urlscan.io logo urlscan.io
SecurityTrails logo

admin.questionscout.com Open in urlscan Pro
18.66.122.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Submission: On June 29 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 53 HTTP transactions. The main IP is 18.66.122.2, located in United States and belongs to AMAZON-02, US. The main domain is admin.questionscout.com.
TLS certificate: Issued by Amazon on May 28th 2022. Valid for: a year.
This is the only time admin.questionscout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    18.66.122.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-2.fra60.r.cloudfront.net
admin.questionscout.com
3    99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
js.stripe.com
6    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
t.paypal.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
4    54.205.190.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-190-166.compute-1.amazonaws.com
api2.questionscout.com
2    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.27.131.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-131-183.us-west-2.compute.amazonaws.com
m.stripe.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    108.138.7.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-17.fra56.r.cloudfront.net
beacon-v2.helpscout.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
Apex Domain
Subdomains		 Transfer
12 questionscout.com
admin.questionscout.com
api2.questionscout.com
913 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
417 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2229
t.paypal.com — Cisco Umbrella Rank: 3103
114 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1748
q.stripe.com — Cisco Umbrella Rank: 12728
m.stripe.com — Cisco Umbrella Rank: 1533
79 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 162
accounts.google.com — Cisco Umbrella Rank: 116
44 KB
3 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 11167
33 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1898
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
86 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1852
17 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1936
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
53 11
Domain Requested by
8 admin.questionscout.com admin.questionscout.com
6 www.paypal.com admin.questionscout.com
www.paypal.com
www.paypalobjects.com
5 www.gstatic.com www.recaptcha.net
www.gstatic.com
accounts.google.com
4 api2.questionscout.com admin.questionscout.com
3 accounts.google.com apis.google.com
admin.questionscout.com
www.gstatic.com
3 beacon-v2.helpscout.net admin.questionscout.com
beacon-v2.helpscout.net
3 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
3 www.recaptcha.net admin.questionscout.com
www.gstatic.com
www.recaptcha.net
3 js.stripe.com admin.questionscout.com
js.stripe.com
2 apis.google.com admin.questionscout.com
apis.google.com
2 connect.facebook.net admin.questionscout.com
connect.facebook.net
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com admin.questionscout.com
2 t.paypal.com admin.questionscout.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
1 fonts.googleapis.com admin.questionscout.com
53 17

This site contains no links.

Subject Issuer Validity Valid
admin.questionscout.com
Amazon		 2022-05-28 -
2023-06-26		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
api2.questionscout.com
Amazon		 2021-10-22 -
2022-11-19		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh
*.helpscout.net
Amazon		 2022-04-18 -
2023-05-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-07 -
2022-07-06		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Frame ID: 9F1E9412E4F0156446C1888617F089DA
Requests: 30 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: AD8938DB6D2BC067352834CE759C6DDE
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 9BDE6310920BC3752784ED00236D00DF
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B3694154367150D9DE9426163263980F
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
Frame ID: F900D646D398B585A1E4C9444D82ADAB
Requests: 7 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 307AF775AC31EEC94FDCC8C2EB4DBAAD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - QuestionScoutD2973EF2-3813-4FFB-B26B-AB4B43C9470F00FD20B0-3827-472D-BBA3-6ED38D80182B

