googrootsurvey.top Open in urlscan Pro
172.67.191.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://230.ch.mbvnclickpop2.site/0.1542333523569388
Effective URL:
https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07
Submission: On February 19 via api (February 19th 2024, 8:51:54 pm UTC) from US — Scanned from US

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 8 domains to perform 41 HTTP transactions. The main IP is 172.67.191.202, located in and belongs to . The main domain is googrootsurvey.top.
TLS certificate: Issued by E1 on February 19th 2024. Valid for: 3 months.

This is the only time googrootsurvey.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	136.243.78.223 136.243.78.223	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.130.64.156 94.130.64.156	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.204.70.16 35.204.70.16	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
17	172.67.191.202 172.67.191.202	() ()
41	3

9 136.243.78.223 (Cologne, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.223.78.243.136.clients.your-server.de

230.ch.mbvnclickpop2.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.64.156 (Würzburg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.156.64.130.94.clients.your-server.de

230.mbvnclickpop1.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.70.16 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.70.204.35.bc.googleusercontent.com

leadhits.media-412.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.191.202 (None, )

ASN- ()

googrootsurvey.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googrootsurvey.top googrootsurvey.top	165 KB
9	mbvnclickpop2.site 1 redirects 230.ch.mbvnclickpop2.site	54 KB
2	media-412.com 2 redirects leadhits.media-412.com	484 B
1	mbvnclickpop1.site 1 redirects 230.mbvnclickpop1.site	253 B
0	arleavannya.com Failed arleavannya.com Failed
0	google.com Failed www.google.com Failed
0	rtmark.net Failed my.rtmark.net Failed
0	yandex.ru Failed mc.yandex.ru Failed
41	8

	Domain	Requested by
17	googrootsurvey.top	230.ch.mbvnclickpop2.site googrootsurvey.top
9	230.ch.mbvnclickpop2.site	1 redirects 230.ch.mbvnclickpop2.site
2	leadhits.media-412.com	2 redirects
1	230.mbvnclickpop1.site	1 redirects
0	arleavannya.com Failed	googrootsurvey.top
0	www.google.com Failed	googrootsurvey.top
0	my.rtmark.net Failed	googrootsurvey.top
0	mc.yandex.ru Failed	googrootsurvey.top
41	8

This site contains no links.

Subject Issuer	Validity	Valid
*.ch.mbvnclickpop2.site R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
googrootsurvey.top E1	`2024-02-19` - `2024-05-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07
Frame ID: 56FCE7E3752DF0CE88ACFD143C9387AA
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://230.ch.mbvnclickpop2.site/0.1542333523569388 HTTP 301
https://230.ch.mbvnclickpop2.site/0.1542333523569388 Page URL
https://230.mbvnclickpop1.site/clpp HTTP 302
https://leadhits.media-412.com/click?pid=2233&offer_id=6142&sub1={CLICK_ID} HTTP 302
https://leadhits.media-412.com/click?pid=2256&offer_id=6167 HTTP 302
https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df0001... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

61 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

3
IPs

2
Countries

219 kB
Transfer

689 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://230.ch.mbvnclickpop2.site/0.1542333523569388 HTTP 301
https://230.ch.mbvnclickpop2.site/0.1542333523569388 Page URL
https://230.mbvnclickpop1.site/clpp HTTP 302
https://leadhits.media-412.com/click?pid=2233&offer_id=6142&sub1={CLICK_ID} HTTP 302
https://leadhits.media-412.com/click?pid=2256&offer_id=6167 HTTP 302
https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://230.ch.mbvnclickpop2.site/0.1542333523569388 HTTP 301
https://230.ch.mbvnclickpop2.site/0.1542333523569388

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

0.1542333523569388 Show response
230.ch.mbvnclickpop2.site/
Redirect Chain

http://230.ch.mbvnclickpop2.site/0.1542333523569388
https://230.ch.mbvnclickpop2.site/0.1542333523569388

3 KB
1 KB

458ms
152ms

Document
text/html

136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e0c67d9f50dff445832c887a9ba54f8df684ca25004b89910bfd5719b8a98edb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Feb 2024 20:51:47 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 19 Feb 2024 20:51:46 GMT
Location: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Server: nginx

