sendmesamples.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://iwin.rewardsadvisor.com/
Effective URL:
https://sendmesamples.com/
Submission: On October 25 via manual (October 25th 2022, 3:48:58 pm UTC) from US — Scanned from DE

Summary HTTP 238 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 30 domains to perform 238 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sendmesamples.com.
TLS certificate: Issued by E1 on October 4th 2022. Valid for: 3 months.

This is the only time sendmesamples.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	52.43.151.13 52.43.151.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	54.231.226.24 54.231.226.24	16509 (AMAZON-02) (AMAZON-02)
5	13.41.96.213 13.41.96.213	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:1f97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::ac43:1ee1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.118.135 13.32.118.135	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.49.160.208 52.49.160.208	16509 (AMAZON-02) (AMAZON-02)
2 8	2606:4700:303... 2606:4700:3034::6815:3e4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:218... 2600:9000:2182:b800:13:7c59:6e80:21	16509 (AMAZON-02) (AMAZON-02)
1 4	52.71.143.120 52.71.143.120	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:ac00:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.214.230.128 18.214.230.128	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.156.196 13.226.156.196	16509 (AMAZON-02) (AMAZON-02)
1	52.73.153.179 52.73.153.179	14618 (AMAZON-AES) (AMAZON-AES)
10	2600:9000:224... 2600:9000:224a:8200:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.157.116.120 35.157.116.120	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	18.66.248.46 18.66.248.46	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	95.101.200.23 95.101.200.23	16625 (AKAMAI-AS) (AKAMAI-AS)
59	34.242.174.14 34.242.174.14	16509 (AMAZON-02) (AMAZON-02)
1 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	198.145.13.11 198.145.13.11	2044 (DF-PTL01) (DF-PTL01)
1 1	108.157.4.94 108.157.4.94	16509 (AMAZON-02) (AMAZON-02)
238	37

12 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

iwin.rewardsadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
impressure-c630.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.43.151.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-151-13.us-west-2.compute.amazonaws.com

events.impressure.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.226.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.41.96.213 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:1ee1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aimtell.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.118.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-135.fra60.r.cloudfront.net

djk97zng6lbya.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.160.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-160-208.eu-west-1.compute.amazonaws.com

live.r3engage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3034::6815:3e4e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

go.aramistrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sendmesamples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2182:b800:13:7c59:6e80:21 (United States)

ASN16509 (AMAZON-02, US)

d3v6q7097edepm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.71.143.120 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-143-120.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:ac00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.214.230.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-230-128.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-196.dus51.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.153.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-153-179.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:224a:8200:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:170 (United States)

ASN13335 (CLOUDFLARENET, US)

app.convertful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.116.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-116-120.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.66.248.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-46.dus51.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 34.242.174.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

connect.ongage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.11 (Tualatin, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-94.dus51.r.cloudfront.net

analytics.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	ongage.net connect.ongage.net — Cisco Umbrella Rank: 721340	500 KB
56	sendmesamples.com sendmesamples.com	4 MB
22	sharethis.com w.sharethis.com — Cisco Umbrella Rank: 18494 ws.sharethis.com — Cisco Umbrella Rank: 8587 l.sharethis.com — Cisco Umbrella Rank: 4781 count-server.sharethis.com — Cisco Umbrella Rank: 12131	98 KB
10	kxcdn.com impressure-c630.kxcdn.com — Cisco Umbrella Rank: 991900	139 KB
8	aramistrk.com 2 redirects go.aramistrk.com	6 KB
8	aimtell.com 1 redirects signals.aimtell.com — Cisco Umbrella Rank: 4447 beacon.aimtell.com — Cisco Umbrella Rank: 23241 cdn.aimtell.com — Cisco Umbrella Rank: 5833 analytics.aimtell.com — Cisco Umbrella Rank: 16463	6 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 112 accounts.google.com — Cisco Umbrella Rank: 83	129 KB
7	cloudfront.net djk97zng6lbya.cloudfront.net d3v6q7097edepm.cloudfront.net d2m2wsoho8qq12.cloudfront.net	40 KB
6	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 25908 cdn.trustedform.com — Cisco Umbrella Rank: 29116	41 KB
5	aimtell.io cdn.aimtell.io — Cisco Umbrella Rank: 6718	20 KB
5	anura.io script.anura.io — Cisco Umbrella Rank: 49715	40 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	4 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	9 KB
3	leadid.com create.leadid.com — Cisco Umbrella Rank: 15175	2 KB
3	amazonaws.com s3.amazonaws.com	27 KB
3	impressure.io events.impressure.io — Cisco Umbrella Rank: 898666	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	89 KB
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 12058 in.getclicky.com — Cisco Umbrella Rank: 9719	6 KB
2	convertful.com app.convertful.com — Cisco Umbrella Rank: 79427	18 KB
2	media.net contextual.media.net — Cisco Umbrella Rank: 570 lg3.media.net — Cisco Umbrella Rank: 4108	564 B
2	r3engage.com live.r3engage.com — Cisco Umbrella Rank: 162941	17 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	rewardsadvisor.com iwin.rewardsadvisor.com — Cisco Umbrella Rank: 385046	88 KB
1	gstatic.com ssl.gstatic.com	5 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 713	5 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1773
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	37 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 15510	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 25961	39 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	27 KB
238	30

	Domain	Requested by
59	connect.ongage.net	sendmesamples.com connect.ongage.net
56	sendmesamples.com	impressure-c630.kxcdn.com sendmesamples.com
10	count-server.sharethis.com	ws.sharethis.com
10	impressure-c630.kxcdn.com	iwin.rewardsadvisor.com impressure-c630.kxcdn.com
9	ws.sharethis.com	w.sharethis.com ws.sharethis.com sendmesamples.com
8	go.aramistrk.com	2 redirects sendmesamples.com
5	apis.google.com	ws.sharethis.com apis.google.com accounts.google.com
5	cdn.aimtell.io	s3.amazonaws.com
5	script.anura.io	iwin.rewardsadvisor.com script.anura.io sendmesamples.com
5	fonts.googleapis.com	impressure-c630.kxcdn.com d3v6q7097edepm.cloudfront.net sendmesamples.com
4	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	d3v6q7097edepm.cloudfront.net	iwin.rewardsadvisor.com
4	signals.aimtell.com	iwin.rewardsadvisor.com s3.amazonaws.com
3	www.facebook.com	1 redirects sendmesamples.com connect.facebook.net
3	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
3	s3.amazonaws.com	iwin.rewardsadvisor.com sendmesamples.com
3	events.impressure.io	iwin.rewardsadvisor.com impressure-c630.kxcdn.com
2	beacon.aimtell.com	s3.amazonaws.com
2	accounts.google.com	apis.google.com iwin.rewardsadvisor.com
2	connect.facebook.net	sendmesamples.com connect.facebook.net
2	l.sharethis.com	w.sharethis.com sendmesamples.com
2	app.convertful.com	sendmesamples.com app.convertful.com
2	cdn.trustedform.com	api.trustedform.com
2	live.r3engage.com	impressure-c630.kxcdn.com live.r3engage.com
2	djk97zng6lbya.cloudfront.net
2	www.google-analytics.com	iwin.rewardsadvisor.com www.google-analytics.com
2	iwin.rewardsadvisor.com	impressure-c630.kxcdn.com
1	analytics.aimtell.com	1 redirects
1	cdn.aimtell.com	s3.amazonaws.com
1	in.getclicky.com	static.getclicky.com
1	ssl.gstatic.com	accounts.google.com
1	static.xx.fbcdn.net	www.facebook.com
1	lg3.media.net	sendmesamples.com
1	script.crazyegg.com	sendmesamples.com
1	www.googletagmanager.com	sendmesamples.com
1	static.getclicky.com	sendmesamples.com
1	contextual.media.net	sendmesamples.com
1	w.sharethis.com	sendmesamples.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	iwin.rewardsadvisor.com
1	cdnjs.cloudflare.com	impressure-c630.kxcdn.com
238	42

This site contains links to these domains. Also see Links.

Domain
inventgem.com
topsweeps.com
gethealthy.us
www.facebook.com
www.twitter.com
www.pinterest.com
aimtell.com

Subject Issuer	Validity	Valid
iwin.rewardsadvisor.com R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
impressure.io Amazon	`2022-07-26` - `2023-08-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
script.anura.io Amazon	`2022-07-12` - `2023-08-10`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-08`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
*.r3engage.com Go Daddy Secure Certificate Authority - G2	`2021-12-30` - `2023-01-27`	a year	crt.sh
*.sendmesamples.com E1	`2022-10-04` - `2023-01-02`	3 months	crt.sh
create.leadid.com Amazon	`2022-09-21` - `2023-10-19`	a year	crt.sh
*.trustedform.com Amazon	`2022-09-11` - `2023-10-09`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.aramistrk.com E1	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.ongage.net Amazon	`2022-10-16` - `2023-11-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-04` - `2022-11-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-01` - `2023-09-01`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://sendmesamples.com/
Frame ID: 3F6B25CC30EC96588FE2F1552117E13A
Requests: 155 HTTP requests in this frame

Frame: https://signals.aimtell.com/traverse
Frame ID: 36238D11EC738D65A7501D725326E014
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=74104E92-4790-AE99-4EE2-CA3A231C1B03&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Frame ID: 06AC75F5A1C59B6E5E50CB07962D46BF
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=74104E92-4790-AE99-4EE2-CA3A231C1B03&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Frame ID: 2A740D10C854F3ADE5EBAC9453EDC5FF
Requests: 2 HTTP requests in this frame

Frame: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
Frame ID: EE6CE231EE7EB19673AC17084EEDC40C
Requests: 59 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fsendmesamples&width=265&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=1414577605449786
Frame ID: 5602C21E3396A03130615629932CB09C
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ftrick-or-treat-pick-these-5-halloween-deals-save-your-money%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 9EE7E81CE7F731D4C1CEE0B3DB9647D4
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-magic-face-mask%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: FA5872BC2C84E8C76CA86996E530E34E
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Fwin-a-beis-carry-on-travel-bag-sweepstakes%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 17CBD50705AD64915A3C21E9C53CFF8D
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-refrigerated-truffle-bars%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 803927FDA9FD1AD49FFF946E3E23F884
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-plant-based-burgers-rebate-offer%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: EF8F0F19D7311B37868F3CC49200F83B
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Fbecome-a-surveyqueen-make-money-online%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 6175CCC30915A83B1F2EA5FD0035A2AA
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-childrens-hospitals-week-bandages%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 68CB64DA372F2C52E6151763280907B1
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-babycozy-diapers-sample%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 2540042332337809E59C28FB2D7F48E2
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-dickinsons-deep-cleanser%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 2EC7E1810C5790FE5D82F4947EEEE702
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-playtex-clean-comfort-tampons%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 80CB91547BFC160BA5C7EA2277DD43B1
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsendmesamples.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: CB49A6ABFD3E8696A69B0B890631D643
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d1ee6767e8ec8%2526domain%253Dsendmesamples.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsendmesamples.com%25252Ff107e81c4eda064%2526relation%253Dparent.parent%26container_width%3D266%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsendmysamples%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: 2D948A3F3F204EC08213EB3AB8BEAD70
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 5889EBE3808FAC1ADF5DE03489B492F2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SendMeSamples.com

Page URL History Show full URLs

https://iwin.rewardsadvisor.com/ Page URL
http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_... HTTP 302
https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-&aff_sub1=012-&aff_sub2=---012&aff_sub3=daf414... HTTP 302
https://sendmesamples.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

Aimtell (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.aimtell\.\w+/

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

ShareThis (Widgets) Expand

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

238
Requests

94 %
HTTPS

57 %
IPv6

30
Domains

42
Subdomains

37
IPs

5
Countries

5440 kB
Transfer

9834 kB
Size

23
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://inventgem.com/ac6a05c768ad041660275d050b5300140/?sid1=sms&sid2=&sid3=&sid4=

Search URL Search Domain Scan URL

URL: https://inventgem.com/a9e32248265d6e8ac83d6246d70f8d3a8/?sid1=sms&sid2=&sid3=&sid4=

Search URL Search Domain Scan URL

URL: https://inventgem.com/aa2a07bbe715d60886221f55dca18d67c/?sid1=sms&sid2=&sid3=&sid4=

Search URL Search Domain Scan URL

URL: https://inventgem.com/a63a1b868e5e8fedac1f87a1362d3b0be/?sid1=sms&sid2=&sid3=&sid4=

Search URL Search Domain Scan URL

URL: https://inventgem.com/a53a9900f31436f90305da2381ede2cff/?sid1=sms&sid2=&sid3=&sid4=

Search URL Search Domain Scan URL

URL: https://inventgem.com/ab3ea0aa3a7558b974878589abe29c2a7/?sid=sms&sid2=&sid3=&sid4=

Search URL Search Domain Scan URL

URL: https://topsweeps.com/

Search URL Search Domain Scan URL

URL: https://gethealthy.us/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sendmesamples

Search URL Search Domain Scan URL

URL: https://www.twitter.com/sendmesamples

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/sendsamples/

Search URL Search Domain Scan URL

URL: https://aimtell.com/liked-our-push-notification-widget?domain=sendmesamples.com&utm_source=aimtell&utm_medium=prompt&utm_campaign=23512&utm_content=type-3
Title: by Aimtell

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://iwin.rewardsadvisor.com/ Page URL
http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-&aff_sub2=---012&aff_sub3=daf4143e-01dd-4669-a8af-be4cf9d4e59e&aff_sub4= HTTP 302
https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-&aff_sub1=012-&aff_sub2=---012&aff_sub3=daf4143e-01dd-4669-a8af-be4cf9d4e59e&aff_sub4=&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3-generic-0 HTTP 302
https://sendmesamples.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205

Request Chain 226

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d1ee6767e8ec8%26domain%3Dsendmesamples.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsendmesamples.com%252Ff107e81c4eda064%26relation%3Dparent.parent&container_width=266&height=500&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fsendmysamples%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false&tabs=timeline&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d1ee6767e8ec8%2526domain%253Dsendmesamples.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsendmesamples.com%25252Ff107e81c4eda064%2526relation%253Dparent.parent%26container_width%3D266%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsendmysamples%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Request Chain 237

https://analytics.aimtell.com/prompt-view?id_site=23512&prompt_type=3&prompt_id=4294 HTTP 302
https://s3.amazonaws.com/cdn.aimtell.com/prompt/pixel.jpg

238 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
iwin.rewardsadvisor.com/ 390 KB
66 KB 649ms
518ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://iwin.rewardsadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 57369bdf6ba3d0fcee334d025a57e675f74a6f47f362aa86a9b75f8a4bc7d459

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-length: 66721
content-type: text/html
date: Tue, 25 Oct 2022 15:48:43 GMT
etag: "d7295ebb995fbe6178172ccf1265a6fe"
last-modified: Tue, 25 Oct 2022 15:46:52 GMT
server: keycdn-engine
x-amz-version-id: T0kacN_23J_Gq2dUAihN37B8JO7mqR96
x-cache: MISS
x-cache-status: HIT
x-edge-location: defr

GET
H2 200 presenter.ae7ecc5.css
impressure-c630.kxcdn.com/ 18 KB
5 KB 85ms
16ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:44 GMT
content-encoding: br
x-amz-request-id: DXCK2VVB2RYXFBP4
x-edge-location: defr
x-cache: HIT
content-length: 4919
x-amz-id-2: /nwLFXUpI18+uz0WbbMCSjaeP1oCtrn0scxaFTWFufdnO+QQerVsWzzSgUmNDlRvRtgXjXvKgGo=
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
server: keycdn-engine
etag: "c8ba4cfb85a21500b78f527fec541e40"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:44 GMT

GET
H2 200 presenter.b5337b9.js Show response
impressure-c630.kxcdn.com/ 408 KB
105 KB 114ms
26ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a6a54d80b5c033492bf1d432789671f1faa06e46916add5a469cfacd370c3eba

Request headers

Referer: https://iwin.rewardsadvisor.com/
Origin: https://iwin.rewardsadvisor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:44 GMT
content-encoding: br
x-amz-request-id: PFD2B6M957VBPQB6
x-edge-location: defr
x-cache: STALE
content-length: 106527
x-amz-id-2: HBHwSPk2rZCfBSC+pdLjhLnb2rxtmrkTNXlfBKehs07aM1yDziTvO2z7ok8M5fIWOm/WnlMvQc0=
last-modified: Mon, 19 Sep 2022 23:22:53 GMT
server: keycdn-engine
etag: "5fa7b94726c1a44b9120065cb124128a"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1970
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 25 Oct 2022 17:15:54 GMT

GET
H/1.1 200
OK info Show response
events.impressure.io/ 878 B
1 KB 747ms
183ms XHR
application/json 52.43.151.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/info?v=2&nonce=10437497328048710&userId=

Requested by

Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.151.13 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-151-13.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

e68244cb8041db791be321b81da5c122a95a711e76202bba77638fe41c166563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 15:48:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"36e-FtOwzzVT9COC+a+QB8a1Tr02jwk"
X-Powered-By: Express
Vary: Accept-Encoding, Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 612

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 loading.d78985d5a90c42d31aaaf9203cddb569.gif
impressure-c630.kxcdn.com/ 2 KB
2 KB 15ms
15ms Image
image/gif 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:44 GMT
content-encoding: gzip
x-amz-request-id: FB2K9WZM5NJNF9VH
x-edge-location: defr
x-cache: HIT
content-length: 1315
x-amz-id-2: yZ1YzLo0V9JJppMfTjTpiE2Y5bGA60CR/qF2BzIp+rBSjCdufncpAv0nLBeQVuv8VYIIv+PwsR8=
last-modified: Tue, 21 Aug 2018 14:21:48 GMT
server: keycdn-engine
etag: W/"d78985d5a90c42d31aaaf9203cddb569"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:44 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/ 84 KB
27 KB 73ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1711316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26983
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e7e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75fc1924592f6909-FRA
expires: Sun, 15 Oct 2023 15:48:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
973 B 705ms
28ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@500;800&display=swap

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4dd6ecdbe8ca863a0b4f2466b23a41e9157ebf8323286ece740d5d2eb78f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 15:48:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 15:48:45 GMT

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/trackpush/ 47 KB
13 KB 358ms
127ms Script
text/javascript 54.231.226.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.226.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 53e7247e0683d7fc377a2d3bd91e1f8d2c2144e77ab331762ca1f8ed85af4866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 15:48:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jun 2022 15:49:51 GMT
Server: AmazonS3
x-amz-request-id: 37F8YQ7BVHE4E2P6
ETag: "2852a7e73e6ac9f0ec2ec335bb611c3f"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 13336
x-amz-id-2: EoOHpLSzQMI+AlX3jBlXBUHZfEN3gV++NtMR8WWQnUytneFFTAgjUOt6WdbhSfmyxJ6ytONF1Lw=

GET
H2 200 request.js Show response
script.anura.io/ 53 KB
19 KB 196ms
112ms Script
application/javascript 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2383107219&source=-&campaign=2017&variable=optionalResponseObjectVariable&264041741976

