::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Adojah-app&dd-api-key=pubf8d082354267167e10e0c4e07b86d8dd&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=7452fa90-6b63-44fc-8331-0384bb6fffd0&batch_time=1705096762061

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c072:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

dc25fd0a1cfdffbd2f4cb34c7fd484f6f92b60ae85dd09d7c62f48a4db90ac74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Jan 2024 21:59:21 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
via: 1.1 google
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
dd-request-id: 7452fa90-6b63-44fc-8331-0384bb6fffd0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 196ms
65ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=691600378535886&ev=PageView&dl=https%3A%2F%2Ffraud.periculum.io%2Fsignin&rl=https%3A%2F%2Ffraud.periculum.io%2F&if=false&ts=1705096762275&sw=1600&sh=1200&ud[external_id]=7e7089163b7c12daba70f68eafbb995f&v=2.9.140&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1705096762086.546484370&cs_est=true&it=1705096761918&coo=false&cdl=&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 Jan 2024 21:59:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
app.posthog.com/s/ 13 B
434 B 254ms
252ms XHR
application/json 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1705096763033&ver=1.77.1

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 21:59:23 GMT
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: JFK50-P7
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fraud.periculum.io
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: _uuqiTloXElvV0pO-B3SslNZ3x9GiH-xO3uC6nAKXWYHzQ2MQ4CWjw==

POST
H2 200 / Show response
logs.dojah.services/api/10/envelope/ 41 B
675 B 495ms
214ms Fetch
application/json 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logs.dojah.services/api/10/envelope/?sentry_key=f066f057b7ef418a98b399d99c7bf17d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a915687c97ce8ff6f5badae30adb7d65edceb19e427717b95b46b76dbcc43f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 21:59:24 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRVqPd%2BgMG2bz9XQQnbc%2Flaro%2FQ8KQ2bp%2FTGivECEBn8fMQeE14yzFMIIFNxGkYqV3IxeNQMgyYxwP%2Bt5ALqysMjeQ30rsh9%2FasIa8ytwpeSzUQ1gr0zUEP%2BN7LVTYKSPdKwziXvbxL55adRNvrf9mc%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 8448aa9ac8b231d8-MIA
alt-svc: h3=":443"; ma=86400
content-length: 41

POST
H2 200 / Show response
logs.dojah.services/api/10/envelope/ 41 B
356 B 192ms
191ms Fetch
application/json 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logs.dojah.services/api/10/envelope/?sentry_key=f066f057b7ef418a98b399d99c7bf17d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daabdfb14463d1b16543911498c0c20b1edcc86058fb313d9b696a49b3147ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fraud.periculum.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:59:25 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48qVCtCaqgy76%2BvdJ%2Fspz07A8cuu3TSX2S4iwGy0PmT9D7HJFxPEqR7WPeD1LCwoTf1%2F9xvFzmhqBordU4zBJPO7HLoSEUteXOnwx%2B%2FXx32bPUvlv00%2FeSCGtN8IvgiEHa2ybX9zf3DxjgXRkOnrOukB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 8448aaa0bb8531d8-MIA
alt-svc: h3=":443"; ma=86400
content-length: 41

POST
H2 200 / Show response
app.posthog.com/s/ 13 B
432 B 83ms
81ms XHR
application/json 2600:9000:2512:e600:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1705096766041&ver=1.77.1

Requested by

Host: fraud.periculum.io
URL: https://fraud.periculum.io/static/js/main.f8012bdf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:e600:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fraud.periculum.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 21:59:26 GMT
via: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: JFK50-P7
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://fraud.periculum.io
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: g9epaOudBiMEs3_Z9e1jds0WYQw7y5WuxOYtKe7S62r12rXpDnzA3A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25464359.js

Domain: browser-intake-us5-datadoghq.com
URL: https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Abeacon%2Cenv%3Aproduction%2Cservice%3Adojah-app&dd-api-key=pubf8d082354267167e10e0c4e07b86d8dd&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=428c89bd-b357-4014-bea9-006ef921beca&batch_time=1705096758849

Domain: browser-intake-us5-datadoghq.com
URL: https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Abeacon%2Cenv%3Aproduction%2Cservice%3Adojah-app&dd-api-key=pubf8d082354267167e10e0c4e07b86d8dd&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=116c0368-bffe-4f9a-b5f7-ec80803bfe62

