sweepstakessurvey.org Open in urlscan Pro
2606:4700:20::681a:fd7  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Page URL
2. https://itweedler.com/4533056/?var=4493500&request_var=1309_492&var3=474147868474351662 Page URL
3. https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

• https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9430.tJF6H6o8NbBPdq8EbbFAdX1-1Z0O-S8xYpHx6cWLdfr7RDAD8E4r-8I61TnS6YZq.kXqW-RLrxBMOFFkYEvrEKpmz8AY%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9430.XEtRuaFX-DcUZ2837Sl3VNzrIAXOIMbixRL6EBH18hC4b3TzlyrJ0xYlNpPrElXueTVvQJlIyfe0tHDQzNhtow%2C%2C.gfOIvS2iMWWiH7cguNFbM5wpE9g%2C

Request Chain 98

• https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b3916e%26s%3D474148312870843008%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A376%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1122123323183%3Ahid%3A989489863%3Az%3A0%3Ai%3A202101019020807%3Aet%3A1634609287%3Ac%3A1%3Arn%3A331354374%3Arqn%3A1%3Au%3A1634609287276263283%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634609286623%3Ads%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C90%2C2%2C%2C%2C%2C408%3Adsn%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C93%2C2%2C%2C%2C%2C408%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634609287%3At%3ADear%20user&t=gdpr(14)ti(2) HTTP 302
• https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b3916e%26s%3D474148312870843008%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A376%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1122123323183%3Ahid%3A989489863%3Az%3A0%3Ai%3A202101019020807%3Aet%3A1634609287%3Ac%3A1%3Arn%3A331354374%3Arqn%3A1%3Au%3A1634609287276263283%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634609286623%3Ads%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C90%2C2%2C%2C%2C%2C408%3Adsn%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C93%2C2%2C%2C%2C%2C408%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634609287%3At%3ADear%20user&t=gdpr%2814%29ti%282%29

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	finance-survey.html Show response expensivesurvey.online/	4 KB 2 KB	379ms 67ms	Document text/html	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1a2182e523221a6c3e6e665601e0cf899b59635c26492d1b060c20b07809009 Request headers :method GET :authority expensivesurvey.online :scheme https :path /finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 19 Oct 2021 02:08:05 GMT content-type text/html last-modified Mon, 18 Oct 2021 15:42:43 GMT vary Accept-Encoding cache-control max-age=1800 cf-cache-status MISS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vNg5trsaDrEguidjwL2MrR2prkNDfUwYXVxl8UfKv9GYfC4HN881I2GF4As8NnHaBOmysXwz4GAAUIlFgsQJLeXjUx07mAwBeSomiFhBvcbdaBE8uWlgflNeSKxEh7WLf4gdEbKPD3blcOA5zSbn%2B2DeMY%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a0674e408ec4401-FRA content-encoding br
GET H2	200	fv.js Show response propeller-tracking.com/	5 KB 3 KB	249ms 60ms	Script text/javascript	139.45.197.240 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://propeller-tracking.com/fv.js?t=82892&cb=12724596 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.240 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:07:57 GMT content-encoding gzip x-content-type-options nosniff x-trace-id 903861183ad77c1badef0cee2a50aba9 pragma no-cache server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/javascript; charset=utf8 access-control-allow-origin access-control-expose-headers Authorization cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	rtc.js Show response expensivesurvey.online/js/data/	11 KB 5 KB	66ms 65ms	Script application/javascript	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/js/data/rtc.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0 Request headers :path /js/data/rtc.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:05 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2635 cf-polished origSize=15077 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-3ae5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlAvKbqF9hY6g54YLUUex8aprlxkw63t2Z3WYSymdtJvNYy%2Fm1Ze1taON4HAKntF91bpwB8f9jFkoOhaVaeTfNJ9sPCFwna3sdN9yI7vJiMtPyed34TCmOlJ5p5QKIeGLSlp%2BQRzurD8tg2r8jYyULgTjWY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6a0674e499974401-FRA cf-bgj minify
GET H2	200	config.js Show response expensivesurvey.online/js/	61 KB 19 KB	154ms 153ms	Script application/javascript	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/js/config.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40528342d9aad607efcd0f6c79b6e0d83722686c49b52675d2aaef948dddc103 Request headers :path /js/config.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:05 GMT content-encoding br cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 5571 etag W/"616d95f3-f5b9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfJh2g2EsyxXlqCS0V5OnkW%2Bs7IERPX%2FMBmBj5kIYKTrg0jMAlvIQ%2B%2BM9kHpoIB69oV0cFrKUOAjrlYPUYp5FwXYdi57GjIX8HMosbdbkM0eVnoCDkRhG7sziUHqFqowjRvgv9YjXM9rumKoi3JW3yAATWE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674e499984401-FRA cf-bgj minify