Requested by

Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

03d4f80fb9fd3b1fbda8bed454b883ea7cb82e17fc85020dd60cd0bfc24ee83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 track.js Show response
signals.aimtell.com/ 3 KB
2 KB 126ms
52ms Script
text/javascript 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/track.js
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsrcEOBpCjKNuSJcabCkLwgH0EeKk7dXWHOaJpc6Cnk6vvr9ptz6hwvrwOg1wPvG4IInsBoECTD6P6na670pso
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 10 Sep 2021 18:50:33 GMT
server: cloudflare
etag: W/"e9cc12470321b3946d361c51f89f737a"
vary: Accept-Encoding
x-goog-hash: crc32c=VcSEVw==, md5=6cwSRwMhs5RtNhxR+J9zeg==
x-goog-generation: 1631299833653847
content-type: text/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 3188
cf-ray: 75fc1925283890dd-FRA
expires: Tue, 25 Oct 2022 19:48:45 GMT

GET
H2 200 96d42ed6-dc0a-4617-be28-4e58e2ce8b6b.js Show response
iwin.rewardsadvisor.com/chunk/182398/ 183 KB
22 KB 503ms
502ms Script
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://iwin.rewardsadvisor.com/chunk/182398/96d42ed6-dc0a-4617-be28-4e58e2ce8b6b.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 5418d95fa27a9bc79305337c6a652390a6285a607afe8aa6fb94cd948325e535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: br
x-amz-version-id: lyTmL4.Oe_VV1yQZMu5m5IQcTNN4AO.e
last-modified: Tue, 25 Oct 2022 15:46:48 GMT
server: keycdn-engine
x-edge-location: defr
etag: "732b0f9566668f0b1f78a0edb642d852"
x-cache-status: HIT
x-cache: MISS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 22552

GET
H/1.1 200
OK lists Show response
events.impressure.io/ 31 B
424 B 201ms
200ms Fetch
application/json 52.43.151.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.impressure.io/lists?id=0&q=193.27.14.28%C2%ABaf259db141b1893e3b54918d59313501&v=4
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.151.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-151-13.us-west-2.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817

Request headers

accept: application/json
Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 25 Oct 2022 15:48:45 GMT
Server: nginx
ETag: W/"1f-w2zQu5TAHledxtxl6Y4gzn1Q0XY"
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 31

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
312 B 28ms
28ms XHR
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=24312&v=3.972&support=1&state=default&wl=1
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: https://iwin.rewardsadvisor.com
aimtell-traverse: 1
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials: true
cf-ray: 75fc1926fbd090dd-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 24312-041e2bdba891.json
cdn.aimtell.io/config/optin/ 626 B
898 B 811ms
496ms XHR
application/json 2606:4700:10::ac43:1ee1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/optin/24312-041e2bdba891.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:46 GMT
content-encoding: gzip
via: 1.1 96d2df8d2655bf1d48c2f4e4db090ae6.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
content-length: 424
last-modified: Mon, 02 May 2022 17:56:33 GMT
server: cloudflare
etag: "ad9357b4d852b54d407519c4f7bfd01e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 75fc1928ef0c9043-FRA
x-amz-cf-id: kEhP4aoai21tHtrW3GsNpeBBECIS2Mdj3DDZl7IRCFOxfzzhBXkxuA==

GET
H2 200 chunk.4.e1ba812.css
impressure-c630.kxcdn.com/ 2 KB
1 KB 16ms
15ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.e1ba812.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: br
x-amz-request-id: 7JQE512NWNAWM1T0
x-edge-location: defr
x-cache: HIT
content-length: 784
x-amz-id-2: bJ4kJHylnlPPySl5rfUuN3oViyLNAqkK/vwxv05GxSJw63GSk/JVlAYiK2bj1wjzrkkMbKsToRk=
last-modified: Tue, 23 Aug 2022 19:45:27 GMT
server: keycdn-engine
etag: "1d4504cd8eb1a924fa3877af155e3acb"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:45 GMT

GET
H2 200 chunk.4.632257f.js Show response
impressure-c630.kxcdn.com/ 58 KB
14 KB 16ms
16ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.632257f.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: br
x-amz-request-id: F69Q8XF0HSGPDDB7
x-edge-location: defr
x-cache: STALE
content-length: 13564
x-amz-id-2: /NI949Nx53OaAFkxxx5+jLd1jYPaPuo/lxStr26RRMv7/BQUDKhSLURuy1Fs55oJC3PqJhOIyBA=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "b1ded3ed49dd625cfd1196fd4bf192df"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:45 GMT

GET
H2 200 chunk.7.b6c5ab6.css
impressure-c630.kxcdn.com/ 1 KB
962 B 24ms
23ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.b6c5ab6.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: br
x-amz-request-id: JKHQQWF5A2D495EB
x-edge-location: defr
x-cache: HIT
content-length: 537
x-amz-id-2: 4OAPXK0YuGUgNFC5FSXZj+3DRP0SBUkMwwjEQK+on3g07Wffdyq47wgQWGymm5NPn93hev2tgEw=
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
server: keycdn-engine
etag: "1f2e32f2ccbe4956bd43b676c6acbdc8"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:45 GMT

GET
H2 200 chunk.7.9b4f67e.js Show response
impressure-c630.kxcdn.com/ 11 KB
4 KB 24ms
24ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.9b4f67e.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: br
x-amz-request-id: 77NH73PZJ60M23ZJ
x-edge-location: defr
x-cache: HIT
content-length: 3350
x-amz-id-2: /OV9EPeef+rU3vf2p7X+e+IaK2uGnpaGIfsI3p6eKG+kel8WRzriR40JGJ9IyjGt1ut0RfHwyoQ=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "aab16c3901aa85bf6cbd3d12fb635424"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:45 GMT

GET
H2 200 chunk.13.7a5258a.js Show response
impressure-c630.kxcdn.com/ 17 KB
5 KB 16ms
16ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.13.7a5258a.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: br
x-amz-request-id: A1525Y1A8E0RK0M6
x-edge-location: defr
x-cache: HIT
content-length: 5065
x-amz-id-2: PVeMJ4b8Xz1CGL6yoGO71IpPCZnoBUISkcx/zZCBiBTns29E0BixfqAwFvK2+Yb/Q7XqHYToxus=
last-modified: Tue, 23 Aug 2022 19:45:26 GMT
server: keycdn-engine
etag: "04b6f9c350e90de6b9711301bf2c2b72"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:45 GMT

GET
H2 200 9086e7bb-0ba7-4528-820b-009d4963a4bd.jpeg
djk97zng6lbya.cloudfront.net/2021/08/11/14/44/11/ 21 KB
21 KB 101ms
20ms Image
image/jpeg 13.32.118.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2021/08/11/14/44/11/9086e7bb-0ba7-4528-820b-009d4963a4bd.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-135.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 13:25:56 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 11 Aug 2021 14:44:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 12536570
etag: "e71c04f2f21888eee777324d31e9cc3d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 21451
x-amz-cf-id: kKd1RKWpef2LyA3cnq2lR8mXzJEr8jnrcvT9jBfo9LCATX7no-zCgA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 24ms
22ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=257819644&t=pageview&_s=1&dl=https%3A%2F%2Fiwin.rewardsadvisor.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Registration%20Page%20Full%20Form&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACACI~&jid=426926522&gjid=755133739&cid=255793348.1666712924&tid=UA-204685638-1&_gid=2106898284.1666712924&_r=1&_slc=1&cd1=&z=2124691471

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iwin.rewardsadvisor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK events Show response
events.impressure.io/ 72 B
498 B 233ms
232ms Fetch
application/json 52.43.151.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/events

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.151.13 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-151-13.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

d960181f1cef397a194bb097f18b64e8ea5cce9ce7ef72e58485115e58b37318

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 25 Oct 2022 15:48:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"48-ssru7XElPWfpy2hjbEwWIqwTiaQ"
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 72

POST
H2 200 response.json Show response
script.anura.io/ 127 B
469 B 150ms
87ms XHR
application/json 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2383107219&source=-&campaign=2017&variable=optionalResponseObjectVariable&264041741976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ffe06e478b898e3e3476425bbdb3f9af058a211dfdcec8f47ccede00f90168eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 071efcf0-16ca-43c2-b7cc-802683471ae0.png
djk97zng6lbya.cloudfront.net/2021/08/11/14/42/38/ 8 KB
9 KB 18ms
17ms Image
image/png 13.32.118.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2021/08/11/14/42/38/071efcf0-16ca-43c2-b7cc-802683471ae0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-135.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 755158b8ec87a849abf410abd4f21887243ce6975e6aeff7cdd5d1fd3a2780cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 27 May 2022 19:27:45 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Wed, 11 Aug 2021 14:42:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 13033260
etag: "59fe4cfd2c2f6d7878dd42219052f91b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 8523
x-amz-cf-id: qS1eogyxHASDa3Zap-DnMKebN9cH_nf3Ox_XLSWWdBGN8TQUhtWvWQ==

GET
H2 200 traverse Show response
signals.aimtell.com/ Frame 3623 30 B
108 B 37ms
37ms Document
text/html 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/traverse
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19

Request headers

Referer: https://iwin.rewardsadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
cf-ray: 75fc1929185490dd-FRA
content-length: 30
content-type: text/html;charset=UTF-8
date: Tue, 25 Oct 2022 15:48:45 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 47b3ebf1-f568-05ac-6674-6ba34499f7ed.js
create.lidstatic.com/campaign/ 123 KB
39 KB 953ms
834ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:46 GMT
x-amz-version-id: 5JI6_9mQEcY4dxyGZejKF2h_R9yx04Bh
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 00:58:09 GMT
server: cloudflare
x-amz-request-id: 8YGGN5E4ZC486XJV
etag: W/"20fae4d7e0d2d0c42436760c62228a02"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 75fc192a2a20bb77-FRA
x-amz-id-2: nzmpwx1EHeYiyqWbGxPt07lAEEY7dzCWmjCYVvqwN2CmrLxubCX4Nrpi+2/j9s5aPQJRzO7DQmI=

GET
H2 200 1414
live.r3engage.com/ 5 KB
5 KB 429ms
124ms Script
text/javascript 52.49.160.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.r3engage.com/1414
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/chunk.13.7a5258a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.160.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-160-208.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
x-powered-by: PHP/7.2.26
content-type: text/javascript;charset=UTF-8

GET
H2 200 chunk.15.d44ea61.js Show response
impressure-c630.kxcdn.com/ 1 KB
897 B 16ms
16ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.15.d44ea61.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2410ed76bab2930d473ed00294256a24b191a35f14ae6560478ae8da68811464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: br
x-amz-request-id: APATAZ98M6XN3DK0
x-edge-location: defr
x-cache: STALE
content-length: 462
x-amz-id-2: cEKymNnwKw602O8Nvs2ybnSm7XpUgiaisLDFMTo57nlPEKiVZZfa7OFaHxkUmOEvblurATWE7hM=
last-modified: Tue, 23 Aug 2022 19:45:29 GMT
server: keycdn-engine
etag: "177cbe0c08381557dbead1c6707ce73c"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:45 GMT

GET
H2 200 chunk.12.4476a10.js
impressure-c630.kxcdn.com/ 5 KB
2 KB 388ms
388ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.12.4476a10.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:46 GMT
content-encoding: br
x-amz-request-id: 37F7RPSD540TGRM4
x-edge-location: defr
x-cache: MISS
content-length: 1691
x-amz-id-2: iZtpFFQkQF5n26gFI5stZR9Wbsu9g1iQOYaZ3Fcn0vbwUdpVxyG53j5WfUjsSv1Q2bHpg2PAp4Q=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "b3549b5c75fd5d72654ca0107db411bd"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Tue, 01 Nov 2022 15:48:46 GMT

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b193cca67a1a3485f0418f26f67cfcd728df50e8f5b71c4fb477c918651d0ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 result.json
script.anura.io/ 76 B
432 B 51ms
51ms XHR
application/json 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2

200

Primary Request / Show response
sendmesamples.com/
Redirect Chain

http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-&aff_sub2=---012&aff_sub3=daf4143e-01dd-4669-a8af-be4cf9d4e59e&aff_sub4=
https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-&aff_sub1=012-&aff_sub2=---012&aff_sub3=daf4143e-01dd-4669-a8af-be4cf9d4e59e&aff_sub4=&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3...
https://sendmesamples.com/

78 KB
17 KB

1538ms
1460ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 999474d91f767a1cc26cb4da1782ea3714926a4c3be9f570f3f31d471ffda43e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75fc192dddf0912e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 15:48:47 GMT
link: <https://sendmesamples.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SREh4m6vWJtZPEBTRpptvO65yPwl5%2FKY2TifEaOrQ1OfKCopDbdhPYotJ3XK0w2ip%2B%2FaD8NFfgM6lGv3kQQPl1cAsYmfNUhBCHyOGlogofCP0rpo82rnEiCuLvs906hcFswBO24vrw9viFTVfxG4jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34

Redirect headers

access-control-allow-headers: Tune-SDK-Version
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75fc192cd890bb47-FRA
content-type: text/html; charset=iso-8859-1
date: Tue, 25 Oct 2022 15:48:46 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://sendmesamples.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI CUR OUR NOR INT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxYZnZGhVW%2F0sB1RnIh9Vqed2ipBIbgRllA4P%2F7ocy2oKcx4yhzO%2BtVamlSoPR%2BySNK5K78m3rE2oclIAtsIheBzMrBf3flFUKad2EQv0wMdm54fdj52xNtyP8Y8%2Fnb8hZS1UITdg6AX2NkUimh9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102229165127761611591892131576
x-request-id: 8a823267afa618626e0e7f1dcb557394
x-robots-tag: noindex, nofollow

GET
H2 200 r3engage.php
live.r3engage.com/ 12 KB
12 KB 209ms
209ms Script
text/html 52.49.160.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.r3engage.com/r3engage.php?r3move=1&r3cache=0&testsess6876=ca23ffa22ee878c95e0ae0a825f1386f&referrer=&fp=_&ce=a&res=b&cnv=f&ver=d&res_av=c&ver_os=e&campaign_id=1414&s1=&t1=&t2=&t3=
Requested by: Host: live.r3engage.com
URL: https://live.r3engage.com/1414
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.160.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-160-208.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.26
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
date: Tue, 25 Oct 2022 15:48:46 GMT
cache-control: no-store, no-cache, must-revalidate
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
x-powered-by: PHP/7.2.26
content-type: text/html; charset=UTF-8

GET
H2 200 animate3.css
d3v6q7097edepm.cloudfront.net/css/ 71 KB
5 KB 140ms
19ms Stylesheet
text/css 2600:9000:2182:b800:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/css/animate3.css
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b800:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:14:04 GMT
content-encoding: gzip
via: 1.1 f12c01365a7e1bcbb4b6d5b856516526.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:33:11 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 35207
etag: W/"6cafe138e48efead0052fcf75e8d7ec1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: x1HZJ0WJvaC9o74zzMao5rAMTvNCXUKb9wqWNCObdbjU-W_1hwKrwQ==

GET
H2 200 font_style.css
d3v6q7097edepm.cloudfront.net/fonts/ 388 B
720 B 140ms
19ms Stylesheet
text/css 2600:9000:2182:b800:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b800:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 17:41:50 GMT
via: 1.1 f12c01365a7e1bcbb4b6d5b856516526.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jan 2020 16:59:31 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 79617
etag: "b1aefbe0145794b1b12df477e94590fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 388
x-amz-cf-id: mjWpbUQaw3K4173X5sQEztpOvBiXqivdU2JLtl7_fRz8gNeUluRc6A==

GET
H2 206 1kb.mp3
d3v6q7097edepm.cloudfront.net/mp3/ 1 KB
1 KB 140ms
20ms Media
audio/mp3 2600:9000:2182:b800:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b800:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://iwin.rewardsadvisor.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 24 Oct 2022 19:47:46 GMT
via: 1.1 f12c01365a7e1bcbb4b6d5b856516526.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:32:24 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 72449
etag: "2fab401479fc569b1d333e5c561fa50a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-1151/1152
accept-ranges: bytes
x-amz-cf-id: jBBd5pjBpqx0c-JC3z8CdylN2z7GD8JD65kWaM9LaSZ7Qp02q66SJg==
Content-Length: 1152

GET
H3 200 css
fonts.googleapis.com/ 702 B
368 B 59ms
26ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One

Requested by

Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3v6q7097edepm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 15:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 14:13:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 15:48:46 GMT

GET
H3 200 css
fonts.googleapis.com/ 9 KB
977 B 59ms
27ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster

Requested by

Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3v6q7097edepm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 15:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 15:48:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 15:48:46 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
538 B 57ms
25ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,300,600,700

Requested by

Host: d3v6q7097edepm.cloudfront.net
URL: https://d3v6q7097edepm.cloudfront.net/fonts/font_style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3v6q7097edepm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 15:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 15:42:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 15:48:46 GMT

GET
H2

200

bootstrap.js
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205
https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205

8 KB
4 KB

198ms
138ms

Script
application/javascript

2600:9000:223d:ac00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205
Protocol: H2
Server: 2600:9000:223d:ac00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:47 GMT
x-amz-version-id: zf4ijuzvSsU0Tal.ZZJLDHqE7VqwjEi9
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 17:48:28 GMT
server: AmazonS3
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"647d5353b63df3b4ed201da87c98cc2d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: ULDf1yLQlx8CTeO--Jd1HvS3zslNX16qBdjX6LprYj8Tmhhb3ob1oA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205
date: Tue, 25 Oct 2022 15:48:46 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 200 GenerateToken
create.leadid.com/2.11.9/ 36 B
660 B 431ms
146ms XHR
text/plain 18.214.230.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=7586b770-2288-43b2-8102-718361a3b280&_=824832045

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-230-128.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 15:48:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 24312-041e2bdba891.json
cdn.aimtell.io/config/ 95 B
316 B 193ms
190ms XHR
application/json 2606:4700:10::ac43:1ee1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/24312-041e2bdba891.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:46 GMT
content-encoding: gzip
via: 1.1 1444224b4b97d67af7507c4e96f65844.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
content-length: 104
last-modified: Fri, 13 Aug 2021 18:56:17 GMT
server: cloudflare
etag: "2e9a47727caf9c4def7ceb9e72845ea1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 75fc19302d9c9043-FRA
x-amz-cf-id: ISZjwpv2y151eOaPPPMXoG8aVz1sXTzkKRicFXW91umFUOZt2UdZsg==

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 06AC 3 KB
2 KB 81ms
20ms Document
text/html 13.226.156.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=74104E92-4790-AE99-4EE2-CA3A231C1B03&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.226.156.196 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-156-196.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://iwin.rewardsadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 36658
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 25 Oct 2022 05:37:59 GMT
ETag: W/"63472048-dbb"
Last-Modified: Wed, 12 Oct 2022 20:15:04 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ZXttgfDR2DbIYwkaYUSm1nCFRVG2d8Fv-0jzFA_2JRcZkmeT3kUL5w==
X-Amz-Cf-Pop: DUS51-C1
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom
create.leadid.com/2.11.9/ 0
624 B 112ms
112ms XHR
text/plain 18.214.230.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=7586b770-2288-43b2-8102-718361a3b280&token=74104E92-4790-AE99-4EE2-CA3A231C1B03&_=824832046