Domain: browser-intake-us5-datadoghq.com
URL: https://browser-intake-us5-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Adojah-app&dd-api-key=pubf8d082354267167e10e0c4e07b86d8dd&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=41b55566-cd9a-4f5a-a40d-efd4e27af03b

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4e5192b6.js

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendor-modern.4798fff6.js

Domain: app.posthog.com
URL: https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1705096759068&ver=1.77.1

Domain: app.posthog.com
URL: https://app.posthog.com/e/?compression=gzip-js&ip=1&_=1705096759075&ver=1.77.1

Domain: browser-intake-us5-datadoghq.com
URL: https://browser-intake-us5-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.1.0%2Capi%3Abeacon%2Cenv%3Aproduction%2Cservice%3Adojah-app&dd-api-key=pubf8d082354267167e10e0c4e07b86d8dd&dd-evp-origin-version=5.1.0&dd-evp-origin=browser&dd-request-id=dd8a775a-762d-47f0-af1e-801e682704b5&batch_time=1705096759077

Domain: logs.dojah.services
URL: https://logs.dojah.services/api/10/envelope/?sentry_key=f066f057b7ef418a98b399d99c7bf17d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.64.0

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fraud.periculum.io/	1970-01-21 03:14:16	Name: __utma Value: 206729156.1485874228.1705096757.1705096757.1705096757.1
.fraud.periculum.io/	1969-12-31 23:59:59	Name: __utmc Value: 206729156
.fraud.periculum.io/	1970-01-20 22:01:04	Name: __utmz Value: 206729156.1705096757.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.fraud.periculum.io/	1970-01-20 17:38:17	Name: __utmt_UA-179023337-1 Value: 1
.linkedin.com/	1970-01-20 19:47:52	Name: li_sugr Value: da37f340-1c96-499a-8082-0e5bdfb5fc65
.linkedin.com/	1970-01-21 02:23:52	Name: bcookie Value: "v=2&eb663880-89aa-4cc6-87fd-0aa3239e8659"
.linkedin.com/	1970-01-20 17:39:43	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2669:u=1:x=1:i=1705096757:t=1705183157:v=2:sig=AQGyv5iKTK_C-Mvn5pGy6K4eg7BI1jzc"
.linkedin.com/	1970-01-20 18:21:28	Name: UserMatchHistory Value: AQJpqmpnQKFJzAAAAYz_r8Iojb6nzfpIWP74mCmQrY8UaGpagL2aYldZrLKVfoufb22glTdrnMmQSw
.linkedin.com/	1970-01-20 18:21:28	Name: AnalyticsSyncHistory Value: AQLe0aMPxeKSqgAAAYz_r8Iptjj3hS0ciYmuVnkQcRuto53SEdFXbNJ2POs3q_sHRxQ7u5_RSJMkW95v10TI2A
.www.linkedin.com/	1970-01-21 02:23:52	Name: bscookie Value: "v=1&20240112215917cbdd07ae-4ad3-41ac-8775-0d4fd2e96584AQGoP9DNRPNgcWmpc16yHVC4w74B6Ozn"
.periculum.io/	1970-01-20 17:38:18	Name: _hjFirstSeen Value: 1