GET H2	200	survey.css expensivesurvey.online/css/	19 KB 5 KB	76ms 76ms	Stylesheet text/css	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/css/survey.css Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46e82abefb7f047ffecd1a09b10868ae7f49272fb06bf2013559afd325bd75f5 Request headers :path /css/survey.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:05 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2664 cf-polished origSize=19903 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-4dbf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCOzA3AExtdS58u6B%2BDjzfCGpRp4yCZE33aYwSjpYfKmnCam5cvp5jEtKHU7Oq3%2BmFJaR%2FkyMDMBVcfhKPwIGlPpgzzJ7yPwvtbUcR4mTDFbg8H1R2kcg6NEcjQDuMtNC%2Bqi%2BBkmkwabcO9pOixX9qTMpeQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6a0674e4999a4401-FRA cf-bgj minify
GET H2	200	style.css expensivesurvey.online/css/	33 KB 5 KB	178ms 178ms	Stylesheet text/css	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/css/style.css?v=1 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9b83e91c86f303d98ede9ff0b4700d0f68ebbd39370fa7b744b51d1e9e08135 Request headers :path /css/style.css?v=1 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:05 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2664 cf-polished origSize=33802 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-840a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoRUMWxVvDlSL3ImPOvbP49Tj78kKZx4m0uqbbJcsEIbyiclspEOGFpK2BjDIdNuMFdZ%2F6SkSiCsNpAjxqmPH%2B3WwvJ5U2ZuufZwQzXyc7IN0DvMtSgMwtgyPXjiZpOe9tqTEjlohg%2Fk0wjiCRq7kY%2BGd94%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6a0674e4999b4401-FRA cf-bgj minify
GET H2	200	icon-survey.svg expensivesurvey.online/img/	3 KB 1 KB	100ms 99ms	Image image/svg+xml	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/icon-survey.svg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904 Request headers :path /img/icon-survey.svg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 2688 etag W/"616d95f3-c26" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftNOCyXRfrfhLZ7eOeYf7KMFJH9Auli6zGQXiXBKCusKZjdGdppnGkAhgqnrHJOJlTimDC%2FN1bMDHk63BHjWNwPz92LoHr6Kcc%2F14EwQN9v1r%2BX2GsTECD8AegsUFB1FAhc57jKwIAS%2Bg3bEHxEJ8%2FUon3s%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674e5cb134401-FRA
GET H2	200	survey-site.js Show response expensivesurvey.online/js/	3 KB 1 KB	101ms 101ms	Script application/javascript	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/js/survey-site.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6ce1add3a481e1df35ca5c582f7b8cc2eb19779063dd89e66f2b142ef57cf3a Request headers :path /js/survey-site.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 2665 etag W/"616d95f3-b23" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Z5SIEcVvVqCz3F%2BSK1PJgvx0vwRyuZmMLL125700TZ7BhEOrmlx3Y8j9TJC%2FZuuxk1rquMtWDlJAh7sbaODzlc2z1u0VmuZOXquDjSbAgqcJrpyCqCYjqkV%2Fho6b5v5ymvmtRfnW%2BTiN4JgVioJEQwbR18%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674e5db144401-FRA cf-bgj minify
GET H2	200	survey.js Show response expensivesurvey.online/js/	273 KB 85 KB	66ms 66ms	Script application/javascript	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/js/survey.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3affea23599e52b0e73d8f71a35aa360d91ddea761519c7ac24e0828b1f54f1 Request headers :path /js/survey.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2689 cf-polished origSize=279119 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-4424f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfkBWcSWFssxtuMTWOlwfTO7MT47S785AtF3JsvdaRvjEyNgJ%2BGeREm%2BPQ1zY2jbpmIG8zKF%2B2JdrYPfUkXgF1cnDU5r0iwwT0vq15Aroq%2FBb2k%2Fc0VvYRMVU%2BHxIwFGaL4erpmXTU%2FvUt%2FRZ9k4Vx%2FgxlM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6a0674e5baf84401-FRA cf-bgj minify
GET H2	200	sd-1203000.js Show response expensivesurvey.online/js/data/	11 KB 2 KB	101ms 100ms	Script application/javascript	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/js/data/sd-1203000.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acc9ce307870076d09114bcf3310a4217d59a87228bde2f3cc2248c9e70e880b Request headers :path /js/data/sd-1203000.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1486 cf-polished origSize=20453 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-4fe5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzVMamZ%2FUtpNWtn31uNtYblHzyuyQ1pD0YFw1vZZlgvOLKVmKmmcXbPhiJ0UbP464JY8B7tkHLuZHOyWXQkJbItrX1YPMdv2swBQzCcTPyOehtKIrZ9k5na3EjwGOYHyN%2BXDlOCqY%2BM55Dp6Nl6ryh%2FwtXQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6a0674e5db164401-FRA cf-bgj minify