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

53
Requests

100 %
HTTPS

44 %
IPv6

11
Domains

17
Subdomains

16
IPs

2
Countries

1761 kB
Transfer

5810 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request results
admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
26cb1fbb77c3e3c980273a35191e503077b347cf58e8d9d3f36d94cb73148141
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache
content-encoding
gzip
content-security-policy
upgrade-insecure-requests;
content-type
text/html
date
Wed, 29 Jun 2022 06:52:39 GMT
etag
W/"fa32403cec8ae03283ea74460111aca2"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
last-modified
Sun, 17 Apr 2022 13:59:41 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-id
zwEFSYkNdmVrQ-AtV916ABSNGjSCQbSkroJ6fAveJhIFpkoLzHO81g==
x-amz-cf-pop
FRA60-P2
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
/
js.stripe.com/v3/ 		314 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6b4a54fa11cb165be8cc44e46b487bd401ee7367a8a5bd15e293271e6be8f326
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
3
x-cache
Hit from cloudfront
date
Wed, 29 Jun 2022 06:52:36 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jun 2022 20:59:50 GMT
server
Cloudfront
etag
W/"494e8b0243cc5bf224e173fe61fd64c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
n0pEC_nmi3FDwBvzE4AnkYydf7NwE2MkaeJgfgwTO7KeMe27u5aIuQ==
js
www.paypal.com/sdk/ 		333 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=ATCZZqDSpBq_I_YaizB9dV-IcE99X8lopKAziRKECtDMLgkdRrzUHQmwS8j3fRbiBN3roMXuXdaV5kFj&currency=USD
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0caed8d0880353efdbd5f7dfb391ef71d4508db2cff6e919369586c1ee6f6bcb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-3ZanQdvOe1r8KABm0YA9WQXBBAYarJMxYyOh+jKTdy0ZqOOO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3ZanQdvOe1r8KABm0YA9WQXBBAYarJMxYyOh+jKTdy0ZqOOO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-3ZanQdvOe1r8KABm0YA9WQXBBAYarJMxYyOh+jKTdy0ZqOOO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-3ZanQdvOe1r8KABm0YA9WQXBBAYarJMxYyOh+jKTdy0ZqOOO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
9282
via
1.1 varnish
x-cache
HIT
p3p
true
paypal-debug-id
f534893d2d498
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
104488
x-xss-protection
1; mode=block
x-served-by
cache-hhn4060-HHN
x-timer
S1656485558.168946,VS0,VE2
x-frame-options
SAMEORIGIN
date
Wed, 29 Jun 2022 06:52:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"19828-h05VlWcva79Mmql2Qjcek2vTPEU"
accept-ranges
bytes
x-cache-hits
1
6.940108aa.chunk.css
admin.questionscout.com/static/css/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/static/css/6.940108aa.chunk.css
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
77f30f77965b59c8b42306337ce7f5aca9186c9d7948cc4e03c00bd5308f1d45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
date
Wed, 29 Jun 2022 06:52:39 GMT
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 17 Apr 2022 13:59:34 GMT
server
nginx
x-frame-options
DENY
etag
W/"069fbeaec6e666d561f39805e6c13c9f"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
vary
Accept-Encoding
content-type
text/css
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
max-age=0,no-cache
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
tTEMkKQ0V01UVIAlUim3efBEjRgdQ9olJZSsLzZoot4Xi8j6pfUqCQ==
main.44bafe12.chunk.css
admin.questionscout.com/static/css/ 		222 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/static/css/main.44bafe12.chunk.css
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
c77600639c219390674985ac139f9df06f60ac713d483bf6f905eaee2581a993
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 17 Apr 2022 13:59:34 GMT
server
nginx
x-frame-options
DENY
etag
W/"88723dbf1b37b14322e7bf698f72a36f"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
max-age=0,no-cache
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
pKyfCkjYtblQETPCzHOjcMBWndCzt59ZIMrCs_t-DGMIpHaP7NhOSQ==
6.199ecc73.chunk.js
admin.questionscout.com/static/js/ 		2 MB
545 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/static/js/6.199ecc73.chunk.js
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
99cbac1bb97cbdd51988c0222aacbcaab64e10d33563d6c142ab2659c73ae94e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 17 Apr 2022 13:59:37 GMT
server
nginx
x-frame-options
DENY
etag
W/"f0a0b95387ee05f068e5a06d64598851"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
max-age=0,no-cache
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
h7ZK47cZUsiP3pdRl6-HG9G11Yj_SMlIREAnGE8pg8t3Se3C1emeQg==
main.81b4ec74.chunk.js
admin.questionscout.com/static/js/ 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/static/js/main.81b4ec74.chunk.js
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
3c8b737f3e3bf7f994f079a1fe797880e756851660647082ea71d25aa424da60
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 17 Apr 2022 13:59:37 GMT
server
nginx
x-frame-options
DENY
etag
W/"c568ce3fb7a90f9819585ef29d361958"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
max-age=0,no-cache
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
MaKclMrIIe8W-Vd9efAnzuQQdEFIEtS-S6YiBp122xfP9K80ixJJbQ==
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=admin.questionscout.com&t=xo&v=5.0.320&source=payments_sdk&client_id=ATCZZqDSpBq_I_YaizB9dV-IcE99X8lopKAziRKECtDMLgkdRrzUHQmwS8j3fRbiBN3roMXuXdaV5kFj&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ATCZZqDSpBq_I_YaizB9dV-IcE99X8lopKAziRKECtDMLgkdRrzUHQmwS8j3fRbiBN3roMXuXdaV5kFj&currency=USD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68582d241ade25b4f9e488633d041da3b280b8749edf78771e1541d260329bed