.periculum.io/	1970-01-20 17:38:18	Name: _hjIncludedInSessionSample_2966880 Value: 0
.periculum.io/	1970-01-20 17:38:18	Name: _hjSession_2966880 Value: eyJpZCI6IjBkMzE3N2UzLTVmNjQtNDhmYy04ZDg3LThmODg5NWJmOWFkYyIsImMiOjE3MDUwOTY3NTgxODgsInMiOjAsInIiOjAsInNiIjoxfQ==
.periculum.io/	1970-01-20 17:38:18	Name: _hjAbsoluteSessionInProgress Value: 1
.periculum.io/	1970-01-21 02:23:52	Name: _hjSessionUser_2966880 Value: eyJpZCI6ImEwMDQ1YWQ0LTY5YzItNTMyMi1hZWU1LTIzNWZkMzY2ZDEzMyIsImNyZWF0ZWQiOjE3MDUwOTY3NTgxODYsImV4aXN0aW5nIjp0cnVlfQ==
.fraud.periculum.io/	1970-01-20 17:38:18	Name: __utmb Value: 206729156.4.10.1705096757
.periculum.io/	1970-01-21 02:23:52	Name: ph_phc_pI4R4MaTK5ifXpQ4LRYPAAR2VxRwxLylJnMm32r1pTk_posthog Value: %7B%22distinct_id%22%3A%22018cffaf-c173-7f6f-ba1c-0921af8f574a%22%2C%22%24device_id%22%3A%22018cffaf-c173-7f6f-ba1c-0921af8f574a%22%2C%22%24user_state%22%3A%22anonymous%22%2C%22%24sesid%22%3A%5B1705096760364%2C%22018cffaf-c17b-76de-a5b3-03739913158e%22%2C1705096757627%5D%2C%22%24session_recording_enabled_server_side%22%3Atrue%2C%22%24console_log_recording_enabled_server_side%22%3Atrue%2C%22%24session_recording_recorder_version_server_side%22%3A%22v2%22%2C%22%24autocapture_disabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D
fraud.periculum.io/	1970-01-20 21:57:28	Name: __hstc Value: 90833285.7e7089163b7c12daba70f68eafbb995f.1705096761008.1705096761008.1705096761008.1
fraud.periculum.io/	1970-01-20 21:57:28	Name: hubspotutk Value: 7e7089163b7c12daba70f68eafbb995f
fraud.periculum.io/	1969-12-31 23:59:59	Name: __hssrc Value: 1
fraud.periculum.io/	1970-01-20 17:38:18	Name: __hssc Value: 90833285.1.1705096761009
.periculum.io/	1970-01-21 00:07:06	Name: intercom-id-fl4foli7 Value: 66a79ab9-d637-42dc-b3df-3edb8a16ec5f
.periculum.io/	1970-01-20 17:48:21	Name: intercom-session-fl4foli7 Value:
.periculum.io/	1970-01-21 00:07:06	Name: intercom-device-id-fl4foli7 Value: 9d28901a-7acf-44bc-891c-54ad627e8b5c
.hubspot.com/	1970-01-20 17:38:18	Name: __cf_bm Value: aYWp1DwaKVbkENuiYiLY_2qlfmyEki5VYueNFKiAvj0-1705096761-1-AeRdspInYHiYZ5F8nIkLSrvaHD9dgYdhPb6m/5QCNF1i/TAClj3+2tTRMR13kg8tANjFBeLOUPOAnKn7aljNxNo=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Zy0F1YAYEDHd5xB5vzhgZMBGZqvxFRQ6qXefWH65dCs-1705096761556-0-604800000
.periculum.io/	1970-01-20 19:47:52	Name: _fbp Value: fb.1.1705096762086.546484370
fraud.periculum.io/	1970-01-20 17:38:17	Name: _dd_s Value: rum=1&id=1eb9bb39-56c2-4906-8842-c5aec11d0ee1&created=1705096757673&expire=1705097659940