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-230-128.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 15:48:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs
api.trustedform.com/ 475 B
686 B 338ms
111ms XHR
application/json 52.71.143.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-143-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 15:48:47 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 iframe.html
deviceid.trueleadid.com/ Frame 2A74 4 KB
2 KB 392ms
101ms Document
text/html 52.73.153.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=74104E92-4790-AE99-4EE2-CA3A231C1B03&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=74104E92-4790-AE99-4EE2-CA3A231C1B03&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.153.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-153-179.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Tue, 25 Oct 2022 15:48:47 GMT
etag: W/"632c7ff9-1049"
expires: Wed, 26 Oct 2022 15:48:47 GMT
last-modified: Thu, 22 Sep 2022 15:32:09 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 200 Snap
create.leadid.com/2.11.9/ 0
624 B 224ms
223ms XHR
text/plain 18.214.230.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=3&pid=7586b770-2288-43b2-8102-718361a3b280&token=74104E92-4790-AE99-4EE2-CA3A231C1B03&_=824832047

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.214.230.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-230-128.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 15:48:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trustedform-1.8.30.js
cdn.trustedform.com/ 99 KB
37 KB 20ms
19ms Script
application/javascript 2600:9000:223d:ac00:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16667129265050.9739492797796205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ac00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: C4KqA2Ml8NtIH1tcFWoBNv3GWDN3hi8K
content-encoding: gzip
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Tue, 25 Oct 2022 15:48:29 GMT
last-modified: Mon, 24 Oct 2022 17:48:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 19
etag: W/"a5b5dad6197e972a745a719bfccfb334"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rC5U2IQxkQVKNUeGCp26iMv8klPI-j-Bz5Nn8CsLLbop6XUWkAYpkw==

POST
H2 204 snapshot
api.trustedform.com/certs/9bf7d59a09642fc44e674b570c68c5f1bb244aea/ 0
159 B 233ms
233ms XHR
text/plain 52.71.143.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/9bf7d59a09642fc44e674b570c68c5f1bb244aea/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-143-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 15:48:47 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints
api.trustedform.com/certs/9bf7d59a09642fc44e674b570c68c5f1bb244aea/ 0
159 B 224ms
224ms XHR
text/plain 52.71.143.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/9bf7d59a09642fc44e674b570c68c5f1bb244aea/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.30.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.143.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-143-120.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 15:48:47 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 206 1kb.mp3
d3v6q7097edepm.cloudfront.net/mp3/ 1 KB
1 KB 22ms
21ms Media
audio/mp3 2600:9000:2182:b800:13:7c59:6e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b800:13:7c59:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://iwin.rewardsadvisor.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 24 Oct 2022 19:47:46 GMT
via: 1.1 f12c01365a7e1bcbb4b6d5b856516526.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 17:32:24 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 72450
etag: "2fab401479fc569b1d333e5c561fa50a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-1151/1152
accept-ranges: bytes
x-amz-cf-id: P_aX8DY9UNE4Xkb77EJHP8TCYmjS6wGMXw3pb6TsfrMuCsAi7XGCew==
Content-Length: 1152

GET SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 2A74 0
0

GET
H3 200 style.css
sendmesamples.com/wp-content/themes/wp-prosper204/ 58 KB
11 KB 533ms
484ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/style.css
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9dfc20bfcc735d078a1fba8a9e318179da81fc326cdfdeeb4e8d49e6f44d7bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Mar 2015 13:07:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e70a-511a3e112cb40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crDzldhmdgUByOQeI1YADGuPX%2FvBKAKd8lRWhMZWVKyrKDWdB43iXDUYm8pNEWqkCLBsNTZu8bhqNbRkaZ1qqzUsKwrVKmC5hrdyix0vGdbI9BWoXZ9JTufSqHjsfN54KhxcA1QX2Bnxje9O329gBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc193758688fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.css
sendmesamples.com/wp-content/plugins/share-this/css/ 264 B
637 B 476ms
428ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/share-this/css/style.css?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 918af567de57ab7349f6c8978d908f66ac0dd756b044330778ce1e0cdef6b9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jun 2018 15:53:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"108-56e2367816fc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzYMrB1tqX%2Ff3TBLpkJoFKeuy5HUY1Eqd7q9i5AUcQMcGLv7mqgRse6TbEeIzT1Grwtcl78dvZQ%2BReaoM0P0cUxkFIAy2LgD4ojVklcDbU%2BZnBZgJPW7YhQO4LctGPIpNO%2FnHL6gOMqgpXlTlkG%2FEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc1937586c8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 video-container.min.css
sendmesamples.com/wp-content/plugins/simple-embed-code/css/ 221 B
598 B 537ms
489ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/simple-embed-code/css/video-container.min.css?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074d9505d547acdfced56ba7203b153958881abceb7a19326029f652acb75191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Aug 2022 07:48:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"dd-5e656f7fbbc9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHVohwfcFgQE75p3E4RCRSXrRiSj60IE%2FzpEhK1Evgcy7iEzswlQq4QMiSNP%2FPuXcunQXoYYuxrmS5vqgdX6pJ07TgizKF5YUE1174dUFzORe%2FfRLUKP4bQdI7DJVlYycGCfUkChFa9sVK%2FEtQEU%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc1937586a8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sfsi-style.css
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/css/ 73 KB
13 KB 503ms
455ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275785354056321f622bfbdc7907492605d4c9362e0117a8bf5c7de6480da71c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Jun 2021 12:24:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1240a-5c46877a358b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVUrWjI3SKynRzw%2BbDApKiUj52XU%2F2rzt3aUoHUQh4T65A5dYvIgstQZ5YyIIncdTESwDLZaD%2FiFj1tpqBXyu5yDgK6wdlmPyzFkMZ1NHG5a9nuc84R%2B55D681M3UUnO8nk7nbzpUraxIvC81gKNoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc1937586b8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 font-awesome.min.css
sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/ 30 KB
7 KB 466ms
418ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Dec 2020 08:57:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7918-5b5634feee7c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYFAB48Ojvnr9MOP5ZYRX51QppKnWCuCICxNUaooPKcT7hJKBuaYZ1vDhYcfb4ob68%2B7gVKz8cUtMQiMj4b0GVfLdZOh5w7cvmi6X71E83tt1t%2BC%2Be9KU2MpI58lZKzFGhAUSh5%2BJA2Afs29nM7pwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc193758728fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core.css
sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/ 456 B
684 B 486ms
438ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/core.css?ver=1.2.2
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72347df415140a5f85796136e3a512121e7cf9a16fc91c9197892b545b0ef08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Dec 2020 08:57:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1c8-5b5634feee7c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqyPJpJCiwxVyqMOMlJNJ6yQaHSMfyXO%2BYdN%2FsTw77c9%2BMOxe4Y4R37RnTvhG6pxlTtMgIK7RaganzjE5qd1dnNWetzgwU9xv0lDMduMFHPV4eMLTjZ4tnoxO%2Fjb5CBKEUZwLSKk5ykAM%2BjsrPOZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc193758748fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 style.min.css
sendmesamples.com/wp-content/plugins/layered-popups/css/ 11 KB
3 KB 2248ms
2200ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/layered-popups/css/style.min.css?ver=6.39
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f944f98912737cd582f7fadf149e9d2d064adc8fdf6f0621ba0a20dd68493a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jun 2018 15:48:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a58-56e23543196c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOX%2BjQpTSWcYecWhIb5e9HVFVINApYkUxgUlxSjRVo%2FzdgYI7NWMB1KrUak3ubigiqPpC3%2F3YE2ivC%2FREOLkqyR1jG66t%2F7BHO74DyJ8UwT1N%2B6UuE0Q00u6Yb4zy83SHdBtdnv%2FWxf1A1BWooMm7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc193758768fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 link-buttons.min.css
sendmesamples.com/wp-content/plugins/layered-popups/css/ 6 KB
1 KB 538ms
490ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/layered-popups/css/link-buttons.min.css?ver=6.39
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac03a4c7aff60dbd686171c3bb784e852d75a0449720e7885d533b612a72dc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jun 2018 15:48:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1621-56e23543196c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhx57C4qmN08wEwMeN%2Bzb5tTsJZgSed7fSr8MDJkgGbLTstY9%2BDp6jev3AcUITNQKlhDRM7116Pcx6Xq%2Bh%2B3ozyxuDn4kqEWiTpl8peQFHF2eKG1NayOgMtPe1qH5IMi0iUlXl1RwsaTxk3Jh6a8hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc193758788fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 animate.min.css
sendmesamples.com/wp-content/plugins/layered-popups/css/ 58 KB
5 KB 482ms
435ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/layered-popups/css/animate.min.css?ver=6.39
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f19a46db129c5750b9d448c369b7910e9c3980d6ac72b683782f269070a5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jun 2018 15:48:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e965-56e23543196c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRUaIyjdFIIjIP0EbPWf%2Bz1oOyY1IL7NZi7%2B2ftgLaBnqHCnqaayH7pkE%2BH0HYnO1lCDZblBeI81D8FlGUYghEh0TcIN6o4Rg3JDD3tidJm9jMwk%2F8k3s1lPCg3%2F%2BpFPuhCA%2FCJncOv3YWmPcZ1NQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc1937587a8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 smc_front.css
sendmesamples.com/wp-content/plugins/social-media-icons/styles/ 1 KB
944 B 501ms
455ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/styles/smc_front.css?ver=1.2.5
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c3b525c8bf7616edb7a8c6fabdae273180738ee19c5cc6763a403c75b1c226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jan 2014 08:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4ba-4f08ab2289600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDdmxp8ID0JQBkCTwcmbX5pAxKQA8IeSgwL%2F7hbBS6czycXgpsA29Fl6U3n3okimbiyyxhWbPtxap37hAfRKRi3n%2FZiGHVaeCZ7NswcH3N%2Bkw6pBU1hjn3KQVGKJHNlGlc6JXrSb1igzOBDzdPFpzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc193758628fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.js Show response
sendmesamples.com/wp-includes/js/jquery/ 95 KB
35 KB 504ms
458ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Sep 2019 04:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17a6a-591c682595d00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiYcu6R6XRtE6ndFXh02n%2F8fKsKTLgaIJVI9Tp2CFggelkaNwRH0scsltRHLrDNVEtQ3hFmAr7F5JnBcgMxPJEuMCHvUGRncKOqtp4sCZ%2Bkz2YdiR1QTGXYrZhYAHlcYOkk%2BylAUHYcR8%2Bx5QofgBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc193758638fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
sendmesamples.com/wp-includes/js/jquery/ 10 KB
4 KB 1255ms
1209ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jun 2018 15:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2748-56e233c695500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuTtNOitRMm%2FPDYv%2Bf97g6ss19dvlYWnpgAIk6ROCx0lb3ZaJ6EQXWDSUf53Civ3Tdxt%2FOPVkukeR0d6JGbMKYDgUL6BPikR581hJEKC8S%2BZQnO4ihOA5mg1ZR806VWwMtyJG1JDoOmnsYDr2kqUAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc193758678fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 flexslider.js Show response
sendmesamples.com/wp-content/themes/wp-prosper204/js/ 27 KB
6 KB 2244ms
2198ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/js/flexslider.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2014 02:58:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6a6d-4f072301d30c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3yYXy8KxUzBWEtZH4FkM%2BYZ%2BPZvCkJXZ7%2FLQHS5mydWNQfZh4jVmECXhLthyR01bzZ4%2FM8Vc%2BhqgiA1ks0oo8fNihYq2Bv3L524DX4rGvWwrxyKpI2JBmcI2qGOaA4KpBmZH824Z%2B3XAdZCmXdYmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc1937586d8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 external.js Show response
sendmesamples.com/wp-content/themes/wp-prosper204/js/ 344 B
669 B 1625ms
1579ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/js/external.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8db08f17dde72fab4040d70edcd2d214c61565f66a52afbad90820b42fdc4c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2014 02:58:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"158-4f072300dee80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnOiXreMKVtq5CMvAYoKJO7NltBhP9yLccPrvN%2FRJK55bXIQ38DlQEOp6lW0jodJ5O%2FL1unU8xbpikCZQ5MubRpuF%2Bx9zR%2BARbodYLngA3h7EPrxvkqO1v1vxeq8xTPWg%2FrVsTwCOxE1%2B659ZEGdJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc1937586f8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 suckerfish.js Show response
sendmesamples.com/wp-content/themes/wp-prosper204/js/ 386 B
697 B 1911ms
1866ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/js/suckerfish.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e789059cac7d9d61233b973c4f04cd20c69b0b34f9f8ea74c045021feb5428e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2014 02:58:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"182-4f072303bb540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiBuGddb96LiefYV%2F8lu56Kj2PLFiEB%2FojspA1lXmSp7BxoAqdoLSgSQHHZRuFQw0vWxNNa3sZDBF3WTKfvRsQWx1FSAyQvVCOIPKp7H%2FtgfSfxRWfr7x9%2FgJ%2FsK7vJENIQ%2FayiOhtR9JvheAFAnsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc193758708fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 buttons.js Show response
w.sharethis.com/button/ 59 KB
17 KB 103ms
22ms Script
application/javascript 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.sharethis.com/button/buttons.js

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

049ba97efd5e51f8dcaaf2383aae4b00bfbab1eb715124666ac72e3a9408d234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 21:06:22 GMT
content-encoding: gzip
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
age: 153745
x-cache: Hit from cloudfront
content-length: 16989
server: nginx/1.20.1
etag: W/"634f1855-edb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: FrXULR-I2u2qJjQ0DIyo5SfGZdIUVtZeO4NFMjKmvVM5cj3KG2OTGw==
expires: Wed, 26 Oct 2022 21:06:22 GMT

GET
H3 200 default.css
sendmesamples.com/wp-content/themes/wp-prosper204/styles/ 39 B
530 B 463ms
463ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/styles/default.css
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2271b17e94bf57c9e767fa3ec6bea94db671da97d94c8969a9b5a24f0b6c44f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2014 02:58:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "27-4f07230697c00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVpOvFbhXiqnPsvJUydBFt3mWtQyMHe5fp3aELpxkXQHITY1FzliEbMKW7pJS9o%2BZRA8RfKqVLOOtAOt%2BZnRzh7Di6RKrnYRvcKZclWrs%2BqTS2M65ipGx9HtrXs6AMgbpIZcRMwd5CCoQkpu4LIMtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc193788cc8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39

GET
H3 200 custom.css
sendmesamples.com/wp-content/themes/wp-prosper204/ 102 B
568 B 875ms
875ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/custom.css
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfde7c27a24d5e8892e06303986768b8d38aee8cc2818739d68f531bbb03d067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2014 02:57:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66-4f0722cf47980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIoKbK%2B2TrsrUI%2FLZrohzA3Zdo2sBO4CYZWHaUksednUZiwZH2w705GoSk%2BjqxtnHnDiNpj1NX6brfte0ND%2FjckGxnQfzUrF7IwiGE1o%2BL%2FBieL410JiJvaffpqua01UfWsHiOTOSltD3EBoDuRGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 75fc193788ce8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ 56 KB
2 KB 33ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Raleway:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext,vietnamese

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba45036ff37c29128322f07ffe8cdb18c355bbbfb1f2dc20d2119e8180a6b2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 15:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 15:48:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 15:48:47 GMT

GET
H3 200 logo-new2.png
sendmesamples.com/wp-content/uploads/2014/01/ 27 KB
27 KB 3564ms
3557ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2014/01/logo-new2.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992a59f2e2a1c12c2518b7b52c79780222437d4503c38d14900c3ffa875d6c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Jan 2014 21:09:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6a50-4f0bdc5088e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U71LmonDTU%2FJzIpXrftveWqP0lDpild1c1r%2BDc8d6edh2myApDCNi02vh%2FzGW%2BtGDDjkSFOCegL6%2FK9NKLGoaXF8W6tnXVB4E134TzVUw7UApMKHDYTDLThHQflpt5URMl5QYVkhNtNAhOQsA7QrEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19456e278fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27216

GET
H3 200 543530_SweepsPal700x400.png
sendmesamples.com/wp-content/uploads/2022/10/ 266 KB
266 KB 2224ms
2216ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/543530_SweepsPal700x400.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cdb6ab8ff8ceff13ac179bc670f04bf8b153fa644a86539877b80ab2fe9ac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 12:11:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4270b-5ebdacec22cec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFIVc77WPHpaoe2IZS05wmICzw4T%2BR9zB1Xlz1oBz7tb8nVTvUrTuWUp8WI49oFolb6bC98JVhkU3y8UhEoVS5DD0UTvJ7KC0gvqrGYiXFRyOhCxJn%2BIcwwQVi%2FOkyNBXTf8SeHOIxmi89mgrQZXsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453db88fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 272139

GET
H3 200 CashHound700x400v2.png
sendmesamples.com/wp-content/uploads/2022/10/ 140 KB
140 KB 3755ms
3747ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/CashHound700x400v2.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17efe1e642dee640b2d466b4139eb9f70199ad75e21d694c20e361f4ce37a94f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 12:12:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "22ea4-5ebdad2d95bd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8GCWaIB%2BKpz%2Bhr%2F4bqUMSj46ol6W9YXslttp0gqaVb5Tjgxbryop0Tof3zCBd3fn8ToIvCsTRYNbn3Rppg9NkBWwkd%2FDNQlJ7%2F9aiWF6ezGi0TGFGUApsgrjV1jvDhJTIEopfIVydNta6hjf6aqHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dba8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143012

GET
H3 200 aff_i
go.aramistrk.com/ 43 B
650 B 133ms
90ms Image
image/gif 2606:4700:3034::6815:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.aramistrk.com/aff_i?offer_id=3406&aff_id=1856&source=SMS-content
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102159246109223222169431444719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FWb4FI0ka3KuDidB%2BZTutY3zKK%2B%2FoxQr3utsIP%2FqjiJew5nR9QY5uYTqRQ5YT7E0f1QmZeExN0xCCWcwuzNPokpmGkXkH5MIWaX4B9B%2FER%2BZ3IFaidg1XJp%2BZ7Kix3TfRC664NTZYxqH74XNsWZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75fc19457dbd9174-FRA
access-control-allow-headers: Tune-SDK-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 399286c056d3fb896747b927c1338518
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Learn-About-GoodRx-4.gif
sendmesamples.com/wp-content/uploads/2022/10/ 414 KB
415 KB 2352ms
2345ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/Learn-About-GoodRx-4.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6818530e6f1f34e2bd05086c79cf8efcdd333f243ffc66565a35407f297c6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 12:10:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "67932-5ebdacaa7c1e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvmIOdZwe5qs5j%2FRXPF%2BSDZNhTYFoX1WSsMzvQxcezc%2BjkmMt%2Bj%2Fsux%2BgkQCX63ZOxQKpmTyt3O9mcsG%2Fyh5NeuKb2cvEzNwXIahQ%2FQrN%2F7jctd33g5iazRQSrX4kgkqF8ZHRckGPyCP0oC8LiROtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dbd8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 424242