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-toJLNba2oj+K80W3t2jHOfb5kSuwEVLZXjenAG0l4zP0kgAu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-toJLNba2oj+K80W3t2jHOfb5kSuwEVLZXjenAG0l4zP0kgAu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
108
x-cache
HIT
paypal-debug-id
f5975260feeb1
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4755
x-xss-protection
1; mode=block
x-served-by
cache-hhn4060-HHN
x-timer
S1656485558.223943,VS0,VE2
x-frame-options
SAMEORIGIN
date
Wed, 29 Jun 2022 06:52:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=3600
etag
W/"354e-Ub/VXrZyuuhjNxDsIQA0xxpwqFA"
accept-ranges
bytes
x-cache-hits
1
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=admin.questionscout.com&t=xo&v=5.0.320&source=payments_sdk&client_id=ATCZZqDSpBq_I_YaizB9dV-IcE99X8lopKAziRKECtDMLgkdRrzUHQmwS8j3fRbiBN3roMXuXdaV5kFj&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3323) /
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
70826292c6ca2
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
16464
last-modified
Tue, 03 May 2022 17:28:29 GMT
server
ECAcc (muc/3323)
etag
"6271663d-da91"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 29 Jun 2022 07:52:38 GMT
ts
t.paypal.com/ 		42 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ALZ4MSHADMWB94-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ALZ4MSHADMWB94-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cc63a889-b4bf-40b2-88a5-a76dce205745&fltp=analytics&mrid=LZ4MSHADMWB94&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=QuestionScout&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1656485558231&g=0&completeurl=https%3A%2F%2Fadmin.questionscout.com%2Fform%2F6215dd89e41aaa65d94a75a9%2Fresults
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F55) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 06:52:38 GMT
content-type
image/gif
server
ECAcc (frc/8F55)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
5d97c92325ee2
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=173
timing-allow-origin
*
content-length
42
expires
Wed, 29 Jun 2022 06:52:38 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame AD89 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3367) /
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Wed, 29 Jun 2022 06:52:38 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"6271663d-d994"
expires
Wed, 29 Jun 2022 07:52:38 GMT
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
3ac17a4a6328c
server
ECAcc (muc/3367)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ALZ4MSHADMWB94-1&page=muse%3Aoffer%3A%3A%3ALZ4MSHADMWB94-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cc63a889-b4bf-40b2-88a5-a76dce205745&es=visitorInfoFlowStarted&mrid=LZ4MSHADMWB94&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=QuestionScout&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1656485558332&g=0&completeurl=https%3A%2F%2Fadmin.questionscout.com%2Fform%2F6215dd89e41aaa65d94a75a9%2Fresults
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD4) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 06:52:38 GMT
content-type
image/gif
server
ECAcc (frc/8FD4)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9735cdb7b9773
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=156
timing-allow-origin
*
content-length
42
expires
Wed, 29 Jun 2022 06:52:38 GMT
graphql
www.paypal.com/targeting/ Frame AD89 		434 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb201d1a9f920b79ab87da27d24cd32126b837a2166804de65b19989b782208e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-i8gub4RnXsFnzjsnCTsDzAb/AQy9A73TUpmr5otLB+Jdnbjh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-i8gub4RnXsFnzjsnCTsDzAb/AQy9A73TUpmr5otLB+Jdnbjh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish
vary
Accept-Encoding
x-cache
MISS
paypal-debug-id
f1252421dfa69
date
Wed, 29 Jun 2022 06:52:38 GMT
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn4060-HHN
x-timer
S1656485559.568260,VS0,VE226
x-frame-options
SAMEORIGIN
etag
W/W/"1b2-/if7UvnQs9+DBlQ7J3juts58E6Q"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
content-encoding
br
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 29 Jun 2022 06:52:38 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f113947d4ed66
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4070-HHN
x-timer
S1656485558.364150,VS0,VE184
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/css/main.44bafe12.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b5f20dbd9cf77d00666082e72d5adfb61e2b829fb51ea4ab66005d272766f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 04:55:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 06:52:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 06:52:38 GMT
api.js
www.recaptcha.net/recaptcha/ 		953 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onLoadCaptchaV3Callback&render=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/6.199ecc73.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0fa376a6bb3f988a063017863c585fb061ab384b647ed1ce21985dbd344c702f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616
x-xss-protection
1; mode=block
expires
Wed, 29 Jun 2022 06:52:39 GMT
/
api2.questionscout.com/socket.io/ 		96 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.questionscout.com/socket.io/?token=null&EIO=4&transport=polling&t=O6kExlM
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/6.199ecc73.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.190.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-190-166.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
c058fd1877b2f715b752dcbdb2f6c2cba7a382bb23b6d100710ee0350d2fbd0f