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://services.dojah.io/users/me/profile Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://services.dojah.io/users/me/profile Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-eu1.hubapi.com
api-iam.intercom.io
app.posthog.com
browser-intake-us5-datadoghq.com
connect.facebook.net
dojah-files.s3.amazonaws.com
fonts.googleapis.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
fraud.periculum.io
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
js.intercomcdn.com
logs.dojah.services
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
services.dojah.io
snap.licdn.com
ssl.google-analytics.com
static.hotjar.com
stats.g.doubleclick.net
track-eu1.hubspot.com
vc.hotjar.io
widget.intercom.io
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
app.posthog.com
browser-intake-us5-datadoghq.com
js-eu1.hs-scripts.com
js.intercomcdn.com
logs.dojah.services
108.138.106.124
13.107.42.14
13.226.34.119
172.65.192.122
172.65.202.201
172.65.208.22
172.65.219.229
172.65.232.43
172.65.238.60
172.65.240.166
18.164.96.52
18.164.96.90
2600:141b:5000::b81d:8fb9
2600:1901:0:c072::
2600:9000:2510:4400:14:9e0c:8040:93a1
2600:9000:2512:e600:1d:be94:4b80:93a1
2606:4700:3031::ac43:aec3
2606:4700:3108::ac42:2921
2607:f8b0:4004:c08::9d
2607:f8b0:4006:80d::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:821::2008
2607:f8b0:4006:824::2008
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a06:98c1:3200::90:1
3.93.29.232
52.219.92.188
54.230.163.59
03f15ba7f4fa71e82a9fcecbb6d2d87d44995fae2e0e17e9d82431dee91c1230
0a7fd6f5377acac39378f2c03317fc293a8e2e3a4fb2f17cca181c8f3233f593
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1261b032e20cbb2cc67aa180dd9dbec7f978c416bfbaffb7a3ce14bc32f5d765
13b9268a825f1a72af9fe116d4f7cedc0f2411727c050bdc2cfeecb1a8619caa
14268fc55c035cf845959e28c1ae28a1d40bc2e1a69c0483ef6f31d1c8ea9e77
148019610414d1a5788f1d3fdc29c6415163c39c4e9f5b6a6dae17fb74deeeb4
1fe0a1d0440db1d043d00405be45a6494bef459ddabc0649fcefe29741978345
26e11a38310c5039b39e6ecaa75012b72508b775ea8f7f79ee6aa757744d2a62
275b30c45dbe531b0a6fe73b44e7812ad2bd41cfdfec7ce0260bcafa9838be72
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
447365d1cfad47f9c19a4812a4463e6ed1c03ef3aa46456153c09702e1bec2ea
4b37530a26afa6822994e5b1e78ccd2d6cdf4fba38cccb23dba1587ae9098efb
4dacb462a15c59a8b78e15bc7c8fc8e5b75361ef074bf284ba7f071e96848f7f
5b56d7339b684d2e816acd83e2ede3668070baf653cab42271329efbe85afcd0
5f63f352200c3e3eba6e331227f3319383b6a3657bb1a09f99a7cdf8d06dcbc3
659646e379eb3281e62c3b079f1f714f8cf487eceee43055c5bdb4d5aaabdb19
68e8511feeb7faafb0f7c2d32dff654462e5d9a23ee23763c02db527d560bc48
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
757129c0a1d988c8bbed710c884d02f0a7d58c88935810c22ffe35b31eb9a881
77e5dcd1ff64826e434dc09b57bca06b5a365758b1d797ba3a6642918c80e442
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a915687c97ce8ff6f5badae30adb7d65edceb19e427717b95b46b76dbcc43f2
96bfd86d6ca1f8469699de6832936802e854eafc96f2ba873cb1c2be53fcbe55
a5d10536f493978a23cba3edac9242be21f1fbbbe12be2d014e5c0e2b4b09141
bbed830caf31bfde1f3efc8aac364b6c2d3c3932cdae9b930bda0dc5c0f833e2
c2731df5d36de8c6c5f2a52a1d98fd418cc92a78605ac8006c571f28bcc6c5b2
c440cdce6aee19487f3a4884aab754d9575abcda96113304ec95a37e4bd274ad
d099ab79960e500338d50d1b131627ce01d8cc283364c775202b521bffb72638
d10d29e69c87d340c17ee21077f13950a8aed2f4148fe035f4bf126f86cbe625
d9092cb4fb3eafe925fa67a4dc6b62b7c769cbcb9a1420ecaf4b5d80edeae726
daabdfb14463d1b16543911498c0c20b1edcc86058fb313d9b696a49b3147ca1
db7c9dc3fcd69a665031d75b0eecd8095bd3cd05ff0121ff4410e77716f95805
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc25fd0a1cfdffbd2f4cb34c7fd484f6f92b60ae85dd09d7c62f48a4db90ac74
e04ed0b8227dfd75e35e831fc013f2621e17a8918188b57b33dcc36c7e15112a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea32369af1971656166685db6deb1bd22b218e970c325ce9ad8312ba262c897
f10ed15c8a8deee4ee5273e505b018ad1e69eaba37ee7e4d308cfba2ce44fe0e
fb116fd7531e725b0eb15e8a5c765ef6edf8d13bc744edd45b6d8e0e5977c19d
fb9506176a7d8da54d8d8dad12baebf80cfb683d26278976be2e9e7b43a044b0
ffc62a8cb421683a8b3899582cab2dada2337f5991bf8738a4f27f9e1089c097

fraud.periculum.io Open in urlscan Pro 2600:9000:2510:4400:14:9e0c:8040:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

82 %HTTPS

50 %IPv6

27 Domains

32 Subdomains

29 IPs

1 Countries

5838 kBTransfer

18634 kBSize

28 Cookies

0 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fraud.periculum.io Open in urlscan Pro
2600:9000:2510:4400:14:9e0c:8040:93a1 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

82 %
HTTPS

50 %
IPv6

27
Domains

32
Subdomains

29
IPs

1
Countries

5838 kB
Transfer

18634 kB
Size

28
Cookies

92 HTTP transactions
0 data transactions