GET
H3 200 aff_i
go.aramistrk.com/ 43 B
605 B 138ms
95ms Image
image/gif 2606:4700:3034::6815:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.aramistrk.com/aff_i?offer_id=644&aff_id=1856&source=SMS-content
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102203721531051873787158198215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kf%2F5kg06OuDA0lU%2FPeq7r8kC6Y8JBl4%2FPA70vWjs84PZV7mVFcTa4xfh7zduLRWO0OEujaRiHsF%2B0lHzfzTPW7RHzX8rCOqq6lQV1oEzNRGQ8ECnKmxdQtjteHKCQ2puOYlLkVWi0BKVZiS7R69o"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75fc19457dbe9174-FRA
access-control-allow-headers: Tune-SDK-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 9299a65827ed6d248b8a9eca97b8832c
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Learn-About-GoodRx-1.gif
sendmesamples.com/wp-content/uploads/2022/09/ 313 KB
313 KB 2036ms
2029ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/09/Learn-About-GoodRx-1.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f23bab647ea97a338d42040d330f5017383cf6c9eab73c470529e4b7eac2c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Sep 2022 06:16:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4e289-5e8d96b212952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ9C6sqxRWKGLRqDaEmXwxYnGnI0WV5emikCV2XP6WNCmRcA5vOiK77nPOOk9BKKXnCgjgSY2IguwwuNSBi9TqDhbZJR3ULv31J5j2Q0g265cMtU%2BORKtLu%2B0OWp5P46XZu45JBEvDKTMKZFeW3Cew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dc18fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 320137

GET
H3 200 aff_i
go.aramistrk.com/ 43 B
605 B 134ms
92ms Image
image/gif 2606:4700:3034::6815:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.aramistrk.com/aff_i?offer_id=3403&aff_id=1856&source=SMS-content
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102178189814287126111118106174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGSswxzQ4EfTNbi%2BI4xA8Dl1oJNDnhV72pRZCTEm1F5r%2FdopxKzsQ5tw3HHOmxOQ9VoLTFpMyjYtA%2F8MBH8ksefyVFQMrssixXhbEA0CG2cPT3yLp67gmjKgwPNj3UQ%2BeYyV91kChqCu24Mk8aOi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75fc19457dbf9174-FRA
access-control-allow-headers: Tune-SDK-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 3450abe15114a58f0386301da8532212
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Learn-About-GoodRx-2.gif
sendmesamples.com/wp-content/uploads/2022/09/ 91 KB
92 KB 2066ms
2059ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/09/Learn-About-GoodRx-2.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4721767e3e96606bae9541771f437001fab5303038e4beaee57a209a4e9d3468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 21 Sep 2022 09:17:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "16ca2-5e92c691bcd50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdecJFyqP%2FRl5JJ1AOseVXVa9%2F%2FEN3cjfN9SSAmyBFQmkHg1qtN55GNXgup3GbeVoK50BsOdLQvKxbMKNx8OlQnHo%2BoBG2e7zXly6RVRYFLtaQx7aETGCLUegb89TyeJq1HuyzEyL1AL3Zeb%2FIxFRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dc38fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93346

GET
H3 200 aff_i
go.aramistrk.com/ 43 B
607 B 138ms
96ms Image
image/gif 2606:4700:3034::6815:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.aramistrk.com/aff_i?offer_id=3408&aff_id=1856&source=SMS-content
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102441951683770241161111141081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=739fHCWAU8srox7zx4JhAk0MPWt3Z7PCx%2BQA5Jhw0GSNS6EeuT35odeV%2BdG%2FsUR8CxaPtNaMav58wIRSnZeupf3HifD%2BZNus82QL98dojYvVJOmgJDDm65cSK6Kab%2BR%2FbzD4m25boJlVTLBGAEKM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75fc19457dc19174-FRA
access-control-allow-headers: Tune-SDK-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 2d7a53b7d57528e03ebbdd1574a304b7
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Learn-About-GoodRx-32.jpg
sendmesamples.com/wp-content/uploads/2022/10/ 37 KB
38 KB 222ms
216ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/Learn-About-GoodRx-32.jpg
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 509db56aa09a6e7935a8cddf28ed6b1fd5d3735f64e7a8083b0ec4d916cd6e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 15:25:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "95f6-5ebdd83837c01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJhYhCpJgFfoKNFjZwyc5US4vxEIdyK2lROcTCjtCzqvOCZYwE5jLm75kQefgtHRW3Aax%2FRR8hIQK5z6Kw8j2mRToHMcxQa93P0LZ2KFE%2BTQImhc1N0kNbApYKduiTt17eKnrl4MkJoZTPn9g6OA9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dc48fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38390

GET
H3 200 63557cb98d90510b5adb81b6_NEW-3-p-1600.png
sendmesamples.com/wp-content/uploads/2022/10/ 412 KB
413 KB 2220ms
2213ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/63557cb98d90510b5adb81b6_NEW-3-p-1600.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ebbe14cc4b91fd775c1929fc67c3cc326a5bed06bc87dea604dcebab1047c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 14:14:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6715e-5ebdc8755ad2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2JEMYQr8jVeT0xKIhk1qbtQvALeywj8kghwxG3lCjzOG2TUwlqLDnV9MVPgyYcr9lEmIRpZUR0YnAMaCzoZRgFLncTlnP7o9aYDIhnUrZ61Yqh62QijfSi2DhwdNapUG8DTP2b1Cs4w5mkDXJ8iBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dc68fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 422238

GET
H3 200 SAT_51383_A2_RTW_BeisBag_LandingPage_1370x333_ar01.png
sendmesamples.com/wp-content/uploads/2022/10/ 67 KB
68 KB 3293ms
3287ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/SAT_51383_A2_RTW_BeisBag_LandingPage_1370x333_ar01.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9d8c1185d43074101f68a9386a45f4665eb69d5bb8a81a7078ce0d491088ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 13:26:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10d35-5ebdbdcd01aed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR8pbeBW0%2B%2BCEViWSqrkhmvP4G%2Fgj4HGWzlhMci2yddyziupMK53JnzKjH6qIeWXJGJ2yLlBuY60QdYY5XDXHBPrhzvNlwbV4HRJ1PhwBHlU6jzuQdoLATBJMsQPPgNEXSSQyFpJfnWS7%2Fs0C1JPgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dc78fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68917

GET
H3 200 j7ow9uejvcogxw82t4zi.png
sendmesamples.com/wp-content/uploads/2022/10/ 254 KB
255 KB 3369ms
3362ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/j7ow9uejvcogxw82t4zi.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b238d920f9287fa5c6b3a3b4d865ca92eb4cf0e74d5493ee04b859baae88338f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 12:52:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3f9ea-5ebdb6137ff96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i5FROnRGyUFnHCB%2BVknMxBXCHjcdDJGLvseZVL5gUzxHT0GvDCL5sqamdE22AC8qJt2EQz3mI78D8MneVahDMnjoa9h%2FFsqSop%2F6UCrhgZyzQm9qfj7B4UxW%2FesPZTO7SVyr5pmECn58nv0TlFeVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19456e2c8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 260586

GET
H3 200 everything-legendary-bg.png
sendmesamples.com/wp-content/uploads/2022/10/ 588 KB
589 KB 3103ms
3097ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/everything-legendary-bg.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a88d1ea2a2ec6e6d116e7fd10a6ccb3dabbefbf612f1ee50ad998bd51c2f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 16:39:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "931a7-5eb8e149a3108"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MjIJCnBCB7C%2BvrK59iXYI5ZjfVpCOnFePXwkokuo1bQLrfgDadJwpOOT0zS%2B1SfV9aH%2FmP0e0n0cNfNaUlst9V2yOa2s28xWBjA9T%2Bh8LklkjSJII0N0cYdei%2BXFRPBNWm3Ey%2Fo8Ip6%2Bbd9gGU%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19456e298fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 602535

GET
H3 200 Learn-About-GoodRx-30.jpg
sendmesamples.com/wp-content/uploads/2022/10/ 38 KB
38 KB 3038ms
3031ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/Learn-About-GoodRx-30.jpg
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8b0b88be00f7531bb52994e1a389f71ef4bf04867b2d7271f07b58a5d9d8f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 18:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "96b9-5eb8f4c492986"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deEw%2FGD52g6AJjLGXus6bgEpN09Z9LCR4aDv5ZgIUfsmBmBVPSoJucb29RtRPm9qHUdeGWg6NG33UvQVhZA2VAZNLOxOsmPAehmsv68Ru%2FtUevyIg%2BAd9QtE09GZgO%2FH0aLfs4ZBLIwAaQxe04ZMew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19456e308fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38585

GET
H3 200 hand.png
sendmesamples.com/wp-content/uploads/2022/10/ 161 KB
161 KB 3093ms
3087ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/hand.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1aa29aa174dc3b77c010837e6da98c28a1aaa8f7ae982b4c225b9042ddb3ad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 15:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2828b-5eb8d284dbb08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlXw8MMHPCbRwvH45hukB8PKqrip1z8gUMkGhKccoL3ImvmVfiGQ0ZBIreSg6e7JuZPXOKeFXFBqpSMVPiYfUEugppHGUIvZEYAASikJzC%2Fu%2FkYNFqHtJ7nRyo48J%2Bz31cbd5%2BSxftHvmRfWregTLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dc88fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164491

GET
H3 200 Screenshot-2022-10-21-at-8.51.07-PM.png
sendmesamples.com/wp-content/uploads/2022/10/ 297 KB
298 KB 3162ms
3156ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/Screenshot-2022-10-21-at-8.51.07-PM.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26889d83383b5b9d6437155567e8e981cf9df17048c6b2026c3c814e85e861e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 15:22:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4a520-5eb8d03ebfc94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFvQBr3zqU3XkK3oBhbVIbU5caiekvXTOpDN4CryfNZt0VaeGsUczpaFryyqhwfxaGz7cxFNZZvdETc8%2FugNT3gDYLZ0aDE8kW96yL2xM8Ic1tDBWAs9ZF5v6l3PLmqILdhPLbN7rSeVgTlF1Y7Rng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dc98fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 304416

GET
H3 200 d0ae23c9-bfe1-3f08-6fd1-5c13176ed0a4.jpeg
sendmesamples.com/wp-content/uploads/2022/10/ 88 KB
88 KB 148ms
142ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/d0ae23c9-bfe1-3f08-6fd1-5c13176ed0a4.jpeg
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a967674b578cbeac67215983f90ccfb7f73c0c648f237f24330d7f819f3dc32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 14:54:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "15feb-5eb8c9d383bd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MDe0KycTPts7o%2FK8rZ7aQvwIYIM5CkhXDgpB3yhsTTokwHzORzYsHBnKpzlkvF9fRWFrM2z%2FX6wzww6wn1wOvK6d7c72TZX2OTgs7M%2BwOw0UJMF6miSNOpmcISWt7UHAgxdnvwwLYQn1Ef6YmImCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dca8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90091

GET
H3 200 ls6m1w2si1uo8ldl2lii.png
sendmesamples.com/wp-content/uploads/2022/10/ 157 KB
158 KB 3086ms
3080ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/ls6m1w2si1uo8ldl2lii.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3628c10e2ade4b1e910994c1bf83c0915deb94b73f77425d0e21185d2ae776

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 10:07:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "273ee-5eb889b8f8480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oxw2FPk2sP2pNooEH6mHLs9CbyvUSJD8MHLUnn%2B02BMQy4N5Sv8BloxFa9vYcdv7bHkDNjXSQhxALfqXQuNb0pTZwZcsZA0yxseG7fjmvuFDu088MSB3VEbptIQT6d1otNwkAKgAGr1Gck%2BdgAOUTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dcd8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 160750

GET
H2 200 nmedianet.js Show response
contextual.media.net/ 368 B
549 B 269ms
159ms Script
text/javascript 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUJ17NQL

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5576f86dffc7c43efab4bde7b92313ad04c510290ec54e98406a013743fed813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-mnt-h: 8-1
strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 15:48:50 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
content-length: 368
expires: Tue, 25 Oct 2022 15:53:50 GMT

GET
H3 200 loader.gif
sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/ 8 KB
9 KB 3566ms
3560ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/loader.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dede012563c945321fbe3952281658f48ee6bda0531c3301bc82e28efc01421f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jul 2021 08:57:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "202e-5c698d99a437f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9W%2FM1gymIvyXXnrJWZMC2wW9QON3BYUi4e4%2BWWXYJv4fia%2F1ovuVV8%2F9TWm9j193t4AtW4CSUI2RLkBykXEsBc6DCTe%2B%2BbaGmXglL4OZlPivyAK879MffiBlUTW7oez2uUNT%2FbH4qXQzwoeCEnFg7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dcf8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8238

GET
H3 200 Try-Products-1.gif
sendmesamples.com/wp-content/uploads/2022/10/ 20 KB
20 KB 237ms
231ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/Try-Products-1.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0c943646a8078848ac12b821605b261b51ae3baf5e3ba864e99d7817ed0400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 12:14:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f06-5ebdad9b36463"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IOQR1D2fKPVhIF0QO6Y2J1CEbfkJHQGCB7jGX51ngAEo7hBmyEPqSmBGOyd8QqG4XkhIn3FBMnD%2B0zP%2Bhz852IG9JEW9f5ItGO1spqRF6zhn8m3TaiHIJrbzk5WqmcN%2FXu3BINOcaQ1Xwu%2Fn0e8zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dd08fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20230

GET
H3 200 aff_i
go.aramistrk.com/ 43 B
607 B 143ms
103ms Image
image/gif 2606:4700:3034::6815:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.aramistrk.com/aff_i?offer_id=3410&aff_id=1856&source=SMS-content
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102624521318223119557271501351
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4iGiQTqsRjkwq4mDu%2BnPZyMPt4FWtuP01rZfzlrNTjuGUbCfwo2ra%2F7SoVjLye%2B7Uijp8Z16JqpA%2FHmuLv%2FBpneYOo8eO8fsKOKsOYnVSUl2Ea3222Jio898c1MFL%2BZYuxN2yQ7qHjH5qYwnEAL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75fc19457db89174-FRA
access-control-allow-headers: Tune-SDK-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 55c77740e331a606623a0cd1250b0605
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 aff_i
go.aramistrk.com/ 43 B
606 B 136ms
96ms Image
image/gif 2606:4700:3034::6815:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.aramistrk.com/aff_i?offer_id=3407&aff_id=1856&source=SMS-content
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102135241199115620124770641611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0kseRnXC3r8krIuIHrmBiBkIST2Efz2blNnZI3xP2F8lkGzPyP4%2FZn5xqrpO3U%2BeRaSNLtz6LUYAGwLOsvIMN1kkmDA%2FPGI6T%2FrMp3whE223Uc1ERla2SozZnxPLOfMv1qmnW8ZURvkDmTDm7sX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 75fc19457dbb9174-FRA
access-control-allow-headers: Tune-SDK-Version
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: cb5641ad02c1bef81ed7f7fa4a8122d4
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enter-For-a-Chance-To-Win-500.gif
sendmesamples.com/wp-content/uploads/2022/10/ 18 KB
18 KB 3194ms
3188ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/10/Enter-For-a-Chance-To-Win-500.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5501104290f8ad4fb4028e1ba138f20b9438c0d1a10b4a136d978ae80ca87948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 12:17:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "479c-5ebdae489536b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXFdBpyWF2m6VGj2JwB1sPxDuBBaW6Uv7BTpajCAhshEU%2F6mMsKeg4tzfIn%2B5g5Qt0bVDQpPAnap0xbzFQjh4zaoX4EJZAMzAUE9fYnKi8CTXceKjr33Mi8vhgulOBA2UHsO4pTSboqWULRoHnr%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dd28fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18332

GET
H3 200 20180115102110-ts-300x300.gif
sendmesamples.com/wp-content/uploads/2022/06/ 131 KB
132 KB 3074ms
3068ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/06/20180115102110-ts-300x300.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28870f052bff412ed66708177c61d983b9bb4920d5d2de7547a44c9e66447c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Jun 2022 15:16:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20c95-5e0dd11ed1bd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1LPHEuhr9hQMwICCI26nn7jrs0wYxWgRiWR2Q4M1uKL5sNEDW3jBgtH0Yo7choNKWGfWUzK7x79hVITrAPdvjD3OuV8eXcIP9PkVdY8vtxxtHcX5M5GAgjY73ozfkiq9wf2vpOKBqfnfM905X0gJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dd48fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 134293

GET
H3 200 Get-Healthy-1.gif
sendmesamples.com/wp-content/uploads/2022/06/ 73 KB
74 KB 3556ms
3550ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/2022/06/Get-Healthy-1.gif
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1cea94cd911d6bd17fc75659bf3bd53cb5a5424d348204a8581cbe2639480f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Jun 2022 16:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "124a0-5e2842f153ae6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVL2d2YPr7egC4qdLdjDFWj2SFg24ZG7o4zbkJxS4CYfH8fXXLYhXscvg8cTVv%2Fni1H8U%2B6OzYN9QGnqvGb4KmXTNxEOdr055dB6JG6xY8Sbak09RTTnUV4VGgGeLq9VLiUhWvRGJXKi4ikw1RfJKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dd68fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74912

GET
H3 200 facebook.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 48 KB
48 KB 3021ms
3015ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/facebook.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1b5014202d76c99feac845681589547edc1e3818ca218dea6129bb74031904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jan 2014 08:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c000-4f08ab2289600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wItO2aC%2FnMzoySXDde4cGrJ%2FPm5qnpIGJi%2F5Nfs0fhCWr38cfwaVcPjW%2BU8nLjlPpK5t%2BYLiGEKhcMe%2BfmaNHvPLJQ7LlMuu15G9Isf3gGHRCytuobGej4xiAdDK9S%2FQi2J%2FO38jqd9yh6FKSxxMmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19456e328fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49152

GET
H3 200 twitter.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 2 KB
3 KB 167ms
161ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/twitter.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b3ef8e6b50cfff9a9b4980a1425b5ceffbe5418775a5f7265ec3787fcdcb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jan 2014 08:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "97b-4f08ab2289600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgLzu4GtOHuW1Dm5M9Z%2BiIyVymdVaHR8VNbG4yUxem2phfa%2BZEwo2XbrB%2Fm00GnoF6s4S2LwhR2s%2BNMaAbhp9DG4ppNkGTzZLQwVwpyZzSI6vOlW0iT9leDI%2BI4xSH566Ci%2F31Fq9t23oUduJl%2B%2Fdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dd88fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2427

GET
H3 200 pinterest.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 3 KB
4 KB 3035ms
3029ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/pinterest.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 678ef9e5f63dc9b4d033391866af9435ec8961051a41f66a81d9aae114e1b258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jan 2014 08:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c25-4f08ab2289600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukpHH2hdJFw0Gk2JSGzU8cdOsnxwFTB7UPkfzjau52QdOPP8QtSjgi6Z6oCCgnsBMPis%2F8qwRptZyzAmrJpN5nGAPGevsS9zOB3BtPr87%2FOVWVJEn7Vo8NN8ZPi8bS4dPe0R9EvcxfuqVxHG4d4nbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453dda8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3109

GET
H3 200 rss.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 48 KB
48 KB 168ms
162ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/rss.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 104f06a43609c30b65ef9c705cafe93755619eed472b7cd1cdd938672764d46c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jan 2014 08:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c000-4f08ab2289600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B2t1D%2BDdrZAM2kOgI73OBD6ndLK0mDRmCvpKrWUw%2BsmJIXSo1Y91fWX45K%2Fps97Mc98gJtHqUlUNgLv%2Bx6nOCnKTOZl0FuWQ2SruS4MJzIvdOz1JIGpwVAqaTB6761rwP%2B8pkYJm9SMn8C6VkYnZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19453ddc8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49152