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Jun 2022 06:52:39 GMT
server
nginx/1.21.6
content-length
96
content-type
text/plain; charset=UTF-8
m-outer-6262077c14f753400d607dc30e70f1af.html
js.stripe.com/v3/ Frame 9BDE 		240 B
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2693
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 29 Jun 2022 06:07:54 GMT
etag
"6262077c14f753400d607dc30e70f1af"
last-modified
Fri, 10 Jun 2022 18:43:47 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
Q82BR-cbR6rRmJSqLb12Xj9tzf3yMDQD8yKJQNsnZUJh8858VKkU_g==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 9BDE 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 29 Jun 2022 06:52:39 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
js.stripe.com/v3/fingerprinted/js/ Frame 9BDE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4
x-cache
Hit from cloudfront
date
Wed, 29 Jun 2022 06:52:39 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:43:57 GMT
server
Cloudfront
etag
W/"77711798ecf99b8bb8207cf88a10d73c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
LsBwB7O5AdSPjbm9VvGCp2HYRE8SgO2OBBjr9ekF9c5RQjNfx5HsSg==
inner.html
m.stripe.network/ Frame B369 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
282
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 29 Jun 2022 06:52:39 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
249
x-content-type-options
nosniff
x-request-id
9c6abd08-27a6-4b42-9fb4-46b46036c8b4
x-served-by
cache-hhn4066-HHN
x-timer
S1656485559.326287,VS0,VE0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onLoadCaptchaV3Callback&render=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://admin.questionscout.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:07:51 GMT
csp-report
q.stripe.com/ Frame B369 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 06:52:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame B369 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
208
x-cache
HIT
content-length
16031
x-request-id
64efbac5-f5ca-4353-b841-e435d0a62b0a
x-served-by
cache-hhn4066-HHN
server
Fastly
x-timer
S1656485559.338461,VS0,VE0
date
Wed, 29 Jun 2022 06:52:39 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
189
6
m.stripe.com/ Frame B369 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.131.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-131-183.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
41a725308980933f7795098a69336d0964383fe8a2001bae164004b96b5ea61f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 29 Jun 2022 06:52:39 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
anchor
www.recaptcha.net/recaptcha/api2/ Frame F900 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c32f7452ce7ebad92f22017ed25751fd9d67913ad70a077da9b0f20b0c34df89
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RjNqDSI1EyAll1PF8l6nJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22495
content-security-policy
script-src 'report-sample' 'nonce-RjNqDSI1EyAll1PF8l6nJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 06:52:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.questionscout.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:07:46 GMT
x-content-type-options
nosniff
age
49493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:07:46 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame F900 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:50:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame F900 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 06:07:51 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F900 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 18:59:48 GMT
x-content-type-options
nosniff
age
42771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 05 Jul 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F900 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
49558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F900 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:48:37 GMT
x-content-type-options
nosniff
age
79442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:48:37 GMT
/
api2.questionscout.com/socket.io/ 		2 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.questionscout.com/socket.io/?token=null&EIO=4&transport=polling&t=O6kExqu&sid=HADDHrmak0rtBAvRAiyW
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/6.199ecc73.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.190.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-190-166.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 29 Jun 2022 06:52:39 GMT
server
nginx/1.21.6
content-length
2
content-type
text/html
/
api2.questionscout.com/socket.io/ 		114 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.questionscout.com/socket.io/?token=null&EIO=4&transport=polling&t=O6kExqv&sid=HADDHrmak0rtBAvRAiyW
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/6.199ecc73.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.190.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-190-166.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
e4d8657db0215ee56c806e458acf81c06a1cf59ea6e9a977ae9156fddc7ebc91