GET H2	204	vctx Show response propeller-tracking.com/	0 497 B	16ms 16ms	XHR text/plain	139.45.197.240 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://propeller-tracking.com/vctx?t=82892 Requested by Host: propeller-tracking.com URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.240 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-trace-id 7fa3a3bc9f1835c63ebdaed0931729b6 pragma no-cache date Tue, 19 Oct 2021 02:07:57 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://expensivesurvey.online access-control-expose-headers Authorization cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token expires Tue, 11 Jan 1994 10:00:00 GMT
POST H2	204	vbl propeller-tracking.com/	0 497 B	15ms 14ms	Ping text/plain	139.45.197.240 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://propeller-tracking.com/vbl?t=82892&bid=undefined&aid=undefined Requested by Host: propeller-tracking.com URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.240 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-trace-id ec5f8b5c9fd0339e669ab8d4268a32b7 pragma no-cache date Tue, 19 Oct 2021 02:07:57 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://expensivesurvey.online access-control-expose-headers Authorization cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 549 B	40ms 13ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/survey.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 5fee89917af8e06455bb2305ac0b7ddcb06d56196664722f1c5b387c584a51ed Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://expensivesurvey.online access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	gtm.js Show response www.googletagmanager.com/	104 KB 38 KB	38ms 16ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bccbaa6b6bcfeee3110b0742955b32774413e5440d71e56bf23adf72b906e77e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 38078 x-xss-protection 0 last-modified Tue, 19 Oct 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 19 Oct 2021 02:08:06 GMT
GET H2	200	cookie-consent-1.json Show response expensivesurvey.online/js/dict/	4 KB 2 KB	43ms 43ms	XHR application/json	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/js/dict/cookie-consent-1.json?v=1 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e76bbe806b385849442561f6e3f5a4a33008004c3f9c35c2fcfeb099a140dcff Request headers :path /js/dict/cookie-consent-1.json?v=1 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept application/json, text/plain, */* cache-control no-cache sec-fetch-dest empty :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-11dd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZEL%2BL7YAuWgIhmDWhRg1zjGwDKm5jQa1N%2BXWkIrikNTrWApVZSrcSInoHJWzaPoGQ5ktEIOfBhatL06O07YEXf%2FTbhO3URyRlrQWWga8mBzN3gkDEAbSenJPO4CCZJrk8WRITJ8tQTmxQ2lrkZZjY9g6xI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674e6ac334401-FRA
GET H2	200	micro.tag.min.js expensivesurvey.online/pfe/current/	131 KB 34 KB	69ms 69ms	Script application/javascript	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/pfe/current/micro.tag.min.js?z=4292865&sw=/sw/sw4292865.js&var=4493500&var_3=null&ymid=1309_492&cdn=1&domain=ugyplysh.com Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /pfe/current/micro.tag.min.js?z=4292865&sw=/sw/sw4292865.js&var=4493500&var_3=null&ymid=1309_492&cdn=1&domain=ugyplysh.com pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status MISS last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-20bd9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3PLSXLrs5XUdEvJDsQotDWJq5jnbd0yGBMUvsQK7aC7duPFci39ILhN8Fki5yyDVrKfBgSRZ%2BPnceAEktonnNkge2bOZP7wx%2FZHF%2FfzJ%2BqArJ68GXAPPIjS1dV9P%2F43VdV1Driv8qBGpQn6boK1Syqc1MU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674e6bc464401-FRA
GET H2	200	track itcleffaom.com/	195 B 655 B	76ms 19ms	XHR application/json	139.45.197.237 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://itcleffaom.com/track?offer_id=2897&z=4493500&request_var=1309_492&variable2=613f5a30e98e930001b0af5c Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/survey.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.237 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-trace-id ad2963214668dda7ce0b4b6d533dc115 pragma no-cache date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://expensivesurvey.online cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding content-length 195 expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	4292526 Show response in-page-push.net/500/	1 KB 1 KB	50ms 14ms	XHR application/javascript	139.45.197.238 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.net/500/4292526?var=4493500&ymid=1309_492 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/survey.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.238 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e560fff7c05d2aa4bbed3f818e0c784b561f0ea135e79ee5d37017b482caee93 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-trace-id e178abe7399ea7ef8747fd45d2f97fb9 pragma no-cache date Tue, 19 Oct 2021 02:08:06 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Origin content-type application/javascript access-control-allow-origin https://expensivesurvey.online access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true strict-transport-security max-age=1 timing-allow-origin * expires Wed, 31 Dec 1969 19:00:00 EST