GET
H3 200 core.min.js Show response
sendmesamples.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 1967ms
1967ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 06 Jan 2022 21:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f59-5d4f04e7141d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uV%2B2Qhlp4Gk7d%2FEuFeqOLaqdMM%2By59nIubUAtyHg64tOSkcsMVj5z09pr9Lyjflo0N1F6bOWIjBIn0sxAY5VXrSdYu5Quk%2Fhu3xCVqOe%2FpHwdjDTUBmWLEbe58npBy9DQW2Dho3U2sFk162Y4wIfPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19451d708fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 modernizr.custom.min.js Show response
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 3 KB
2 KB 129ms
129ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Jun 2021 12:27:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c11-5c468854d7741"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FqsFpO2Ov3gtXTCwUSZPnd0zFsSQwmyo4WbcmawZLmpr7Gs6qsTDxJd4LSHZ3LN27qiGiutu9VY8hJ1qymILfZXtdqInjQUYuLC84O%2FLWdFSSDciLAJs4rgyOgPQGv7sCnHaj4N36ydQZa6F%2Bodvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19453d9a8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.shuffle.min.js Show response
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 11 KB
5 KB 3055ms
3047ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Jun 2021 12:27:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2cdc-5c4688554e982"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOcr1%2BBkDdM5%2BKmFcEF3iC3eqfQTgVG%2BhPpHa1GBCvWbGJMi3oxdTxzU5pGZUpjzqYxZDOh%2BpQwGWxs3EOooUGZHFp9ja6WMGMWUarnz6vsupVa4axD5EYNjxFf5SS%2FxfWAMuhaPWq1f5pE85oOMrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19453db08fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 random-shuffle-min.js Show response
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 1 KB
1 KB 2096ms
2088ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Jun 2021 12:27:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c0-5c468856ee9c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgYzoYnTiGSqDdvhuOx%2FVouDtAAmnsWn690hRtf89Wl4j9vcMmexo4errznKaTz8JPLNTqLWmVMGcXCTByeJApqL1xufek80hRK3k0pI3Rdb2jfBFVrOnY9N%2F7FLWf7YC9MhYUa%2F7G3Himt7KvAXiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19453db48fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 custom.js Show response
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/ 28 KB
6 KB 2037ms
2029ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68af0dbc56215457de6d384773a246b02ea2bb7036c452248bf536149933eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Jun 2021 12:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"71fc-5c4687a8ca623"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmQi1WF%2F%2FjTsSx0amjTt0t1aFsgtqMR6iTV%2B3hQf2%2BZ0H4A3g6qP2nW%2FCp411oezRFmNxLetxdjJfDCTuus0uIz0D%2B9q%2F9nYtDx1tExdu6Zjm5n4rJAt8nzqpCFOTt8bgyqa8jocY21jgb7j0p%2BTFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19453db58fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Convertful.js Show response
app.convertful.com/ 55 KB
18 KB 141ms
49ms Script
application/javascript 2606:4700:20::681a:170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/Convertful.js?owner=39789

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:170 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fa6258a2ae3ce43477866d7fd4e212814776582298bdfa32565fe2cda8a482

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 523135
cf-polished: origSize=55911
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Apr 2022 09:18:18 GMT
server: cloudflare
etag: W/"625e7e5a-da67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaXsjgs%2BVSNkEBy7smV3i93CBkJMSIDhKddxoip1Mnq5OMPPyxXmqAFajNjQBUueQDe66uw%2BlyfhzMqIyRGd7NfjrI200mruUcPOhVfioacj5rKGLqqz9FCq6kyDFBGNqasmAyzjDb%2Bcwq37YjWS8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 75fc1945c8b691db-FRA

GET
H3 200 script.min.js Show response
sendmesamples.com/wp-content/plugins/layered-popups/js/ 50 KB
11 KB 2012ms
2004ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/layered-popups/js/script.min.js?ver=6.39
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25f1bf6c18e48702704c8dad5a99b327233d9f8e08b635b2e036772ebf42a47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jun 2018 15:48:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c6b5-56e23543196c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZPEr8ft3gq1TRlqTPSBXcZ2x0iRUo1ZPLK%2FOTWHYPCNRJCcxdxZQv9kGEHByfrWiUeEHhBbzZuduBq0FMfjiTndNkHEWu7AHs6KaDsAZ%2BR31wlAGdp15REvipT1LGVbbgl83W3UZ5YXbZlb9sNAlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19453db78fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-embed.min.js Show response
sendmesamples.com/wp-includes/js/ 1 KB
1 KB 177ms
169ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-includes/js/wp-embed.min.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 06 Jan 2022 21:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"56f-5d4f04e716117"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5azGR8zpNUeB%2F0b3Ssz67NLWVpOtu1o5P%2B4QCUFZA5V5ea6ks8Wc8yBQ18Jqb7MfGZkgkg%2F8taID9ZkOmDBkC2V5vxJ5c1Z9eLb8LEnruH%2BDM%2BXiBdlbakoFHImXHvXgKAep1TQWaiPfDmRBIL8STA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19456e238fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fb.js Show response
sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/ 648 B
806 B 3077ms
3069ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75cd48c5fcd0ba57e2a732b6405b8d224965fb4d7ef0b810a775111eb1a0857c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jul 2021 08:57:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"288-5c698d9909ebd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBT6SVQ92TdXjJJae%2FhrpawKY22SFaCn55KM5UPhaoeT%2FaxrkIbjC9L3r9ExJ1WdxgZqzO9Up0jl72aUG95nY2C%2Fol0%2BOip0Z4wIJ%2BJ%2B50U4bjqYA49ww%2FkktIZbcN%2FH4YqxD5hFm5DrGeSX9MBH6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19456e1f8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 img-1.png
sendmesamples.com/wp-content/uploads/ulp/33FaqJoLutctoFf3/ 82 KB
82 KB 3548ms
3543ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/uploads/ulp/33FaqJoLutctoFf3/img-1.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258db3f8c00abb9050c2835076d68c7adbd9aaf152e36486817f252a2ee54cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Nov 2020 09:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "147cd-5b4eabecce800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgX6hILwXkJgsfWUV%2Bcrdll4iGIy9cfIbPjbNq%2Fc58efL2WwKfs3KYM90DXC%2FGkmrLAdeIry570qTuZb825ERLoFNds4RY1ai%2BzfMo7dQb%2B%2BJd5XGfVPC3xfsPqlSOYhf6lTD%2B4VIqrksViYzoaqbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19456e358fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83917

GET
H3 200 ads.js Show response
sendmesamples.com/wp-content/plugins/layered-popups/js/ 22 B
523 B 3052ms
3044ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-content/plugins/layered-popups/js/ads.js?ver=6.39
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 999d19663950deac608f78d0d9dfe2f794be613e4e09140a1ab1e68641e6b87a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jun 2018 15:48:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "16-56e23543196c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WKMLalTJ9l2%2FAB6v1bce1G8PI%2B3dw4nx%2FqbOPR3Ag8PjXAvNvvTbA363tr9HBC3zT%2BHFIWPqZ%2B0hTmbLTKiBOcK%2BuU1%2BBT0sV4niJU0%2F4qToVD2H%2BowXYVcimQHLm781wPSRD%2F5%2BikpNh34ud9tpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19456e258fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
5 KB 191ms
27ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f164b7d1707684b6749eb2f5154c84883cb9ec621dca72fc5147772b3c4237ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 21:50:18 GMT
date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Oct 2022 21:50:19 GMT
server: cloudflare
age: 64711
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 75fc19463ba790a0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: HIT

GET
H3 200 wp-emoji-release.min.js Show response
sendmesamples.com/wp-includes/js/ 12 KB
5 KB 3197ms
3191ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/wp-includes/js/wp-emoji-release.min.js?ver=c7dede5046272710d637a0d7ee3bd538
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 06 Jan 2022 21:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2ea7-5d4f04e716117"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEQJwtZjnnscqcVvbwgvzVYu6QDcRvcnowZuQj67HKOokPlPY3Q8NICh8K%2BaLTyG7PLy6zMTq2134V0YckUWEQ1Af9lwMxeS8jywn78EjIi9lQrU0SWPce23lp2l3kwdtNufHgmOqeHuI3lLE4xqrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75fc19453ddf8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 27ms
22ms Script
application/javascript 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: w.sharethis.com
URL: https://w.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 02:40:50 GMT
content-encoding: gzip
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
age: 220080
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"634f1895-16245"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: TjOwkNmfQgpFYXEfs8KHkpKx-VWRfimnYdopfb9FW6PZtyVn_CNcsg==
expires: Wed, 26 Oct 2022 02:40:50 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
404 B 136ms
18ms XHR
text/plain 35.157.116.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: w.sharethis.com
URL: https://w.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.116.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-116-120.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 15:48:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://sendmesamples.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 93 KB
37 KB 125ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZ7BF2P

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ae14c7046b6f78a7612ae468d919ffcda3ca93daf8e47f39fd44621b030352c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37666
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Oct 2022 15:48:50 GMT

GET
H2 200 request.js Show response
script.anura.io/ 53 KB
19 KB 69ms
64ms Script
application/javascript 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2383107219&campaign=sendmesamples.com&648808401342

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b53b8806598b91d3a1ea3954981c5582a82437c4e3412bb9cfef420b774ce509

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 410 7863.js
script.crazyegg.com/pages/scripts/0020/ 0
0 246ms
154ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0020/7863.js
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 15:48:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 75fc1945cbf69183-FRA
content-length: 0

GET
H3 200 chevy-bg3.jpg
sendmesamples.com/wp-content/themes/wp-prosper204/images/ 82 KB
83 KB 3186ms
3186ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/images/chevy-bg3.jpg
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b596dd1a9171b905352d3812f4dba49f0961c6f3c724b22569d35593931bb04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Jan 2014 07:09:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1492e-4f089cfd6f6c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXxR4qTruhukYmq%2FIKMkYzF%2BFQs3haHsaCc5prt3icQJgEMUjIpjOev5xdUnSUILeTih188LkgHU4rXqiM4C1zg7CRGXHgv6SD0N5hCo%2F8zX7H4w8qWaRuwOq%2BfqJwB9tGPOFg6QlyJqEBVPFKFpIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19454de48fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84270

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 19ms
19ms Stylesheet
text/css 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:15:51 GMT
content-encoding: gzip
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P1
age: 59579
etag: W/"634f1895-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: 9xgczhDtyBdxKq7Li4dagdsr51m8pR3O7u-ZR7VkM0tDcFA2B8V8Lw==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 152 B
515 B 306ms
242ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ftrick-or-treat-pick-these-5-halloween-deals-save-your-money%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

c01ee1e87aebc139a5a1b9eb756c17d0ed6d06cc569ef05181bce11c0db0a3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 526a75ceee233aea7105abc71d522ab6
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 152
apigw-requestid: akXHagdbIAMEPbw=
x-amz-cf-id: 3u11m0kzcBlOyiUshmvixGBe57uh3Y8SCXahhNh-ftJXsinjb5rugw==

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 64ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:48:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "77de80bac492065f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Oct 2022 15:48:50 GMT

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 113 B
479 B 258ms
195ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ffree-magic-face-mask%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

ba2532e99ada77293ac8ce39656f5b0c076928584ad2ed48971c7b9700cf7e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 29780fa7098e55b61d78fb1061f6bb59
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 113
apigw-requestid: akXHag-MIAMEJMQ=
x-amz-cf-id: O6pAfwewdMRCTITLcvjyp0lzh1VncDEDVmPog8eITd-HqGcBm_vpxA==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 135 B
500 B 249ms
187ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Fwin-a-beis-carry-on-travel-bag-sweepstakes%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

6688bf1aad047dc236ca900ae5f975661576ee72a14512745f4ff92dfec2e758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 77e5ae469766ef686073a9d7e0566ab7
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 135
apigw-requestid: akXHajmoIAMEJ-Q=
x-amz-cf-id: e_90sXbJNsATYrA14RZFDHaNPKeM5kKzIJsFJ4lANkuO91R_-C0-0A==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 133 B
497 B 241ms
179ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-refrigerated-truffle-bars%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

924274d78a5043833b635774aec230b11370d6a24baa7580a8df6610597fca17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 567bacdd4d2971f8465afccfee3442aa
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 133
apigw-requestid: akXHagfdoAMEP4Q=
x-amz-cf-id: mS8xt1rATacUJC94p_ZPabfudKYmaBcsjACI-eu6NNZL74yuansjBg==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 130 B
497 B 243ms
182ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ffree-plant-based-burgers-rebate-offer%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

cdc1a538dba5a7c69538e1ca95e86064b7709ff83c4aceb220461876981a74f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 695874923366d517aa9a83b8d645a805
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 130
apigw-requestid: akXHagyNIAMESFg=
x-amz-cf-id: 8bhqq6h4Od0Az0CH5d1mS74TmTpDjvUxFaRvpREPBg4J9c_E8C7Adw==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 131 B
497 B 234ms
173ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Fbecome-a-surveyqueen-make-money-online%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

d45d481529b9aa12f5b1edfaeb34918a6373545bb55e00936d4a20f3350e63ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 16b6642aa974f4ac1b19226dae2887e2
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 131
apigw-requestid: akXHajZ5oAMEJEQ=
x-amz-cf-id: Isc-XwR-elcG5U5XuThhzYpIisuw836PitUQxEqy_VSUvUFk4IwiHg==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 131 B
497 B 180ms
180ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ffree-childrens-hospitals-week-bandages%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

80be086e087576b0e7462e582741fa49c8d13b145ea3dafb3bc717195bc2d966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 6e98d1bca068561da7d5e102f4d605ba
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 131
apigw-requestid: akXHagpuIAMEPsA=
x-amz-cf-id: qnY-2F7vBgvZFYUDtOUDrs7NVUrdSO2AUPDYJwpIoVF20Qr-TSzWvg==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 121 B
486 B 198ms
198ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ffree-babycozy-diapers-sample%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

1d1e9c3ab3ddfb8c30124d8b94291531180107bb81af0a6ed13e3f0e54378933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 185d3dc9b05bb111d9632d8cdfabbf43
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 121
apigw-requestid: akXHagXQIAMESnA=
x-amz-cf-id: MTbQo8_oE0_3oAz02zbfG6Y7SRcIrNP2gUlD7Ca6oEcFhBY4ts_INg==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 145 B
505 B 127ms
126ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-dickinsons-deep-cleanser%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

d3879b0aa5628ffa106d382ef3f1f354bb8509b34da49a54e819a7f9f894e34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
age: 49
etag: 3d2a517bbf07bc511a58f220ed432743
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
content-length: 145
apigw-requestid: ahvuGgG7oAMEPIw=
x-amz-cf-id: e7ivsWg_fLTWu1sL-ogeYhH3Pmnvq9OG7LBUocIQYM6N8bdFvpphNg==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 137 B
502 B 185ms
185ms Script
text/javascript 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-playtex-clean-comfort-tampons%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-46.dus51.r.cloudfront.net

Software

Resource Hash

bac7ac161879368345dd0db198ec925d9b90fde5423674ed1d92b8517e4fcb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
etag: 4b3962df456108b322dbf32fd7ef9c05
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 137
apigw-requestid: akXHaiaLIAMESCg=
x-amz-cf-id: b3NxzuYhjUaG093pgc-ijWL0NitaGeJLuN-_WjDMu8lwS-KF-IEPPw==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 28ms
28ms Image
text/plain 35.157.116.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1666712930097.26786&hostname=sendmesamples.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fsendmesamples.com%2F&title=SendMeSamples.com&sop=false&description=Trick%20or%20treat!%20Are%20you%20looking%20for%20some%20deals%20that%20could%20save%20you%20money%20-this%20Halloween%3F%C2%A0%20With%20a%20few%20days%20to%20go%2C%20we%20got%20you%20super%20deals%20that%20would%20give%20you%20the%20joy%20to%20celebrate%20the%20holiday%20even%20more%20special%20with%20a%20lot%20of%20fun%20and%20savings!%20Get%20ahead%20and%20save%20more!%0A%0A%0ACheck%20out%20these%20deals%20and%20pick%20the%20one%20that%20suits%20your%20need!%0A%231.%20Win%20a%20%24500%20Cash%0A%0A%0ADo%20you%20use%20Cash%20App%20to%20make%20payments%20on%20all%20your%20shopping%3F%20Here%20is%20a%20chance%20to%20get%20an%20extra%20%24500%20to%20your%20Cash%20App%20account%20by%20taking%20a%20simple%20survey%20at%20PublicSurveyPanel.com.%20Make%20sure%20to%20provide%20the%20correct%20email%20address%20to%20not%20miss%20out%20on%20your%20chance!%0A%0A%0A%232.%20Get%20Lucky%20With%20Money%0A%0A%0AAren%E2%80%99t%20giveaways%20great%3F%20Check%20your%20luck%20by%20entering%20the%20cash%20sweepstake%20at%20realdealsweeps.com!%20You%C2%A0might%20be%20lucky%20enough%20to%20win%20%245%2C000!%20Click%20here%20to%20find%20the%20official%20rules.%0A%0A%0A%233.%20Get%20Free%20Snacks%20For%20This%20Halloween%0A%0A%0AWhen%20it%20is%20Halloween%20and%20kids%20are%20running%20around%2C%20there%20is%20a%20definite%20need%20for%20a%20pile%20of%20snacks%20to%20make%20your%20Halloween%20party--savory!%20Visit%20tryproducts.com%20and%20apply%20for%20snack%20freebies%20of%20your%20choice!%20Don%E2%80%99t%20wait!%0A%0A%0A%234.%20Win%20a%20%241000%20Walmart%20Gift%20Card%0A%0A%0AAre%20you%20a%20Walmart%20shopper%3F%20Here%20is%20a%20simple%20deal%20to%20save%20money%20on%20your%20purchase.%20Check%20out%20rewardgiantusa.com%20and%20enter%20the%20form%20to%20check%20your%20chance%20to%20win%20a%20%241000%20Walmart%20Gift%20Card!%0A%0A%0A%235.%20Win%20%26%20Spend%20More%20Cash%0A%0A%0ADon%27t%20miss%20your%20chance%20to%20win%20%2450%2C%20000%20and%20spend%20generously%20for%20all%20your%20Halloween%20shopping!%20Visit%20sweepspal.com%20to%20check%20your%20luck.%C2%A0%20Ensure%20to%20enter%20the%20email%20address%20that%20you%20use%20the%20most.%20Your%20Sweepstakes%20confirmation%20email%20will%20be%20sent%20there!%0A%0A%0A%0A%0A%0A%0A%0A&img_pview=true

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.116.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-116-120.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 15:48:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 facebook_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 19ms
18ms Image
image/png 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/facebook_counter.png

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 01:06:56 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P1
age: 2385714
etag: "62bdf239-977"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2423
x-amz-cf-id: bK7PhTX-ENsaiDl2N1izYw3YNFS-Hh3-WRy3108vYJfV1geLS1pSWQ==
expires: Thu, 28 Sep 2023 01:06:56 GMT

GET
H2 200 twitter_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 19ms
19ms Image
image/png 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/twitter_counter.png

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 02:16:22 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P1
age: 4714348
etag: "62bdf239-9ae"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2478
x-amz-cf-id: iZFXUFR7dIq1IZ0xxyXrBAJiTyUZImp2UGCklIJYj2dfiacpi3S2MA==
expires: Fri, 01 Sep 2023 02:16:22 GMT

GET
H2 200 pinterest_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 23ms
23ms Image
image/png 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/pinterest_counter.png