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Jun 2022 06:52:39 GMT
server
nginx/1.21.6
content-length
114
content-type
text/plain; charset=UTF-8
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame F900 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LelHqkUAAAAAEZ8OOKqrVEZenT2Jo-mt1Dcj97r&co=aHR0cHM6Ly9hZG1pbi5xdWVzdGlvbnNjb3V0LmNvbTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=u55n6rpg7ltn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Wed, 29 Jun 2022 06:52:39 GMT
/
beacon-v2.helpscout.net/ 		458 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14b477791f77c635bd4d27ab3b7959d914a5c491a03530d3b042e7cc822886b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:51:52 GMT
content-encoding
gzip
last-modified
Fri, 17 Jun 2022 17:59:40 GMT
server
AmazonS3
age
50
etag
"08d766895461e982f1f6bb17a3acc240"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
326
x-amz-cf-id
zSJJMkIxhQs4OUKMiWXrLtLMKQKRzXfwKVhChi3SV8jnLG08Fq7_Gg==
vendor.5ae5f94a.js
beacon-v2.helpscout.net/static/js/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.5ae5f94a.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cc3fe95d12a93d9fd685f5fa53abea2048f14f301eb1620313312b750085585

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 05:38:07 GMT
content-encoding
gzip
last-modified
Fri, 17 Jun 2022 17:59:41 GMT
server
AmazonS3
age
4473
etag
"d5126a82b0bdd4a3ccf5b5e2865bec50"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
22722
x-amz-cf-id
KNbCCuADfOUMUuPFzhccKWcU7wy21Aa5Vg-r-91b4JnJHDxPOtJnAQ==
main.e0bf299c.js
beacon-v2.helpscout.net/static/js/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.e0bf299c.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
618a4bfd2e4145934f3905ff58685f64f84d70f0431e18f0081d152ed747d69f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:07:05 GMT
content-encoding
gzip
last-modified
Fri, 17 Jun 2022 17:59:41 GMT
server
AmazonS3
age
2735
etag
"4e7c5f2e579819c53f642652ecb68499"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
9788
x-amz-cf-id
tLSqA7TPPCDpGuOPpfQHYcsvir2wJGoaJ6jy90JBR3FGy9fYWFZT0Q==
logger
www.paypal.com/xoplatform/logger/api/ 		1003 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/6.199ecc73.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
17b07c9d9cb92d1a57e9ca8c6b6e467b6cce5e339e36ee1fc5cad90347b8c1f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 29 Jun 2022 06:52:40 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f133865856201
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4070-HHN
x-timer
S1656485560.888500,VS0,VE175
etag
W/W/"3eb-LgOPAXvpj0I9wUgUJMJ57MiFE0M"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.questionscout.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin.questionscout.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://admin.questionscout.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 29 Jun 2022 06:52:39 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f1338652a562a
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4070-HHN
x-timer
S1656485560.693000,VS0,VE187
3.9638164d.chunk.js
admin.questionscout.com/static/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/static/js/3.9638164d.chunk.js
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ccfcc96365556bd7a2517b5ff83c0eedf28a430cdfae775c2f4cc1255bea1447
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 17 Apr 2022 13:59:36 GMT
server
nginx
x-frame-options
DENY
etag
W/"71e39b05a54c206501b9cc4b841698e5"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
max-age=0,no-cache
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
hwNZfaMK3uVIbriPWxVQRwYK4UgZC0dAWWQHxlCTknhZVx3C3KbvYA==
27.11631bb0.chunk.css
admin.questionscout.com/static/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/static/css/27.11631bb0.chunk.css
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
faeca1a95940c8f7a07e339f30ea0b832f699b5acf5ab2162b4e23056ea4f87a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 17 Apr 2022 13:59:34 GMT
server
nginx
x-frame-options
DENY
etag
W/"c888aa539e68722dc849ab844648e7af"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
strict-transport-security
max-age=31536000
content-type
text/css
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
max-age=0,no-cache
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
9TD9pVXN5SFlVmXuZJMbhnn4tUzQwMmEDBzXFD1JWqgeQRlg83t_fQ==
27.337c16cb.chunk.js
admin.questionscout.com/static/js/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.questionscout.com/static/js/27.337c16cb.chunk.js
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-2.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
0fe6fcad081d5cbd82e123583ed607dc88ef36f5f26f1e011134a856b36b7af4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront
date
Wed, 29 Jun 2022 06:52:41 GMT
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Sun, 17 Apr 2022 13:59:36 GMT
server
nginx
x-frame-options
DENY
etag
W/"ab19a587543e6dfdfbbed94eea95b571"
expect-ct
max-age=86400, enforce, report-uri="https://questionscout.report-uri.com/r/d/csp/enforce"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
cache-control
max-age=0,no-cache
feature-policy
geolocation none;midi none;notifications self;push self;sync-xhr self;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment self;
content-security-policy
upgrade-insecure-requests;
x-amz-cf-id
gkEveavHT-wfzUuzyB4ihK7WsM_Q4EAik7vFpRqtre1TU1hYzh3WdA==
/
api2.questionscout.com/socket.io/ 		1 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.questionscout.com/socket.io/?token=null&EIO=4&transport=polling&t=O6kExse&sid=HADDHrmak0rtBAvRAiyW