GET
H/1.1 200
OK style.css
230.ch.mbvnclickpop2.site/css/ 31 B
259 B 608ms
607ms Stylesheet
text/css 136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://230.ch.mbvnclickpop2.site/css/style.css
Requested by: Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 5ac1bccfc96d710345f097fe38b981e05e9e4e41f0fbe7eb1e682a843dcb781e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://230.ch.mbvnclickpop2.site/0.1542333523569388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:51:47 GMT
Last-Modified: Sun, 20 Dec 2020 14:32:27 GMT
Server: nginx
ETag: "5fdf607b-1f"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31

GET
H/1.1 200
OK parser.js Show response
230.ch.mbvnclickpop2.site/js/ 38 KB
11 KB 759ms
151ms Script
application/javascript 136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://230.ch.mbvnclickpop2.site/js/parser.js
Requested by: Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: b24bff881729069ebc09521e828820509520130aa1ad92345bae74fc4a6096c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://230.ch.mbvnclickpop2.site/0.1542333523569388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:51:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Dec 2020 14:32:27 GMT
Server: nginx
ETag: W/"5fdf607b-986a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK check_v.2.js Show response
230.ch.mbvnclickpop2.site/js/ 5 KB
2 KB 911ms
150ms Script
application/javascript 136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://230.ch.mbvnclickpop2.site/js/check_v.2.js
Requested by: Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 2b19bf9a34450ebecb1760726195296b51bd2b6ba045aaf9091705ef9be566b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://230.ch.mbvnclickpop2.site/0.1542333523569388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:51:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Dec 2020 14:32:27 GMT
Server: nginx
ETag: W/"5fdf607b-15cf"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
230.ch.mbvnclickpop2.site/js/ 94 KB
38 KB 1527ms
615ms Script
application/javascript 136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://230.ch.mbvnclickpop2.site/js/jquery.min.js
Requested by: Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://230.ch.mbvnclickpop2.site/0.1542333523569388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:51:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Dec 2020 14:32:27 GMT
Server: nginx
ETag: W/"5fdf607b-176bb"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

POST
H/1.1 200
OK visit Show response
230.ch.mbvnclickpop2.site/230.ch.mbvnclickpop2.site/ 0
218 B 153ms
152ms XHR
text/html 136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://230.ch.mbvnclickpop2.site/230.ch.mbvnclickpop2.site/visit
Requested by: Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://230.ch.mbvnclickpop2.site/0.1542333523569388
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 19 Feb 2024 20:51:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK pixel
230.ch.mbvnclickpop2.site/230.ch.mbvnclickpop2.site/ 0
334 B 151ms
150ms Image
text/html 136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://230.ch.mbvnclickpop2.site/230.ch.mbvnclickpop2.site/pixel?f=ger43
Requested by: Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://230.ch.mbvnclickpop2.site/0.1542333523569388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:51:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK pixel
230.ch.mbvnclickpop2.site/230.ch.mbvnclickpop2.site/ 0
330 B 152ms
151ms Image
text/html 136.243.78.223
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://230.ch.mbvnclickpop2.site/230.ch.mbvnclickpop2.site/pixel?s=
Requested by: Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/0.1542333523569388
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.78.223 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.223.78.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://230.ch.mbvnclickpop2.site/0.1542333523569388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:51:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request finance-survey.html Show response
googrootsurvey.top/
Redirect Chain

https://230.mbvnclickpop1.site/clpp?
https://leadhits.media-412.com/click?pid=2233&offer_id=6142&sub1={CLICK_ID}
https://leadhits.media-412.com/click?pid=2256&offer_id=6167
https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

8 KB
4 KB

817ms
257ms

Document
text/html

172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Requested by

Host: 230.ch.mbvnclickpop2.site
URL: https://230.ch.mbvnclickpop2.site/js/check_v.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8203e416f35cfab6c09af8d14ac12f8391e746aaf63d7d22d2e27596423abc37

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://230.ch.mbvnclickpop2.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 858163f1ac91875a-MIA
content-encoding: br
content-type: text/html
date: Mon, 19 Feb 2024 20:51:53 GMT
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQ5BMeJEsVUY8JjgShShICeGIiisJHV%2By6BKPIA5XiOI7zL6ZD6%2BJ7M2RxKAi8wwlXU19iRPn8OCdkfwGCF%2BnVsPt82yCusemwqZRY5uVijG9eRjNlix8lYk6rfgBIsrcF491Zs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Mon, 19 Feb 2024 20:51:52 GMT
location: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 _rtc.a57f5308.js Show response
googrootsurvey.top/js/ 12 KB
5 KB 42ms
40ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/_rtc.a57f5308.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