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

47c1ac2e88d06479a7bda88be7c0c01bf368aaa0bed4d894e6c2c179b0ce6357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 06:22:10 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P1
age: 2194000
etag: "62bdf239-8b6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2230
x-amz-cf-id: 5BklvVz4z6L6LVRZ6Z7Ye38m_afpJTAA2-EU9qbddLPvfHJG1CfdFg==
expires: Sat, 30 Sep 2023 06:22:10 GMT

GET
H2 200 bubble_arrow.png
ws.sharethis.com/secure/images/ 979 B
1 KB 19ms
19ms Image
image/png 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/secure/images/bubble_arrow.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 11:50:17 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P1
age: 4075113
etag: "62bdf287-3d3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 979
x-amz-cf-id: Lxvqfb5mtzZhu5IyUYiIRvhcMTkiiw7IM2MrAo511pQXRKgGMSUmSA==
expires: Fri, 08 Sep 2023 11:50:17 GMT

GET
H/1.1 200
OK flping.php
lg3.media.net/ 15 B
15 B 71ms
16ms Image
text/html 95.101.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO66RFM4&gdpr=1&cid=8CUJ17NQL&crid=832071431

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-200-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=21600
Date: Tue, 25 Oct 2022 15:48:50 GMT
Server: Apache
ntCoent-Length: 15
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=80484
Connection: keep-alive
Content-Length: 15

GET
H/1.1 200
OK / Show response
connect.ongage.net/list/forms_preview/ Frame EE6C 17 KB
5 KB 303ms
121ms Document
text/html 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0f2ea2bf39cc9fb972fe1359ff3ff56da9645636f3d57f8c0c755b9d5426d732

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sendmesamples.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, X_USERNAME, X_PASSWORD, X_ACCOUNT_CODE, X-Mobile-IR
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3788
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Oct 2022 15:48:50 GMT
Expires: Tue, 25 Oct 2022 15:48:50 GMT
P3P: CP='CAO PSA OUR'
Server: nginx
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: None
X-XSS-Protection: 1; mode=block

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 5602 15 KB
9 KB 110ms
74ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fsendmesamples&width=265&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=1414577605449786

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f57f0b4b3ab1584bca643fd4c9a93c8b755c4c35a2399886a074e083fd9fcb2f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sendmesamples.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Oct 2022 15:48:50 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: zPs1J7zJhM90YEnkYcrl+NIL6aEUIKiFYvrfh00S5xrImv82V2Qky4raLk8EubrF6w6288VVyt/nAXVP5Bcpig==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 77ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

677dbb6c5ed7f565f7adc8678d379fd9dfa2834145f84545798f3184287d9056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:48:50 GMT
content-md5: YP8N0R9PqIeUZ6ovzr98jg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: qRsEWjGUo5797BwFZWGPt/Nsmc7GmqT9nJAna9Kid2CoEa8qO3QWhceYk9mZkh6IZX+l/vtzMpEwRDnXr/DSbg==
x-fb-trip-id: 917726464
x-fb-content-md5: bef4a407e42c5779c81cb24ef9110d89
cross-origin-opener-policy: same-origin-allow-popups
etag: "a7e95bc55659a31d1d9f17deedade222"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:00:21 GMT

GET
H3 200 bullet.png
sendmesamples.com/wp-content/themes/wp-prosper204/images/ 235 B
728 B 3837ms
3837ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/images/bullet.png
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 109ab79267f3508cb0f1347d568069c45a1492a205be80c8bcea0874abc463d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/wp-content/themes/wp-prosper204/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:54 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2014 02:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eb-4f0722f19ca80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zhridl9tD6TguitGbxfH0SkeTdnF%2BcJOkUgPL8%2Bl9bXAQH%2BMAClQbzoIYvJS5QcR37m31qg4eBxgpryvGb5OdL6DkTCa6Yj8dgsH5l6kCk0XDpqN21wFpXQaYeiS5dU0uZR5z%2BxtsVUjZMgDQyhbGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc194729838fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 235

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 146 KB
50 KB 53ms
18ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51176
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 03:34:14 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 99 KB
34 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26e0ef1a9127e2334ff49ab0edfc68dd41ef01379a478a419e1641ded4f2ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34614
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 08:53:50 GMT

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 9EE7 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame FA58 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 17CB 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 8039 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame EF8F 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 6175 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 68CB 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 2540 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 2EC7 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 80CB 0
0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 38ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=12e979bab116b7fed74d90dec9c57f37

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed5083162853337b2ceaa7f855988404c0945c7ce1bfc51b667a93f4a69a1a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sendmesamples.com/
Origin: https://sendmesamples.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:48:50 GMT
content-md5: IwEzv8DnlKkAsTRbVLfZFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88395
x-fb-rlafr: 0
x-fb-debug: ygePl0tee0fmwrSyENBEYiUwTHRtBxJaqFlZLxUUw6yWEWWH8nFj6EwZAUDjaPyaT73BeQahlUy466O3zO3D7g==
x-fb-content-md5: 0aec3cf7afe4cf0c66e97ce70b6126e4
cross-origin-opener-policy: same-origin-allow-popups
etag: "3a5fbca68be90d14bdf777ef927af08e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 25 Oct 2023 11:51:53 GMT

GET
H2 200 v8_rB5e38kM.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/ Frame 5602 20 KB
5 KB 60ms
19ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/v8_rB5e38kM.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fsendmesamples&width=265&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=1414577605449786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3afa9426e668ea5cbaecdcc8686678d3a3edc4bc93c14c188d5f16499c6f267

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kbuyp010PIs3qHGtZa9wRA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5050
x-fb-rlafr: 0
x-fb-debug: 9/BDVsDNMDzQdgTkaoCDSGrIuz1uzyNZmOHcDDWAvjcLBRRUW5QGC40Qk/QoVwnPyqCQYEDj8PxGsXx9L+179Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:24:14 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame CB49 566 B
904 B 82ms
33ms Document
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsendmesamples.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2a92b03c26b482f51457ebcfceae1f4fb5dfc88743f5c840213bc1365669e21

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-o_9xFkOLlw8Gpn3x7h2EKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sendmesamples.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-o_9xFkOLlw8Gpn3x7h2EKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Tue, 25 Oct 2022 15:48:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 cspreport
accounts.google.com/o/ Frame CB49 0
20 B 66ms
32ms Other
text/html 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5iiGl73Dz-moF6Yi4HZpbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsendmesamples.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-5iiGl73Dz-moF6Yi4HZpbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame CB49 10 KB
5 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsendmesamples.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 01:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:09:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 01:32:26 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame CB49 14 KB
5 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:48:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5573
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "7759e2b79382a50e"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Oct 2022 15:48:50 GMT

POST
H2 200 response.json Show response
script.anura.io/ 127 B
468 B 73ms
72ms XHR
application/json 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2383107219&campaign=sendmesamples.com&648808401342

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9c2bda36dd4aa3055dcace0ebdc9ad44a4f2753f9af087c7f97c2c20a5528973

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sendmesamples.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 94 KB
33 KB 126ms
125ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-1.11.1.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

554573f7fe6c8874422929024ee047eba98f6324f75da6dc1044b9a1119f64fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 33586
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "2990044842"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK reset.css
connect.ongage.net/media/abf8cbe4/ongage/css/ Frame EE6C 6 KB
3 KB 123ms
39ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/css/reset.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

16207daf475d8548c66ceaa9914f8a8a8f0e49395a166cd6b16dd0825760c0e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 2522
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3816628074"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery-ui.structure.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-ui-1.12.1.custom/ Frame EE6C 18 KB
6 KB 129ms
42ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-ui-1.12.1.custom/jquery-ui.structure.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

be04cb97796cfbb0a9344440f7115313eabc509096f1103b09c1a007dc6e1c0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 5524
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3610870708"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery-ui.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-ui-1.12.1.custom/ Frame EE6C 35 KB
9 KB 131ms
44ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-ui-1.12.1.custom/jquery-ui.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d4820ee2968dfcb7b9c5816a9dcebe2973c521d37388a74d7e1f58fb5fdb128b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 8384
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1846608786"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK bootstrap.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/bootstrap/css/ Frame EE6C 10 KB
3 KB 139ms
45ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/bootstrap/css/bootstrap.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

698cb2b6d9bd7aee8074fc03e8cf764485f9a16bd1a40a5ac52fd853a29d36b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 2553
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "264228085"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK bootstrap-custom.css
connect.ongage.net/media/abf8cbe4/ongage/css/ Frame EE6C 2 KB
1 KB 173ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/css/bootstrap-custom.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

70070e096fa3fa85874688ac2b3a4fcc9a60753081fa205d2dffe19803e55c4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 724
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "263981925"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK font-awesome.min.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fontawesome/css/ Frame EE6C 25 KB
5 KB 199ms
61ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fontawesome/css/font-awesome.min.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 4991
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "716338823"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK chosen.min.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/chosen/ Frame EE6C 11 KB
3 KB 178ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/chosen/chosen.min.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9316779827b1e4c279b179fab2937968a9d9fe4265eb3fe1bc728e3dcbbcec6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 2195
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1467250232"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK animate.min.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/animate.css/ Frame EE6C 56 KB
5 KB 181ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/animate.css/animate.min.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 4205
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1157871467"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK screen.css
connect.ongage.net/media/abf8cbe4/ongage/compiled/ Frame EE6C 1016 KB
104 KB 181ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

03edb019b518c6764803b60413a90e389d69e9d64fbe26dcfb737fb810e28cf5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 105969
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3017906301"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery.fileupload.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/css/ Frame EE6C 655 B
996 B 212ms
38ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/css/jquery.fileupload.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8e49019c2903d7a88be4d6748ad01511cd70bdebe4587eb3eff79d28d4522f65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 398
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3008887931"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery.fileupload-ui.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/css/ Frame EE6C 1 KB
1 KB 219ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/css/jquery.fileupload-ui.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4345ed13477289dc6b9ebc599b65b0fae32ef131a5ae9668a142b59a6e52beb0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 530
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3279577829"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK underscore.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 14 KB
5 KB 261ms
41ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/underscore.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fe79c3051d06312ab791c483c5b115bb6a76c386a81d9ae2b08df1befdf4fa08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 4906
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3380770362"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery-ui-1.12.1.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 246 KB
67 KB 262ms
40ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-ui-1.12.1.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4a3b72ebea40c6b50e87c532a7bf28dd1c2be421cc1f0062bfcad06f44aab9e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 67593
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "767699191"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery-ui-timepicker-addon.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 21 KB
6 KB 296ms
42ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-ui-timepicker-addon.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0f36636166f964e4c86aea6508e4b00e9edd1c160eae7e31879a6fe7be6bc0d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 5637
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "515274265"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK chosen.jquery.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/chosen/ Frame EE6C 27 KB
7 KB 315ms
58ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/chosen/chosen.jquery.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

46ea47fcea0ced1f15061e7a6ae29458537f8ce2c02f0e7c75c65c8cad69727d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 6496
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1593800203"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK toastr.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/toastr/ Frame EE6C 5 KB
3 KB 305ms
43ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/toastr/toastr.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

80ec52089403f664a0d19009becee51587eb44fb771b728f5e9ace9bd0891ceb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1981
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "2336661227"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery.maskedinput.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 4 KB
2 KB 402ms
140ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery.maskedinput.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

57bb04ec34ce94f50faaadd1cbb6e99d177cf49c775d96ff72134c759ff5b383

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1797
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3384116463"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery.formalize.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 2 KB
1 KB 337ms
39ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery.formalize.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f966f4249c9d1ffea843148f6b8e86a7ecfb0acce91c8fac12d8300f493c1f75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 836
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3361135852"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery.cookie.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 636 B
988 B 352ms
45ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery.cookie.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7848127e56bccc080c95a947df5a68ca3adb3b96c202c37f5f48c5da508b0bcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 376
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "4258077115"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK json2.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 3 KB
2 KB 349ms
41ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/json2.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0afc3592f2df6968029d7b425bad47712552e15fd820be0fd2df374ebc5a9f93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1281
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3990113004"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK mustache.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 5 KB
3 KB 415ms
38ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/mustache.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

56aa05606a238f20bb09a7615a8a7744ed67c17a25b695e8ece8d709f1031462

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1972
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3511705327"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK icanhaz-no-mustache.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 1 KB
1 KB 436ms
59ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/icanhaz-no-mustache.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

87d0137a356d58030a701d02b9a2a76f16430df970baecd388622f9a6da6ddb1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 618
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3337536749"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK bootstrap.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/bootstrap/js/ Frame EE6C 10 KB
4 KB 421ms
39ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/bootstrap/js/bootstrap.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

362f7666ea0deadd79d25e3afc87d49313d4ddec4f25f20f8bb2600cb4dcd383

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 3195
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "235824416"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.pagination.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 3 KB
2 KB 431ms
41ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery.pagination.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3a8b4a1c15b64f3ab9294d4e566de00ab25bc197933460808d190d4952478d4f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1263
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1496810220"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK highcharts.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 150 KB
55 KB 450ms
48ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/highcharts.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3b99d2d445f539acc68254e0f4ccc66b2f59c0bec3719070700dc6a271aa4ab2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 55849
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "2688626423"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK exporting.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 8 KB
4 KB 539ms
137ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/exporting.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5a5761a63882c82ab0f1d39fd1c49f0ea5182d5c542c4a302a25d9e4ffac54cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 3468
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1229915369"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery-filestyle.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 5 KB
2 KB 453ms
38ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/jquery-filestyle.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

47d8e6a19858032c648a388bb38ac387b63b5925fc6ce2fec917a81b39ddaefe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1412
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1645184239"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK htmltotext.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 2 KB
2 KB 460ms
40ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/htmltotext.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a6c0d102addfb98835f7663b70b74a67b3f500252e65b40d7b92da7db1869fa2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1282
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1455868140"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK moment.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/ Frame EE6C 50 KB
17 KB 510ms
79ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/moment.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7030e928a2d986953739dc45891e7c9bf879a4e79beda567252596c582b138f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 16739
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1353627256"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK charterize.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 18 KB
6 KB 622ms
187ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/charterize.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fbc67a0a7a81ec5a88614d94ce407771bfa6269d1672686d7e930ea4fec99a1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 5791
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3248502186"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK charts.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 16 KB
2 KB 497ms
46ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/charts.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

53f6717dce744e9f33a783938d743b076995b7d14a0805f77f418edc35b6d86c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1768
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1973925290"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK app.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 11 KB
4 KB 491ms
39ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/app.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

74e010a2d365c0ef8371c9a9794d918c5a97e84eccbd98829b562157d4266b67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 3979
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1148106153"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK _widgets.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 162 KB
47 KB 502ms
42ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/_widgets.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d71738019e661f4a1cc910fdf05c3fcad3899411162472e711853e348bbd0176

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 47761
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1032085214"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK notices.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 2 KB
2 KB 530ms
38ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/notices.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

53ae7973ee93819bca738fc6c9ebbd1a7b5fdb3d882b94314dd10a242b752e3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 957
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1147947760"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK helpers.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 20 KB
7 KB 542ms
45ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/helpers.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ce29de23a72d5587e4d7fd0dab923690cc9889bb74a4192273ddbaa81a9e23b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 6414
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1948120473"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK _init.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 9 KB
4 KB 542ms
39ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/_init.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b7a94f9fc4760fe29ec0f4bd2917a8ea1908040b547d5615c7dee94a12ed2b4c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 3587
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3488549621"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK _frontend.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 975 B
1 KB 550ms
40ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/_frontend.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7170571af41a3ddbaa2994b297d372a280dcf696c202b351af819bd6632aed5e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 559
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "796614043"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.multiselect.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/ Frame EE6C 10 KB
4 KB 569ms
39ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/jquery.multiselect.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

55448cb00ab04b1925717059668f5ef3b865e886c8e404ac73f306af3d6c7831

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 3300
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3430577593"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.multiselect.filter.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/filter/ Frame EE6C 2 KB
2 KB 673ms
135ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/filter/jquery.multiselect.filter.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3e5548dba43c0988efa3c14dc53d39c9c9707f1b181c315dcb4fbd922e98d142

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1122
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1537642740"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.multiselect.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/ Frame EE6C 2 KB
1 KB 217ms
39ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/jquery.multiselect.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a6c6ceace347485b84ee2935d117867a0a5beaab74226b53c315f3e79873630e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 547
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "1423297265"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery.multiselect.filter.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/filter/ Frame EE6C 326 B
805 B 253ms
58ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/multiselect/filter/jquery.multiselect.filter.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3ac8a33da3d0080359954f4e75e1b62384e6731524a9b8c53b64ac260a961ea5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 208
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "696257515"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK select2.min.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/select2/dist/css/ Frame EE6C 15 KB
3 KB 249ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/select2/dist/css/select2.min.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3c8455b1a3f825d57f4c87f5151f141f2e13161f8b891a9e725617bc23c17a2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1992
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3960092091"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK select2.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/select2/dist/js/ Frame EE6C 67 KB
20 KB 585ms
43ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/select2/dist/js/select2.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

91a3984b32a32a880f20a56f81102153773a453c9ceff3d3801e52e701c0a690

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 19602
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3213129053"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK load-image.all.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/load-image/ Frame EE6C 16 KB
6 KB 582ms
40ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/load-image/load-image.all.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e5bd5b8752f58403944c8314901099f3b5120f2eff3f3337857ccd93f7b6393e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 5797
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:34 GMT
Server: nginx
ETag: "3744593338"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK canvas-to-blob.min.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/canvas-to-blob/ Frame EE6C 1 KB
1 KB 605ms
55ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/canvas-to-blob/canvas-to-blob.min.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f3ba85b4272d0e67a1de5cfc844f8ff0c3f4e139e8274ec088b5e84c1221d2c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 525
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "130865985"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.iframe-transport.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/ Frame EE6C 2 KB
2 KB 608ms
39ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/jquery.iframe-transport.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9971c1cf99724a7b4a8841575cd95a5698a523d60b5e5bb5169e10d3a7fbcd83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 979
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "2826820328"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.fileupload.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/ Frame EE6C 17 KB
6 KB 622ms
40ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/jquery.fileupload.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

908b877cdb54af68f2edbd668eea4b74c4c018ea9451ff283bf27e1a1ddff750

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 5891
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "261895862"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.fileupload-process.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/ Frame EE6C 2 KB
1 KB 624ms
38ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/jquery.fileupload-process.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cdcead7a32b53afcfb21423dd0149955e9c0609de5dc6c6e5453fac9f477d8d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 744
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "206773993"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.fileupload-validate.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/ Frame EE6C 1 KB
1 KB 648ms
43ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/jquery.fileupload-validate.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7d8cb31e38c1d4abc76eb03bae52ae6316df4bd0f99203cd0c46bbaeb0a9d035

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 578
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "605099753"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK jquery.fileupload-image.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/ Frame EE6C 3 KB
2 KB 648ms
40ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/fileupload/js/jquery.fileupload-image.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

80a84454dcc0550029e9ab2f98142bc4541f6fbe7641d2a1979bb42f29b33b7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1251
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1009864936"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK fileupload.js Show response
connect.ongage.net/media/abf8cbe4/ongage/js/ Frame EE6C 12 KB
4 KB 768ms
149ms Script
application/javascript 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/fileupload.js