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/6.199ecc73.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.190.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-190-166.compute-1.amazonaws.com
Software
nginx/1.21.6 /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Jun 2022 06:52:40 GMT
server
nginx/1.21.6
content-length
1
content-type
text/plain; charset=UTF-8
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/3.9638164d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
537e6274ed7632abe47e806d0b98065e92511fa2d7412f77844f128db1f34886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TsFNfM3otUljxb7Vi7G3GQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
S2ZLa7dH1CUPRUp2sL2v+nLQc0ljpwekKFKi5Pv9FKGC4TDi8j0dma+zuy9LQzBV35GWdB2l3sE3NLzU9cISkw==
x-fb-trip-id
917726464
x-fb-content-md5
b89ff89f537a2dfa405e9c01c242afab
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 29 Jun 2022 06:52:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"241eeb6f955244355de6f942688ceef4"
timing-allow-origin
*
expires
Wed, 29 Jun 2022 07:06:18 GMT
api.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/static/js/3.9638164d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ea949901347c2d47eee3e4b87b2a01ed7da200797ca5f7833895bc7b2eb898
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 29 Jun 2022 06:52:40 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"62022d8722bdbfd3"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 06:52:40 GMT
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=548158ca22d53ec98fecee874ca41ba8
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfcdac51dad1637f3a43aebb4bf250a835116a1f25c38ad8a04653efaa5c519d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
Origin
https://admin.questionscout.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
q3iWF0VvauHs/iO+k1IEGw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85957
x-fb-rlafr
0
x-fb-debug
h2vFzZ7SsaclviLoGSPMGVjr0iMu50CJUPdr9KfTSxsCAF0pYv67Ktg4G0WND8ShkUAZwrKlPJebKWT3FZwIuA==
x-fb-content-md5
ac07dfa6e0dc914a13d6da97482724d9
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 29 Jun 2022 06:52:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"bf645848a6fe436e19f38ea4ec46db91"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Jun 2023 06:03:13 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59c7712e75a6f0bbefd0fefa67e85d464cf14bbd7463331f4ba7e0a963ace1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 05:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36570
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 05:46:01 GMT
iframe
accounts.google.com/o/oauth2/ Frame 307A 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59d353482d720409e6505387d1f868f838b4faba2662809bdd65416f3a291375
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lIgzDcaYv41FVOLdL7faKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lIgzDcaYv41FVOLdL7faKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 06:52:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 307A 		2 KB
850 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: admin.questionscout.com
URL: https://admin.questionscout.com/form/6215dd89e41aaa65d94a75a9/results
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89fd8a8ff2666fd87e567ef325a828c4c2df5a004a8511c92bf807b962c3a2c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 06:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.OJNmyZe-_aM.es5.O/d=1/rs=AOaEmlEsH-FwQbqZ81PHBwzT4IOaFRaVfA/ Frame 307A 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.OJNmyZe-_aM.es5.O/d=1/rs=AOaEmlEsH-FwQbqZ81PHBwzT4IOaFRaVfA/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
447a966f9c3c316da778ae29c2cd3972fa922b00f7b01bd3473c59a4141324a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 20:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34455
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 20:48:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 20:44:58 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 307A 		49 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fadmin.questionscout.com&client_id=454161137540-8u87841b6qvv2ncqof3o6uprkecrpa3f.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.OJNmyZe-_aM.es5.O/d=1/rs=AOaEmlEsH-FwQbqZ81PHBwzT4IOaFRaVfA/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-rj5tEMgvNhct_IoRo1tz3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 06:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-rj5tEMgvNhct_IoRo1tz3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires
Wed, 29 Jun 2022 06:52:40 GMT
6
m.stripe.com/ Frame B369 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.131.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-131-183.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
41a725308980933f7795098a69336d0964383fe8a2001bae164004b96b5ea61f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 29 Jun 2022 06:52:43 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| fullStoryStartedLoad boolean| fullStoryDidLoad boolean| lastOrPendingFullStoryEnableState function| persistentEnableFullStory function| Beacon function| fbq function| _fbq object| __webpackStripeJSv3Jsonp function| Stripe object| __post_robot_11_0_0___uid_wyrfqkrdjrrbnryisejljfrdcclpzf object| paypal object| __zoid_10_1_0___uid_wyrfqkrdjrrbnryisejljfrdcclpzf object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL object| webpackJsonpformsquare-frontend object| regeneratorRuntime function| _ object| __SENTRY__ object| __core-js_shared__ object| core object| QS boolean| __react-beautiful-dnd-disable-dev-warnings function| onLoadCaptchaV3Callback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_812932 object| beaconJsonp function| fbAsyncInit object| FB object| gapi object| ___jsl object| osapi