332fa0692ee0944ed1606ee8e831057e1917b6f064e1a0307575241fc993de85

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-2fbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFUozAT%2FScehgr8cNLtSEHQW7z0FGzhb7alKOgjBn5byc33jkBIdvkr0wIGU8gvOCapq4XZ%2BMGYTa%2FKUoyAV4eevarWIITxGvM%2FjImh9JV9m3G0gPRuB4ZQFyIMPReYWcFBDcnc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f408ef875a-MIA

GET
H2 200 v-index.js.43877374.js Show response
googrootsurvey.top/js/ 40 KB
14 KB 53ms
52ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/v-index.js.43877374.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

116ba26d0c7a680c066d26ddb010b67b80e953c8ba255029f2e61fea049cb7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
cf-polished: origSize=40988
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
server: cloudflare
etag: W/"65cf7875-a01c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVvbgnRwvYwgJK9TzVLjt0iRwAnEufy8HK5cwmZ91H9Sqzf%2BZf%2FVMgqL30aU4LuofDdi4B1M%2FE75bnPvRU8i7bCU8H8pKhzRIFKyxEpZFY69PmBoZ60xVsdiWM0ttnw0fbDi6a0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f408f5875a-MIA

GET
H2 200 s-storageService.js.b91e9e16.js Show response
googrootsurvey.top/js/ 2 KB
1 KB 41ms
39ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/s-storageService.js.b91e9e16.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3a59e632d4bd09778bce65db1b3026d1a37944ce66a3054f081355498cd53041

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
server: cloudflare
etag: W/"65cf7875-87a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6TpoCctNrtzIksnuL%2FNShOfLWJEnI2%2FJorcPmqb3XxnF8VfMC4m%2FB0MyKXmc8%2FxN1u4VEasxzhrblggpQ1jpy%2FAVjbVhgjc%2Fo99ZiRZbeLU0o7dFmEztNOtJs%2Bx3komFrZAB9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f42949875a-MIA

GET
H2 200 s-checkSessionStorageAvailable.ts.12837a86.js Show response
googrootsurvey.top/js/ 330 B
497 B 40ms
37ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/s-checkSessionStorageAvailable.ts.12837a86.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

9d2e9adb77a341d89ce63ae2ff9a7c2ddb168ed8ef3fdca7ae7c9c9d4026537e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 351
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swOM5QnGg0hR5yUYJlnKwFZaG87s2uwWZpbI2%2BOoBe4TEl0g1JyJArO0NDnCobsIuJo1ge93auVG%2BzAYq3reXv5Fu0R6KvtGHbBpDgVe%2FqU1CqC%2FQYgxU%2BwrdtFM9xtc%2BhzO%2FfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f4294d875a-MIA

GET
H2 200 s-checkLocalStorageAvailable.ts.1678c6a7.js Show response
googrootsurvey.top/js/ 330 B
512 B 45ms
43ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/s-checkLocalStorageAvailable.ts.1678c6a7.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

efc7a0a71ba7c89b7edf29573d0c7b5332b656fccf8f2d25a66325523e3b4159

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
server: cloudflare
etag: W/"65cf7875-14a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5AnIs5Y9QUC2RDtvQ%2Ff%2FyAefOg9cMpjHhjbqL%2BNHMRWpMciT9U7hPpGtC4yKszVV90HJPsTj9TGDWQRQ56qWmKMUR12sQYM0kIoRzV9rJc1jL1RB2%2FTFrfwfCtjgAuTzjxy0lM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f4294f875a-MIA

GET
H2 200 v-redux-toolkit.esm.js.980ed593.js Show response
googrootsurvey.top/js/ 11 KB
5 KB 41ms
40ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/v-redux-toolkit.esm.js.980ed593.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

439076cdccef301c6db2a343ca9688644f8ffe5107b8e483f635e88e3c645aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2815
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-2c37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRUXZmcrIjzU%2FJGxPQiBOfP%2FDnWLu81y1rx4UYWkHKg3GA%2BLYGUWI%2BqSo2MyIRSI3%2FPg66JcEH%2BC6ElPJqchhSxDqSUD5w0NtYWZrbwNsVr7l0WAK5Bgy7v12YIU1YHy8PaAmsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f42950875a-MIA