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

48da14b2760f9a05fe5fb29c7944308c6f0e458cdf5584c8816e7506fdda9cc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/list/forms_preview/?tk=76582069_12721940426242f9f06640d827d568f7a4d9e1c5ebf4e5e08701951ea4a21eba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 3119
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3227415977"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame CB49 53 KB
19 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19062
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 08:53:51 GMT

GET
H/1.1 200
OK formalize.css
connect.ongage.net/media/abf8cbe4/ongage/css/ Frame EE6C 9 KB
3 KB 64ms
57ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/css/formalize.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa1d1425c0f61bc5be40a552b14d369dd11b84940acc0e9db0f2df8ad8f4a760

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:50 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 2525
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "3345533805"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:50 GMT

GET
H/1.1 200
OK jquery.dataTables.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-dt/css/ Frame EE6C 15 KB
3 KB 63ms
38ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-dt/css/jquery.dataTables.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fd5a1153f51609f3820efd93e240f094f049ac5a36a8c97d5337396619fe1e01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 2312
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1178122026"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK fixedHeader.dataTables.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-fixedheader-dt/css/ Frame EE6C 318 B
770 B 68ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-fixedheader-dt/css/fixedHeader.dataTables.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bdfa016be6eabc7b06a461a4de814b3c3eff78f81b5d488baac27292bc5bca26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 172
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "2900171739"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK buttons.dataTables.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-buttons-dt/css/ Frame EE6C 10 KB
2 KB 73ms
40ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-buttons-dt/css/buttons.dataTables.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0847edd008235098153f8316b87bb43e9408868cad505759ff74fb0085e8d4ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 1730
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "1650803265"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK colReorder.dataTables.css
connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-colreorder-dt/css/ Frame EE6C 213 B
765 B 84ms
49ms Stylesheet
text/css 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/js/libs/datatables.net-colreorder-dt/css/colReorder.dataTables.css

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a8056904aa2d674b1cbaa62a1f27bfd3735ab528f9f085576e6c1002389f7c55

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 169
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "96262971"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=31104000
Accept-Ranges: bytes
Expires: Fri, 20 Oct 2023 15:48:51 GMT

GET
H/1.1 200
OK ono.svg
connect.ongage.net/media/abf8cbe4/ongage/img/icons-svg/regular/ Frame EE6C 589 B
902 B 267ms
52ms Image
image/svg+xml 34.242.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.ongage.net/media/abf8cbe4/ongage/img/icons-svg/regular/ono.svg

Requested by

Host: connect.ongage.net
URL: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-174-14.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

73770aac4ff45556f3ebed70f4892b7e6264672ceabc0397000d461f19996ef7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.ongage.net/media/abf8cbe4/ongage/compiled/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 15:48:51 GMT
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
P3P: CP='CAO PSA OUR'
Connection: keep-alive
Content-Length: 300
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 23 Oct 2022 06:25:33 GMT
Server: nginx
ETag: "4275820811"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Expires: Thu, 24 Nov 2022 15:48:51 GMT

GET
H3 200 export Show response
app.convertful.com/api/widget/ 142 B
954 B 526ms
498ms XHR
application/json 2606:4700:20::681a:170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertful.com/api/widget/export?owner=39789&domain=sendmesamples.com&subscriber_uid=null

Requested by

Host: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=39789

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:170 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.22

Resource Hash

1d14ab1ef2ba0c1be7e1e5c094abf0a2e20870f2e2f0c9d0e90fb58055be29ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.22
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"9c8703bb7108bfb26ea13421194e4e274297da54"
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://sendmesamples.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGclhRIsjJlELEjDJ3FgU%2FmiayP%2BzFM6FFs9z9m5ZSyE7y%2BORcJ7%2B1YFO4jxZR%2BeWzpZPVFfL1JZU0CW%2F6cJUMGxuNTkUlkWIZIT1xl%2FCaf6jhhfJzIkbZ1eWRGcBMeIq6u9ABrokPSBH9CQ%2For8GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: ETag
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 75fc19588ce8909d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, ETag, If-None-Match, Cache-Control

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 47 KB
13 KB 337ms
130ms Script
text/javascript 54.231.226.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by: Host: sendmesamples.com
URL: https://sendmesamples.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.226.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 84539a57764fd40a7604197b8a0efe82113dc5d755f147a8ab6bd769417ff2ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 15:48:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jun 2022 15:52:31 GMT
Server: AmazonS3
x-amz-request-id: ME60V4XQRPXAH8M6
ETag: "7f1f0c2240af490b88a7cf1bc3834e44"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 13310
x-amz-id-2: vL/B4CiN2orbf67OvNXsTEwjw0OLi7nWGSl+BGGkSmJpj01rdeVQE9wzuOVeVSgzvH2i5eGEhEQ=

POST admin-ajax.php
sendmesamples.com/wp-admin/ 0
0

GET
H3

200

/
www.facebook.com/login/ Frame 2D94
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d1ee6767e8ec8%26...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

89ms
88ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d1ee6767e8ec8%2526domain%253Dsendmesamples.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsendmesamples.com%25252Ff107e81c4eda064%2526relation%253Dparent.parent%26container_width%3D266%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsendmysamples%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=12e979bab116b7fed74d90dec9c57f37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sendmesamples.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Oct 2022 15:48:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: xQ6zi7iQ7DpwKN7uiBS5eh1BHw0feuHqDxN2ObWovi2YS8dmthZpcG13otj9JjwKQbt41K7VYP5W3WjoXN7sIA==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 25 Oct 2022 15:48:53 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3d1ee6767e8ec8%2526domain%253Dsendmesamples.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsendmesamples.com%25252Ff107e81c4eda064%2526relation%253Dparent.parent%26container_width%3D266%26height%3D500%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsendmysamples%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: BKUQKwheprcc7GeuosiZQKceX+i1LNhBceOsbjrRR1JqAUKiCWVYeRybMz7G+lXtsqLg/5bEYG/ohbLcF6+9GQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 in.php Show response
in.getclicky.com/ 219 B
427 B 476ms
156ms Script
text/javascript 198.145.13.11
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100719249&type=pageview&href=%2F&title=SendMeSamples.com&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.0186229086226819
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.11 Tualatin, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: d38619e7707f0587d5d0d27bfb04d23d12bf27461a945fa768cd14467e327197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
146 B 29ms
28ms XHR
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=23512&v=3.972&support=1&state=default&wl=0
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: https://sendmesamples.com
aimtell-traverse: 0
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials: true
cf-ray: 75fc195b08b290dd-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 23512-f07c3468d572.json Show response
cdn.aimtell.io/config/optin/ 435 B
509 B 188ms
188ms XHR
application/json 2606:4700:10::ac43:1ee1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/optin/23512-f07c3468d572.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebee02d5e9d75d3f37faccfa8a19461daea992f87fbdcd1dec821bff1bb376e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:53 GMT
content-encoding: gzip
via: 1.1 96d2df8d2655bf1d48c2f4e4db090ae6.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
content-length: 322
last-modified: Tue, 07 Sep 2021 16:24:44 GMT
server: cloudflare
etag: "c18b99ea8f87a122316bed9dcd475a9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 75fc195b0fda9043-FRA
x-amz-cf-id: a-oln8UxSJl_WjRPOvm2nswwCbhNqDmmEgDcKjY4uH-cmazxUCTxUg==

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame 5889 14 KB
4 KB 19ms
19ms Document
text/html 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

08b0059e13504e41d859fc5692edfe0c99a13d0106fdc1ba91e40cebccea4dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sendmesamples.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62044
content-encoding: gzip
content-length: 4080
content-type: text/html
date: Mon, 24 Oct 2022 22:34:50 GMT
etag: W/"634f1895-390f"
last-modified: Tue, 18 Oct 2022 21:20:21 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-id: Quvs1KsUpnnm00-gjqG4ae0546Ghh2paStllxMcYR67IEdN4Ri7PkA==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame 5889 16 KB
6 KB 20ms
19ms Script
application/javascript 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 02:51:08 GMT
content-encoding: gzip
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: DUS51-P1
age: 5317066
x-cache: Hit from cloudfront
content-length: 5630
server: nginx/1.20.1
etag: W/"62bdf287-40f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 5OkiCdesixurUB6CtjdnGrFiBywsgYFZf3TbZFr582VWQM5RmcXEZQ==
expires: Fri, 25 Aug 2023 02:51:08 GMT

GET
H2 200 st.e96255eb8fe81c93a11306efbce27be2.js Show response
ws.sharethis.com/secure5x/js/ Frame 5889 132 KB
32 KB 23ms
23ms Script
application/javascript 2600:9000:224a:8200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/st.e96255eb8fe81c93a11306efbce27be2.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

3512e0f4bfb557504799492a4c255173e066fe6304e584928d60a14a910252f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:15:55 GMT
content-encoding: gzip
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: DUS51-P1
age: 577979
etag: W/"634f1895-211a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: ZHmVnDiuHTuTczwRbdW7YRRVlCfPPvNPEbRnjcoEDn87-JczNpLdqQ==
expires: Wed, 18 Oct 2023 23:15:55 GMT

GET
H2 200 suppression Show response
beacon.aimtell.com/ 1 B
77 B 25ms
25ms XHR
text/plain 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.aimtell.com/suppression?id_sites=0
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://sendmesamples.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 15:48:54 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://sendmesamples.com
access-control-allow-credentials: true
cf-ray: 75fc19624f4790dd-FRA
access-control-allow-headers: Content-Type, *
content-length: 1

OPTIONS
H2 200 suppression
beacon.aimtell.com/ Frame 0
0 144ms
59ms Preflight
text/plain 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.aimtell.com/suppression?id_sites=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sendmesamples.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: https://sendmesamples.com
cf-ray: 75fc1961fc149296-FRA
content-length: 1
content-type: text/plain;charset=UTF-8
date: Tue, 25 Oct 2022 15:48:54 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 23512-f07c3468d572.json Show response
cdn.aimtell.io/config/ 194 B
321 B 537ms
537ms XHR
application/json 2606:4700:10::ac43:1ee1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/23512-f07c3468d572.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff97df4b81b1124bd185f62d0603f21afa6c851bd2333bd3e6479ff5a449aec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:55 GMT
content-encoding: gzip
via: 1.1 1444224b4b97d67af7507c4e96f65844.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
content-length: 153
last-modified: Tue, 07 Sep 2021 16:24:44 GMT
server: cloudflare
etag: "f081a55d21097fc298794470877e8fdb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 75fc19627f8d9043-FRA
x-amz-cf-id: HSRKwRrUP7yxJDKGiTzAckJLBVMNXBOGzLK1rlToPjTtKNglOtC72Q==

GET
H2 200 4294.json Show response
cdn.aimtell.com/prompts/ 8 KB
3 KB 155ms
154ms XHR
application/json 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.com/prompts/4294.json?cb=1666712935
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 033ac6fd822ed8d90513dd6b02f261726bb389b78ee349214a158310cd26a1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:55 GMT
via: 1.1 d9ef81045d0cf909bd3143957da09138.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: ARN56-P2
age: 50375
x-cache: Hit from cloudfront
last-modified: Wed, 05 Oct 2022 16:23:59 GMT
server: cloudflare
etag: W/"72123c65c94d57e675cdc057f324d0c8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin
cf-ray: 75fc1965dba99296-FRA
x-amz-cf-id: dxgb1ePTG-T_fXLIBQX1DyU-3eBbJ_VvIRD4oX_OnaMzzmcbEqWb2Q==

GET
H/1.1

200
OK

pixel.jpg
s3.amazonaws.com/cdn.aimtell.com/prompt/
Redirect Chain

https://analytics.aimtell.com/prompt-view?id_site=23512&prompt_type=3&prompt_id=4294
https://s3.amazonaws.com/cdn.aimtell.com/prompt/pixel.jpg

269 B
626 B

120ms
120ms

Image
image/jpeg

54.231.226.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.aimtell.com/prompt/pixel.jpg
Protocol: HTTP/1.1
Server: 54.231.226.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7a45b8766d855498d60f288238e213f35ca4257229d22cb3ca2f76e4e42f167e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 15:48:57 GMT
Last-Modified: Wed, 26 Sep 2018 23:30:38 GMT
Server: AmazonS3
x-amz-request-id: QFTKRX3CD5Y12DEC
ETag: "651cb11ef0b9b30cd2a184a109d6a83c"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 269
x-amz-id-2: 4QvAqNtjVfKr5ap5uhgT4PypvIIW61/UjyRXcyyay5EuIfDeRISZwkJE1FQDk1qUrzmdxQKKXDc=

Redirect headers

date: Tue, 25 Oct 2022 15:48:55 GMT
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amzn-trace-id: Root=1-63580567-08fe52551adfcb2b1606e332;Sampled=0
x-amzn-requestid: 4a14c5f0-9ab4-4b8a-9335-e0a5bf457200
x-cache: Miss from cloudfront
content-type: application/json
location: https://s3.amazonaws.com/cdn.aimtell.com/prompt/pixel.jpg
x-amz-apigw-id: akXIPGKdIAMFlkQ=
content-length: 0
x-amz-cf-id: sMTLf1AcG_m8pKwz6SuCnZCsS9WBtZI5xV3A2dIdBjhHMtrEFtpk8w==

GET
H2 200 23512-1664796321.png
cdn.aimtell.io/user/uploads/ 18 KB
18 KB 1570ms
1530ms Image
application/octet-stream 2606:4700:10::ac43:1ee1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aimtell.io/user/uploads/23512-1664796321.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5dac728877bec82022604e4ace986a41c63a7fd8251a05523b7a145b25c7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:48:57 GMT
via: 1.1 b99f8549b35755a7a7577e7612fbe078.cloudfront.net (CloudFront)
cf-cache-status: MISS
last-modified: Mon, 03 Oct 2022 11:25:22 GMT
server: cloudflare
x-amz-cf-pop: MAA50-C2
etag: "7d68dacf93cf1eebf971428cb8bf380a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75fc19671a10bb5b-FRA
content-length: 18040
x-amz-cf-id: UPoZevl4jXIHad1AWCYmVzH4aFfSj3mx3cyGD5mopb2-2hqlCGOYsw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: create.leadid.com
URL: https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&methods=48&token=74104E92-4790-AE99-4EE2-CA3A231C1B03&uuid=ed739933316f42128827b87c19a45c14

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ftrick-or-treat-pick-these-5-halloween-deals-save-your-money%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-magic-face-mask%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Fwin-a-beis-carry-on-travel-bag-sweepstakes%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-refrigerated-truffle-bars%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-plant-based-burgers-rebate-offer%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Fbecome-a-surveyqueen-make-money-online%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-childrens-hospitals-week-bandages%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-babycozy-diapers-sample%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-dickinsons-deep-cleanser%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&origin=https%3A%2F%2Fsendmesamples.com&url=https%3A%2F%2Fsendmesamples.com%2Ffree-sample-of-playtex-clean-comfort-tampons%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-admin/admin-ajax.php

Verdicts & Comments Add Verdict or Comment

361 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rewardsadvisor.com/	1970-01-20 16:34:32	Name: _ga Value: GA1.2.255793348.1666712924
.rewardsadvisor.com/	1970-01-20 06:59:59	Name: _gid Value: GA1.2.2106898284.1666712924
.rewardsadvisor.com/	1970-01-20 16:34:32	Name: _user_time Value: 1666712924221\|1666712924221
iwin.rewardsadvisor.com/	1970-01-20 16:34:32	Name: _user_random Value: 0.5263591759058446
.rewardsadvisor.com/	1970-01-20 16:34:32	Name: _user_id Value: 99fd98ac-416f-429f-a7cb-3a9f267d017d-5E0dvROE6opRwttEJBCPcsDLvHpHsXH8jx3BHpcw
.rewardsadvisor.com/	1970-01-20 06:58:32	Name: _gat Value: 1
go.aramistrk.com/	1970-01-20 06:59:59	Name: enc_aff_session_2008 Value: ENC03efade5bc9fb56e890121ff8bb12d487c288b11e75b7de1880cb096d7264e18afce41e3ac0b170dc14586622b125f10c492a42b5ff1b8c3ca72a799ad59f36588bfe76ccac75a31d735eee82488adc7611c5afbe5d94b4608003af0fcea14f7d2ea17eb2ef5d89b0519efb70265cd2a99e34a945926038255ec24f6df36c083d1d00c7ea52871908351303ed34d08f5dd26971f127e5522ff2aae94b1381fcf381712b04a
go.aramistrk.com/	1970-01-20 16:34:32	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNi4wLjUyNDkuMTE5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
iwin.rewardsadvisor.com/	1970-01-20 09:22:32	Name: _aimtellSubscriberID Value: c9f93b27-7a10-2f84-f862-54c247d9d316
iwin.rewardsadvisor.com/	1969-12-31 23:59:59	Name: leadid_token-532AA58C-3478-CE87-E6BF-9CE3DCA7C530-47B3EBF1-F568-05AC-6674-6BA34499F7ED Value: 74104E92-4790-AE99-4EE2-CA3A231C1B03
.deviceid.trueleadid.com/	1970-01-20 16:34:32	Name: uuid Value: ed739933316f42128827b87c19a45c14
sendmesamples.com/	1970-01-20 16:34:32	Name: bp_user-role Value: guest
sendmesamples.com/	1970-01-20 16:34:32	Name: bp_user-registered Value: 0
sendmesamples.com/	1970-01-20 16:34:32	Name: bp_ut_session Value: %7B-q-pageviews-q-%3A1-c--q-referrer-q-%3A-q--q--c--q-landingPage-q-%3A-q-https%3A%2F%2Fsendmesamples.com%2F-q--c--q-started-q-%3A1666712930359%7D
connect.ongage.net/	1969-12-31 23:59:59	Name: session Value: 64d492304ba922b59b310229e59584039671c0d3~635805629405c6-93602632
connect.ongage.net/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 231D2DA912A7F333A8A20A4CC4661CB57A5E32B00F28C74DD2A078E29CE9625DE4D52B97CA4904266E301412C03E65F3BC02613C82BEF93D4D51D3772AF2719B63CBBBA118
sendmesamples.com/	1970-01-20 16:34:32	Name: conv_person Value: {"$visitNum":1,"$fvDate":1666712933}
sendmesamples.com/	1970-01-20 16:34:32	Name: conv_session Value: {"start":1666712933,"shown":[],"startUrl":"https://sendmesamples.com/","referrer":"","expires":1666714733,"isNew":true,"pageViews":1}
app.convertful.com/	1969-12-31 23:59:59	Name: session Value: 5anua909nveb2ft3e8p4uj8h7e
app.convertful.com/	1970-01-20 06:58:34	Name: site_38587_session_id Value: d11a9cd062fc5ec855801f7e61196d9b059405dc~38587
.sendmesamples.com/	1970-01-20 15:44:08	Name: _jsuid Value: 2619148939
.sendmesamples.com/	1970-01-20 06:58:36	Name: _no_tracky_100719249 Value: 1
sendmesamples.com/	1970-01-20 09:22:32	Name: _aimtellSubscriberID Value: 3b4b89e2-41a6-bd90-d0fd-bf97ab7a3ef2