14 Cookies

Domain/Path Name / Value
.paypal.com/ Name: ts_c
Value: vr%3Dae3bb8921810a5b207361c1cffffffff%26vt%3Dae3bb8921810a5b207361c1cfffffffe
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY1NjQ4NTU1ODcxNyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3AEW7JVHN8rUyBSZ5Qaq4D5XFybQ3pWQz8.s9kE8OVq0jl21drg2lqUuoK%2FeyASovxt3UMsLREFt68
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1751179958%26vteXpYrS%3D1656487358%26vr%3Dae3bb8921810a5b207361c1cffffffff%26vt%3Dae3bb8921810a5b207361c1cfffffffe%26vtyp%3D
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
m.stripe.com/ Name: m
Value: f6defe5d-447a-4b9c-bda6-c2b46470cd42006202
.admin.questionscout.com/ Name: __stripe_mid
Value: 085905aa-43d4-42bb-9196-c9f31fcbed80978439
.admin.questionscout.com/ Name: __stripe_sid
Value: d3ca7cb5-b98d-4fe6-ba8d-345ce541bbd2cdb35f
.admin.questionscout.com/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=vx7pbhDBEUMfaGXqO-0vOexc-pkfLpFC2GGkgR10D83WHCrVMbMPX-ThL7msdG5SBYhPF-l7QlN6k1WmEnL0zJx-Aw0eVWcYQziOw_t003ppfzqZc-e3cxa7mNuTc46VdBrCYZ0q0D7fxFhdDrfq8AS6NN0EGgJGhMFex_uGnEw