GET
H2 200 _each-land-config.28aa726b.js Show response
googrootsurvey.top/js/ 70 KB
21 KB 97ms
96ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/_each-land-config.28aa726b.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

61320bbff9097535928d585e9d173cac818731ea58da7307ab4a6149180801c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6305
cf-polished: origSize=71784
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-11868"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snXoB1Jd0wPj1WD4eifixAID6qVHRIqbyi6MlRnXEJPb2BLtuLCujWhVqlvrrGYr3VsRww5wYJYq0vlsB6TAJcR82IYbqR3K8yAmlEbBs7xNK2uyuAyBAub0U%2BCEycRpdSxyXZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f42953875a-MIA

GET
H2 200 v-react-dom.production.min.js.49f77ed0.js Show response
googrootsurvey.top/js/ 126 KB
41 KB 56ms
54ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/v-react-dom.production.min.js.49f77ed0.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7031c302e049a449ef7f5ce723edbecd0154fc99021dacec31cd0304ec43d2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4468
cf-polished: origSize=129359
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
server: cloudflare
etag: W/"65cf7875-1f94f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFi%2FWLhF1vPQruCKanKhziTsstEEn%2BPZwY7aDhWy%2FoWuUK%2FnH6ryCRMc2IWByyUDXvZzRCVYu%2BatVBYiUvsIUbYsY9SkS7RCuSCHMcKkTP54A%2Funmc17DROcQY3H%2BwBLuFGzPj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f42957875a-MIA

GET
H2 200 _core-survey.7f88ae62.js Show response
googrootsurvey.top/js/ 165 KB
44 KB 45ms
44ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/_core-survey.7f88ae62.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

35476a72b363a55c07bb25419599c70ea5489379a08319c05fea6e69899e969b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1607
cf-polished: origSize=168846
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:08 GMT
server: cloudflare
etag: W/"65cf7878-2938e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zmrb%2FKV%2FZj45YU4yEntdlDAm%2Bvc7N09CZTJTtscVrDCShEXXHSg7jppP0a%2Bzl7PB%2F7OL4Uws%2FwhxMnPxV%2BdP%2BiTa8A7LdFtIO00GQJGVWp1LzON%2BpVN9nHUMEJbaCpmnfuNy89o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f42958875a-MIA

GET
H2 200 survey.1ad1decb.js Show response
googrootsurvey.top/js/ 7 KB
3 KB 42ms
41ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/survey.1ad1decb.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

92e2749dea98798c3452496b4544fd9cd5fe259017c53fb5c2e5785b61cf7ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1607
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-1a0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwKnCPu5D3JDRe4nKjkHlHE7yLXUTwRo%2F0T8V5lZWIcSOCq1u89l8phOBE5xnlBEB2%2FF7EEfiKfpsAZQHCrSnhHm%2Ba1HHHBOnsCIcLB9ZssSl9rAKayLSMiJ%2FArB8QKW2V5Y%2FNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f4295b875a-MIA

GET
H2 200 _core-survey.d3ac2ee0.css
googrootsurvey.top/css/ 83 B
402 B 40ms
39ms Stylesheet
text/css 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/css/_core-survey.d3ac2ee0.css

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
cf-polished: origSize=84
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
server: cloudflare
etag: W/"65cf7875-54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmg56Kdau%2BzkD9LZag1hHo2ypp17bNJHBp6Sg9DabLEkoPxqU0Y8E0wKfuAa3nIxyoCysEaER%2Bw0u7rj88uLqXuit5lRjzdgpMEQqW6UKcq1Xu8E3oTsvTPHGh%2FeqaXiE46gWno%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 858163f408f8875a-MIA

GET
H2 200 survey.3b7d0b23.css
googrootsurvey.top/css/ 70 KB
12 KB 49ms
48ms Stylesheet
text/css 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/css/survey.3b7d0b23.css

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6df993a607e008f434e5e950a08da1397044cbc442cb76d25f02cf3499c77b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 351
cf-polished: origSize=71475
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
server: cloudflare
etag: W/"65cf7875-11733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY7GIldBHvAyo%2BHcdgLWTtNy6kXAHm7mAJgbR0ML23R4mR1Lv3zUra5PGnibv2igUW3SFWI0e6dB82dS5ctNKec4HC8vCLEjnyp1R4%2FAW7EENmurHU8pbveTMAzhxvWUzmQaLFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 858163f408f9875a-MIA