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://iwin.rewardsadvisor.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://script.crazyegg.com/pages/scripts/0020/7863.js Message: Failed to load resource: the server responded with a status of 410 ()
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I2_1666712930401&_gfid=I2_1666712930401&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=64161573'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I6_1666712930409&_gfid=I6_1666712930409&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=41536612'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I9_1666712930416&_gfid=I9_1666712930416&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=39881830'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I4_1666712930405&_gfid=I4_1666712930405&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=13312919'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I7_1666712930411&_gfid=I7_1666712930411&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=18145765'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1666712930391&_gfid=I0_1666712930391&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=18507472'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I8_1666712930414&_gfid=I8_1666712930414&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=58096652'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I1_1666712930398&_gfid=I1_1666712930398&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=36463962'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I5_1666712930407&_gfid=I5_1666712930407&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=20041990'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://sendmesamples.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I3_1666712930403&_gfid=I3_1666712930403&parent=https%3A%2F%2Fsendmesamples.com&pfname=&rpctoken=30290378'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.aimtell.com
api.trustedform.com
apis.google.com
app.convertful.com
beacon.aimtell.com
cdn.aimtell.com
cdn.aimtell.io
cdn.trustedform.com
cdnjs.cloudflare.com
connect.facebook.net
connect.ongage.net
contextual.media.net
count-server.sharethis.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d3v6q7097edepm.cloudfront.net
deviceid.trueleadid.com
djk97zng6lbya.cloudfront.net
events.impressure.io
fonts.googleapis.com
go.aramistrk.com
impressure-c630.kxcdn.com
in.getclicky.com
iwin.rewardsadvisor.com
l.sharethis.com
lg3.media.net
live.r3engage.com
s3.amazonaws.com
script.anura.io
script.crazyegg.com
sendmesamples.com
signals.aimtell.com
ssl.gstatic.com
static.getclicky.com
static.xx.fbcdn.net
w.sharethis.com
ws.sharethis.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
apis.google.com
create.leadid.com
sendmesamples.com
108.157.4.94
13.226.156.196
13.32.118.135
13.41.96.213
18.214.230.128
18.66.248.46
198.145.13.11
2600:9000:2182:b800:13:7c59:6e80:21
2600:9000:223d:ac00:1c:7f1a:6680:93a1
2600:9000:224a:8200:3:c04e:c780:93a1
2606:4700:10::ac43:1ee1
2606:4700:10::ac43:29e5
2606:4700:20::681a:170
2606:4700:3034::6815:3e4e
2606:4700::6810:a010
2606:4700::6811:180e
2606:4700::6812:1f97
2606:4700::6813:9308
2a00:1450:4001:806::200d
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:831::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3121::3
2a0b:4d07:102::1
34.242.174.14
35.157.116.120
52.43.151.13
52.49.160.208
52.71.143.120
52.73.153.179
54.231.226.24
88.221.168.23
95.101.200.23
033ac6fd822ed8d90513dd6b02f261726bb389b78ee349214a158310cd26a1e1
03d4f80fb9fd3b1fbda8bed454b883ea7cb82e17fc85020dd60cd0bfc24ee83b
03edb019b518c6764803b60413a90e389d69e9d64fbe26dcfb737fb810e28cf5
049ba97efd5e51f8dcaaf2383aae4b00bfbab1eb715124666ac72e3a9408d234
074d9505d547acdfced56ba7203b153958881abceb7a19326029f652acb75191
0847edd008235098153f8316b87bb43e9408868cad505759ff74fb0085e8d4ab
08b0059e13504e41d859fc5692edfe0c99a13d0106fdc1ba91e40cebccea4dee
0afc3592f2df6968029d7b425bad47712552e15fd820be0fd2df374ebc5a9f93
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0e1cea94cd911d6bd17fc75659bf3bd53cb5a5424d348204a8581cbe2639480f
0f2ea2bf39cc9fb972fe1359ff3ff56da9645636f3d57f8c0c755b9d5426d732
0f36636166f964e4c86aea6508e4b00e9edd1c160eae7e31879a6fe7be6bc0d2
0f5dac728877bec82022604e4ace986a41c63a7fd8251a05523b7a145b25c7c0
104f06a43609c30b65ef9c705cafe93755619eed472b7cd1cdd938672764d46c
109ab79267f3508cb0f1347d568069c45a1492a205be80c8bcea0874abc463d2
1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d
16207daf475d8548c66ceaa9914f8a8a8f0e49395a166cd6b16dd0825760c0e4
1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20
17efe1e642dee640b2d466b4139eb9f70199ad75e21d694c20e361f4ce37a94f
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1ae14c7046b6f78a7612ae468d919ffcda3ca93daf8e47f39fd44621b030352c
1d0c943646a8078848ac12b821605b261b51ae3baf5e3ba864e99d7817ed0400
1d14ab1ef2ba0c1be7e1e5c094abf0a2e20870f2e2f0c9d0e90fb58055be29ab
1d1e9c3ab3ddfb8c30124d8b94291531180107bb81af0a6ed13e3f0e54378933
2271b17e94bf57c9e767fa3ec6bea94db671da97d94c8969a9b5a24f0b6c44f5
2410ed76bab2930d473ed00294256a24b191a35f14ae6560478ae8da68811464
258db3f8c00abb9050c2835076d68c7adbd9aaf152e36486817f252a2ee54cd1
26889d83383b5b9d6437155567e8e981cf9df17048c6b2026c3c814e85e861e4
275785354056321f622bfbdc7907492605d4c9362e0117a8bf5c7de6480da71c
29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab
2ac03a4c7aff60dbd686171c3bb784e852d75a0449720e7885d533b612a72dc8
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
2ff97df4b81b1124bd185f62d0603f21afa6c851bd2333bd3e6479ff5a449aec
305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
3512e0f4bfb557504799492a4c255173e066fe6304e584928d60a14a910252f9
362f7666ea0deadd79d25e3afc87d49313d4ddec4f25f20f8bb2600cb4dcd383
37c17edf80fabbc76d036b590d606606b15c288f699ba5adf91b8e6b5713b4f5
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
3a8b0b88be00f7531bb52994e1a389f71ef4bf04867b2d7271f07b58a5d9d8f7
3a8b4a1c15b64f3ab9294d4e566de00ab25bc197933460808d190d4952478d4f
3ac8a33da3d0080359954f4e75e1b62384e6731524a9b8c53b64ac260a961ea5
3b99d2d445f539acc68254e0f4ccc66b2f59c0bec3719070700dc6a271aa4ab2
3c8455b1a3f825d57f4c87f5151f141f2e13161f8b891a9e725617bc23c17a2c
3e5548dba43c0988efa3c14dc53d39c9c9707f1b181c315dcb4fbd922e98d142
42a88d1ea2a2ec6e6d116e7fd10a6ccb3dabbefbf612f1ee50ad998bd51c2f2b
4345ed13477289dc6b9ebc599b65b0fae32ef131a5ae9668a142b59a6e52beb0
4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19
46ea47fcea0ced1f15061e7a6ae29458537f8ce2c02f0e7c75c65c8cad69727d
4721767e3e96606bae9541771f437001fab5303038e4beaee57a209a4e9d3468
47c1ac2e88d06479a7bda88be7c0c01bf368aaa0bed4d894e6c2c179b0ce6357
47d8e6a19858032c648a388bb38ac387b63b5925fc6ce2fec917a81b39ddaefe
48da14b2760f9a05fe5fb29c7944308c6f0e458cdf5584c8816e7506fdda9cc7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a3b72ebea40c6b50e87c532a7bf28dd1c2be421cc1f0062bfcad06f44aab9e1
4b596dd1a9171b905352d3812f4dba49f0961c6f3c724b22569d35593931bb04
4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509db56aa09a6e7935a8cddf28ed6b1fd5d3735f64e7a8083b0ec4d916cd6e6c
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
53ae7973ee93819bca738fc6c9ebbd1a7b5fdb3d882b94314dd10a242b752e3f
53e7247e0683d7fc377a2d3bd91e1f8d2c2144e77ab331762ca1f8ed85af4866
53f6717dce744e9f33a783938d743b076995b7d14a0805f77f418edc35b6d86c
5418d95fa27a9bc79305337c6a652390a6285a607afe8aa6fb94cd948325e535
5501104290f8ad4fb4028e1ba138f20b9438c0d1a10b4a136d978ae80ca87948
55448cb00ab04b1925717059668f5ef3b865e886c8e404ac73f306af3d6c7831
554573f7fe6c8874422929024ee047eba98f6324f75da6dc1044b9a1119f64fa
5576f86dffc7c43efab4bde7b92313ad04c510290ec54e98406a013743fed813
56aa05606a238f20bb09a7615a8a7744ed67c17a25b695e8ece8d709f1031462
57369bdf6ba3d0fcee334d025a57e675f74a6f47f362aa86a9b75f8a4bc7d459
57bb04ec34ce94f50faaadd1cbb6e99d177cf49c775d96ff72134c759ff5b383
5a5761a63882c82ab0f1d39fd1c49f0ea5182d5c542c4a302a25d9e4ffac54cc
5e3628c10e2ade4b1e910994c1bf83c0915deb94b73f77425d0e21185d2ae776
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817
6688bf1aad047dc236ca900ae5f975661576ee72a14512745f4ff92dfec2e758
677dbb6c5ed7f565f7adc8678d379fd9dfa2834145f84545798f3184287d9056
678ef9e5f63dc9b4d033391866af9435ec8961051a41f66a81d9aae114e1b258
698cb2b6d9bd7aee8074fc03e8cf764485f9a16bd1a40a5ac52fd853a29d36b3
69fa6258a2ae3ce43477866d7fd4e212814776582298bdfa32565fe2cda8a482
70070e096fa3fa85874688ac2b3a4fcc9a60753081fa205d2dffe19803e55c4e
7030e928a2d986953739dc45891e7c9bf879a4e79beda567252596c582b138f4
7170571af41a3ddbaa2994b297d372a280dcf696c202b351af819bd6632aed5e
73770aac4ff45556f3ebed70f4892b7e6264672ceabc0397000d461f19996ef7
74e010a2d365c0ef8371c9a9794d918c5a97e84eccbd98829b562157d4266b67
755158b8ec87a849abf410abd4f21887243ce6975e6aeff7cdd5d1fd3a2780cd
75cd48c5fcd0ba57e2a732b6405b8d224965fb4d7ef0b810a775111eb1a0857c
75e515b760b09638008dcdea00101f2d8d09135f9306d11eafac21c64f5e31c5
7848127e56bccc080c95a947df5a68ca3adb3b96c202c37f5f48c5da508b0bcb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a45b8766d855498d60f288238e213f35ca4257229d22cb3ca2f76e4e42f167e
7a967674b578cbeac67215983f90ccfb7f73c0c648f237f24330d7f819f3dc32
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09
7d8cb31e38c1d4abc76eb03bae52ae6316df4bd0f99203cd0c46bbaeb0a9d035
7e789059cac7d9d61233b973c4f04cd20c69b0b34f9f8ea74c045021feb5428e
80a84454dcc0550029e9ab2f98142bc4541f6fbe7641d2a1979bb42f29b33b7a
80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6
80be086e087576b0e7462e582741fa49c8d13b145ea3dafb3bc717195bc2d966
80ec52089403f664a0d19009becee51587eb44fb771b728f5e9ace9bd0891ceb
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
84539a57764fd40a7604197b8a0efe82113dc5d755f147a8ab6bd769417ff2ae
8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463
87d0137a356d58030a701d02b9a2a76f16430df970baecd388622f9a6da6ddb1
8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0
8c4dd6ecdbe8ca863a0b4f2466b23a41e9157ebf8323286ece740d5d2eb78f42
8e49019c2903d7a88be4d6748ad01511cd70bdebe4587eb3eff79d28d4522f65
908b877cdb54af68f2edbd668eea4b74c4c018ea9451ff283bf27e1a1ddff750
90f944f98912737cd582f7fadf149e9d2d064adc8fdf6f0621ba0a20dd68493a
918af567de57ab7349f6c8978d908f66ac0dd756b044330778ce1e0cdef6b9a6
91a3984b32a32a880f20a56f81102153773a453c9ceff3d3801e52e701c0a690
924274d78a5043833b635774aec230b11370d6a24baa7580a8df6610597fca17
9316779827b1e4c279b179fab2937968a9d9fe4265eb3fe1bc728e3dcbbcec6e
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
98cdb6ab8ff8ceff13ac179bc670f04bf8b153fa644a86539877b80ab2fe9ac2
992a59f2e2a1c12c2518b7b52c79780222437d4503c38d14900c3ffa875d6c3d
9971c1cf99724a7b4a8841575cd95a5698a523d60b5e5bb5169e10d3a7fbcd83
999474d91f767a1cc26cb4da1782ea3714926a4c3be9f570f3f31d471ffda43e
999d19663950deac608f78d0d9dfe2f794be613e4e09140a1ab1e68641e6b87a
9c2bda36dd4aa3055dcace0ebdc9ad44a4f2753f9af087c7f97c2c20a5528973
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1f23bab647ea97a338d42040d330f5017383cf6c9eab73c470529e4b7eac2c5
a26e0ef1a9127e2334ff49ab0edfc68dd41ef01379a478a419e1641ded4f2ee0
a28870f052bff412ed66708177c61d983b9bb4920d5d2de7547a44c9e66447c0
a4b3ef8e6b50cfff9a9b4980a1425b5ceffbe5418775a5f7265ec3787fcdcb10
a6a54d80b5c033492bf1d432789671f1faa06e46916add5a469cfacd370c3eba
a6c0d102addfb98835f7663b70b74a67b3f500252e65b40d7b92da7db1869fa2
a6c6ceace347485b84ee2935d117867a0a5beaab74226b53c315f3e79873630e
a72347df415140a5f85796136e3a512121e7cf9a16fc91c9197892b545b0ef08
a8056904aa2d674b1cbaa62a1f27bfd3735ab528f9f085576e6c1002389f7c55
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
aa1d1425c0f61bc5be40a552b14d369dd11b84940acc0e9db0f2df8ad8f4a760
ab5ab8114a8f3c8ecf0d6b44be95280e11dff043811a96067a19b223d167241a
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
b193cca67a1a3485f0418f26f67cfcd728df50e8f5b71c4fb477c918651d0ba7
b238d920f9287fa5c6b3a3b4d865ca92eb4cf0e74d5493ee04b859baae88338f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b53b8806598b91d3a1ea3954981c5582a82437c4e3412bb9cfef420b774ce509
b7a94f9fc4760fe29ec0f4bd2917a8ea1908040b547d5615c7dee94a12ed2b4c
ba2532e99ada77293ac8ce39656f5b0c076928584ad2ed48971c7b9700cf7e59
ba45036ff37c29128322f07ffe8cdb18c355bbbfb1f2dc20d2119e8180a6b2bd
bac7ac161879368345dd0db198ec925d9b90fde5423674ed1d92b8517e4fcb5c
bdfa016be6eabc7b06a461a4de814b3c3eff78f81b5d488baac27292bc5bca26
be04cb97796cfbb0a9344440f7115313eabc509096f1103b09c1a007dc6e1c0f
c01ee1e87aebc139a5a1b9eb756c17d0ed6d06cc569ef05181bce11c0db0a3c5
c68af0dbc56215457de6d384773a246b02ea2bb7036c452248bf536149933eef
c9dfc20bfcc735d078a1fba8a9e318179da81fc326cdfdeeb4e8d49e6f44d7bb
cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7
cd1b5014202d76c99feac845681589547edc1e3818ca218dea6129bb74031904
cdc1a538dba5a7c69538e1ca95e86064b7709ff83c4aceb220461876981a74f6
cdcead7a32b53afcfb21423dd0149955e9c0609de5dc6c6e5453fac9f477d8d1
ce29de23a72d5587e4d7fd0dab923690cc9889bb74a4192273ddbaa81a9e23b8
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cfde7c27a24d5e8892e06303986768b8d38aee8cc2818739d68f531bbb03d067
d1aa29aa174dc3b77c010837e6da98c28a1aaa8f7ae982b4c225b9042ddb3ad4
d38619e7707f0587d5d0d27bfb04d23d12bf27461a945fa768cd14467e327197
d3879b0aa5628ffa106d382ef3f1f354bb8509b34da49a54e819a7f9f894e34d
d45d481529b9aa12f5b1edfaeb34918a6373545bb55e00936d4a20f3350e63ef
d4820ee2968dfcb7b9c5816a9dcebe2973c521d37388a74d7e1f58fb5fdb128b
d6f19a46db129c5750b9d448c369b7910e9c3980d6ac72b683782f269070a5cf
d71738019e661f4a1cc910fdf05c3fcad3899411162472e711853e348bbd0176
d960181f1cef397a194bb097f18b64e8ea5cce9ce7ef72e58485115e58b37318
dd9d8c1185d43074101f68a9386a45f4665eb69d5bb8a81a7078ce0d491088ac
dede012563c945321fbe3952281658f48ee6bda0531c3301bc82e28efc01421f
e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982
e25f1bf6c18e48702704c8dad5a99b327233d9f8e08b635b2e036772ebf42a47
e2c3b525c8bf7616edb7a8c6fabdae273180738ee19c5cc6763a403c75b1c226
e3afa9426e668ea5cbaecdcc8686678d3a3edc4bc93c14c188d5f16499c6f267
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bd5b8752f58403944c8314901099f3b5120f2eff3f3337857ccd93f7b6393e
e68244cb8041db791be321b81da5c122a95a711e76202bba77638fe41c166563
e8db08f17dde72fab4040d70edcd2d214c61565f66a52afbad90820b42fdc4c0
ebee02d5e9d75d3f37faccfa8a19461daea992f87fbdcd1dec821bff1bb376e2
ed5083162853337b2ceaa7f855988404c0945c7ce1bfc51b667a93f4a69a1a26
ee509bb1c57d79983d9b61bc0df4ffba2307f8bcae447efa74c311e2f615dda1
f164b7d1707684b6749eb2f5154c84883cb9ec621dca72fc5147772b3c4237ff
f2a92b03c26b482f51457ebcfceae1f4fb5dfc88743f5c840213bc1365669e21
f2ebbe14cc4b91fd775c1929fc67c3cc326a5bed06bc87dea604dcebab1047c3
f3ba85b4272d0e67a1de5cfc844f8ff0c3f4e139e8274ec088b5e84c1221d2c7
f57f0b4b3ab1584bca643fd4c9a93c8b755c4c35a2399886a074e083fd9fcb2f
f6818530e6f1f34e2bd05086c79cf8efcdd333f243ffc66565a35407f297c6de
f966f4249c9d1ffea843148f6b8e86a7ecfb0acce91c8fac12d8300f493c1f75
faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39
fbc67a0a7a81ec5a88614d94ce407771bfa6269d1672686d7e930ea4fec99a1a
fd5a1153f51609f3820efd93e240f094f049ac5a36a8c97d5337396619fe1e01
fe79c3051d06312ab791c483c5b115bb6a76c386a81d9ae2b08df1befdf4fa08
ffe06e478b898e3e3476425bbdb3f9af058a211dfdcec8f47ccede00f90168eb

sendmesamples.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

94 %HTTPS

57 %IPv6

30 Domains

42 Subdomains

37 IPs

5 Countries

5440 kBTransfer

9834 kBSize

23 Cookies

12 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sendmesamples.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

94 %
HTTPS

57 %
IPv6

30
Domains

42
Subdomains

37
IPs

5
Countries

5440 kB
Transfer

9834 kB
Size

23
Cookies

238 HTTP transactions
2 data transactions