15 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'push'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'self'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'self'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'self'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
admin.questionscout.com
api2.questionscout.com
apis.google.com
beacon-v2.helpscout.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
t.paypal.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
108.138.7.17
151.101.128.176
151.101.193.21
18.66.122.2
192.229.221.25
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:812::2003
2a00:1450:4001:82b::200d
2a00:1450:4001:830::2003
2a03:2880:f02d:12:face:b00c:0:3
52.27.131.183
54.187.119.242
54.205.190.166
99.86.4.99
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0caed8d0880353efdbd5f7dfb391ef71d4508db2cff6e919369586c1ee6f6bcb
0cc3fe95d12a93d9fd685f5fa53abea2048f14f301eb1620313312b750085585
0fa376a6bb3f988a063017863c585fb061ab384b647ed1ce21985dbd344c702f
0fe6fcad081d5cbd82e123583ed607dc88ef36f5f26f1e011134a856b36b7af4
14b477791f77c635bd4d27ab3b7959d914a5c491a03530d3b042e7cc822886b6
17b07c9d9cb92d1a57e9ca8c6b6e467b6cce5e339e36ee1fc5cad90347b8c1f8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26cb1fbb77c3e3c980273a35191e503077b347cf58e8d9d3f36d94cb73148141
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3c8b737f3e3bf7f994f079a1fe797880e756851660647082ea71d25aa424da60
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41a725308980933f7795098a69336d0964383fe8a2001bae164004b96b5ea61f
447a966f9c3c316da778ae29c2cd3972fa922b00f7b01bd3473c59a4141324a0
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
537e6274ed7632abe47e806d0b98065e92511fa2d7412f77844f128db1f34886
59d353482d720409e6505387d1f868f838b4faba2662809bdd65416f3a291375
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
618a4bfd2e4145934f3905ff58685f64f84d70f0431e18f0081d152ed747d69f
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
68582d241ade25b4f9e488633d041da3b280b8749edf78771e1541d260329bed
6b4a54fa11cb165be8cc44e46b487bd401ee7367a8a5bd15e293271e6be8f326
6b5f20dbd9cf77d00666082e72d5adfb61e2b829fb51ea4ab66005d272766f9e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77f30f77965b59c8b42306337ce7f5aca9186c9d7948cc4e03c00bd5308f1d45
89fd8a8ff2666fd87e567ef325a828c4c2df5a004a8511c92bf807b962c3a2c5
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
98ea949901347c2d47eee3e4b87b2a01ed7da200797ca5f7833895bc7b2eb898
99cbac1bb97cbdd51988c0222aacbcaab64e10d33563d6c142ab2659c73ae94e
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b59c7712e75a6f0bbefd0fefa67e85d464cf14bbd7463331f4ba7e0a963ace1d
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
c058fd1877b2f715b752dcbdb2f6c2cba7a382bb23b6d100710ee0350d2fbd0f
c32f7452ce7ebad92f22017ed25751fd9d67913ad70a077da9b0f20b0c34df89
c77600639c219390674985ac139f9df06f60ac713d483bf6f905eaee2581a993
ccfcc96365556bd7a2517b5ff83c0eedf28a430cdfae775c2f4cc1255bea1447
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
dfcdac51dad1637f3a43aebb4bf250a835116a1f25c38ad8a04653efaa5c519d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d8657db0215ee56c806e458acf81c06a1cf59ea6e9a977ae9156fddc7ebc91
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
faeca1a95940c8f7a07e339f30ea0b832f699b5acf5ab2162b4e23056ea4f87a
fb201d1a9f920b79ab87da27d24cd32126b837a2166804de65b19989b782208e