GET
H2 200 icon-survey.svg
googrootsurvey.top/img/ 3 KB
1 KB 39ms
38ms Image
image/svg+xml 172.67.191.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googrootsurvey.top/img/icon-survey.svg

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/finance-survey.html?z=6070194&offer_id=9540&var=2256&ymid=65d3bf685a03df00014afd07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

58b0a3aa24ef605d4b812bcf92cbaa2e7f78bd43f929ca6362bc259da610399a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2252
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Feb 2024 15:00:05 GMT
server: cloudflare
etag: W/"65cf7875-a72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS0yCcnYTU7w2u5GjQzPjNpHeYAwcuuQgYEIJbV7eA4DX7VL4bkUTsT9%2Bn8%2Fz%2BMJ0mZe3364lUegFDT0CSpjxaWTEkvegCU1CgKs2OJg7LzE9Q3R%2BH4McEfwfBEOdbw9RNrlkrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1800
cf-ray: 858163f408fb875a-MIA

GET tag.js
mc.yandex.ru/metrika/ 0
0

GET gid.js
my.rtmark.net/ 0
0

GET
H3 200 sd-9540-en.js Show response
googrootsurvey.top/js/config/sd/ 8 KB
3 KB 42ms
42ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/config/sd/sd-9540-en.js?v=10

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/js/_each-land-config.28aa726b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3ff31d913496a3eee3a8e0d9a544ba3399dde26b393187e24d33c27d2c63be

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://googrootsurvey.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5922
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-1f1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B08KBjCqob4sxI8xzqEGzhifYUy0lb6Wh8yxuHQPxPZUUubFlyum2Qh8YGwNUSSyXuX1c37i9mhNOpBjpGF%2BKkysMFDdQvCE0jKT0QBvDR6o%2BpROl%2BXxDfxFO1I%2FWcD8FM%2BzI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f4eb656dbc-MIA

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/webp

GET cookie-consent-1.json
googrootsurvey.top/js/config/dict/ 0
0

GET
H3 200 micro.tag.min.js
googrootsurvey.top/pfe/current/ 27 KB
11 KB 424ms
423ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/pfe/current/micro.tag.min.js?z=6679101&sw=/sw/sw6679101.js&var=6070194&var_3=null&var_4=null&ymid=2256&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/js/_each-land-config.28aa726b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2539
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-6a26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nynnOXHp9SJdMIn0LJ01Yi6mhElWpWy9kQf4oYakodpEEq3DsXLBF8%2BIHmk%2Btl9M6ndYa26DXHbq7s4i5YCtFaDbq2iCrY6eSVbYikT5NPOGP1m9A1p7a7%2BPTq%2F5Xo5G23PYVUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f53bdc6dbc-MIA

GET api.js
www.google.com/recaptcha/ 0
0

GET en.json
googrootsurvey.top/js/config/comments/ 0
0

GET v-index.mjs.37c9576c.js
googrootsurvey.top/js/ 0
0

GET
H3 200 v-node.js.254f01c3.js
googrootsurvey.top/js/ 731 B
0 409ms
408ms Script
application/javascript 172.67.191.202

General

Check archive.org

Show headers Download Go to

Full URL

https://googrootsurvey.top/js/v-node.js.254f01c3.js

Requested by

Host: googrootsurvey.top
URL: https://googrootsurvey.top/js/_core-survey.7f88ae62.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.202 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:51:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2815
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 15:00:06 GMT
server: cloudflare
etag: W/"65cf7876-186b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtT00G9FK3MMWuOZB4UtjEva12H4zHN3dmr%2BN7qS5f1%2BtDYkvsqO4Zg8IoCnUyBU045Z%2FRVGz%2BuVRrryyk0hpwhzuWPb0GLYqjOrdHeZ%2F4rTPI8PTC0DuU4rq9sxuWPQQa97rt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 858163f54c056dbc-MIA

GET v-possibleStandardNamesOptimized.js.909fabfd.js
googrootsurvey.top/js/ 0
0

GET v-utilities.js.249608bf.js
googrootsurvey.top/js/ 0
0

GET v-domparser.js.53fc1385.js
googrootsurvey.top/js/ 0
0

GET v-dom-to-react.js.71c99a62.js
googrootsurvey.top/js/ 0
0

GET v-attributes-to-props.js.4abdba63.js
googrootsurvey.top/js/ 0
0

GET v-html-to-dom.js.30ae620a.js
googrootsurvey.top/js/ 0
0

GET v-constants.js.9809229e.js
googrootsurvey.top/js/ 0
0

GET SurveyContainer.70d0f894.js
googrootsurvey.top/js/ 0
0

POST sync-metrics
arleavannya.com/ 0
0

OPTIONS sync-metrics
arleavannya.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Domain: my.rtmark.net
URL: https://my.rtmark.net/gid.js?userId=tr2e9yfy3f8v1ch84k2jnuwb2dyxgxsn

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/config/dict/cookie-consent-1.json?v=10

Domain: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&hl=en

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/config/comments/en.json

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-index.mjs.37c9576c.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-possibleStandardNamesOptimized.js.909fabfd.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-utilities.js.249608bf.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-domparser.js.53fc1385.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-dom-to-react.js.71c99a62.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-attributes-to-props.js.4abdba63.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-html-to-dom.js.30ae620a.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/v-constants.js.9809229e.js

Domain: googrootsurvey.top
URL: https://googrootsurvey.top/js/SurveyContainer.70d0f894.js

Domain: arleavannya.com
URL: https://arleavannya.com/sync-metrics

Domain: arleavannya.com
URL: https://arleavannya.com/sync-metrics

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
230.ch.mbvnclickpop2.site/	1970-01-20 18:32:57	Name: _b Value: b4dda979acfa84004934649386752069
leadhits.media-412.com/	1970-01-21 03:18:31	Name: afclick Value: 65d3bf685a03df00014afd07
leadhits.media-412.com/	1970-01-21 03:18:31	Name: afoffers Value: {"6167":1708375912}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

230.ch.mbvnclickpop2.site
230.mbvnclickpop1.site
arleavannya.com
googrootsurvey.top
leadhits.media-412.com
mc.yandex.ru
my.rtmark.net
www.google.com
arleavannya.com
googrootsurvey.top
mc.yandex.ru
my.rtmark.net
www.google.com
136.243.78.223
172.67.191.202
35.204.70.16
94.130.64.156
116ba26d0c7a680c066d26ddb010b67b80e953c8ba255029f2e61fea049cb7b9
2b19bf9a34450ebecb1760726195296b51bd2b6ba045aaf9091705ef9be566b0
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
332fa0692ee0944ed1606ee8e831057e1917b6f064e1a0307575241fc993de85
35476a72b363a55c07bb25419599c70ea5489379a08319c05fea6e69899e969b
3a59e632d4bd09778bce65db1b3026d1a37944ce66a3054f081355498cd53041
439076cdccef301c6db2a343ca9688644f8ffe5107b8e483f635e88e3c645aaa
4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
58b0a3aa24ef605d4b812bcf92cbaa2e7f78bd43f929ca6362bc259da610399a
5ac1bccfc96d710345f097fe38b981e05e9e4e41f0fbe7eb1e682a843dcb781e
61320bbff9097535928d585e9d173cac818731ea58da7307ab4a6149180801c5
6a3ff31d913496a3eee3a8e0d9a544ba3399dde26b393187e24d33c27d2c63be
7031c302e049a449ef7f5ce723edbecd0154fc99021dacec31cd0304ec43d2ce
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
8203e416f35cfab6c09af8d14ac12f8391e746aaf63d7d22d2e27596423abc37
92e2749dea98798c3452496b4544fd9cd5fe259017c53fb5c2e5785b61cf7ecf
9d2e9adb77a341d89ce63ae2ff9a7c2ddb168ed8ef3fdca7ae7c9c9d4026537e
b24bff881729069ebc09521e828820509520130aa1ad92345bae74fc4a6096c8
e0c67d9f50dff445832c887a9ba54f8df684ca25004b89910bfd5719b8a98edb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6df993a607e008f434e5e950a08da1397044cbc442cb76d25f02cf3499c77b
efc7a0a71ba7c89b7edf29573d0c7b5332b656fccf8f2d25a66325523e3b4159

googrootsurvey.top Open in urlscan Pro 172.67.191.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

61 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

3 IPs

2 Countries

219 kBTransfer

689 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

googrootsurvey.top Open in urlscan Pro
172.67.191.202 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

61 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

3
IPs

2
Countries

219 kB
Transfer

689 kB
Size

3
Cookies

41 HTTP transactions
1 data transactions