GET H2	200	en.json Show response expensivesurvey.online/js/comments/	4 KB 1 KB	40ms 39ms	XHR application/json	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://expensivesurvey.online/js/comments/en.json Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/survey.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7c2c70cfaa456cac0e5585bb38e5484496b7ebf2a42881ddbef7fa6a39cecd3 Request headers :path /js/comments/en.json pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept application/json, text/plain, */* cache-control no-cache sec-fetch-dest empty :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-11c6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyg6uvzmu1gIpxXLfSboth%2FE%2BkBAMejy1BFuCXSMBMlTMai7mmErB0S4CxHxLYQopBy1F6tLu%2FwZK69nvcgl9e%2FiQ9JxY3tvRxAeHjEBrvuxYQuVCw1Ep%2F35NYslVkUaWKpipjDU5WZD2GaRIuwZQxaA6Ug%3D"}],"group":"cf-nel","max_age":604800} content-type application/json nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674e6cc724401-FRA
GET H2	200	analytics.js www.google-analytics.com/	48 KB 20 KB	34ms 7ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Oct 2021 16:38:54 GMT server Golfe2 age 4869 date Tue, 19 Oct 2021 00:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Tue, 19 Oct 2021 02:46:57 GMT
GET H2	200	tag.js mc.yandex.ru/metrika/	189 KB 64 KB	122ms 56ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br last-modified Mon, 18 Oct 2021 18:41:17 GMT etag "616d959d-10089" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 65673 expires Tue, 19 Oct 2021 03:08:06 GMT
GET H2	200	unnamed.jpg expensivesurvey.online/img/comments/	1 KB 2 KB	23ms 21ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/unnamed.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59 Request headers :path /img/comments/unnamed.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4727 content-length 1378 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-562" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1OQuOZJPYE%2F0Ya6UAfimi%2FTSQpUPKD43RHiZWpXeCxA%2BNSjGSrfvItXFbEvOAK1GSgGXNT23lscjgrCOe6XBNSK%2BkWhDs7I6W70hQl49AQoRmJ6qyvFC%2FyB%2FAsn2Hgzz7n45%2FofmvUtSA%2BtAmj30zURPW0%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e71cba4401-FRA cf-bgj h2pri
GET H2	200	person-1.png expensivesurvey.online/img/comments/	6 KB 7 KB	23ms 20ms	Image image/png	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-1.png Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d Request headers :path /img/comments/person-1.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 1798 etag "616d95f3-19b1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1FtDXcdR0BeOuoHiGwzrxIzrFEEZN2ue7rLAG%2BWaKMPLg5M0mhqo49MkBhg6TxJyi3F%2BJBUPPbVP9t67oT9Hwn71sHrEpQ8TeHAh3J1vtLt%2FmD84yanRJA7nfQnOR9Q0rRtO%2B%2Fs7FJV7l0W8%2B72T26CHRE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6a0674e71cbd4401-FRA content-length 6577
GET H2	200	person-14.jpg expensivesurvey.online/img/comments/	5 KB 6 KB	18ms 14ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-14.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d Request headers :path /img/comments/person-14.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1688 content-length 5392 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-1510" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLqFSEdPy4Xt%2B7%2FWEaDfpFPENXiJUa7XUsa91ORT%2FNxZXi18sWGd1tDdyyY78b4dUxuAIRT8feC%2BS5XGnJQgK6Rp3CT6gKsURrRRFOCLWOMcYNJD5%2BEoeZ312n%2FJ%2F0CuNP7jZ5P4%2BEgD51SKndMZ5BpPWbU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cc14401-FRA cf-bgj h2pri
GET H2	200	person-2.png expensivesurvey.online/img/comments/	6 KB 7 KB	18ms 15ms	Image image/png	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-2.png Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5 Request headers :path /img/comments/person-2.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 1798 etag "616d95f3-191c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8%2BzK3A370hVqNiUThA7UI0r5VoJPZfGdjYj4LG3IJnDTMg%2BnduRccAJKrN5GROrjFPDKbl28n7gdtSf8qE6DDekeKR0N5yaY5koB5d%2FZ%2BNT8%2FQt8A5JmG59A51Y%2F8W9IvA4eUjk2dS8Af9JXjjMc06zIdY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6a0674e72cc24401-FRA content-length 6428
GET H2	200	person-4.jpeg expensivesurvey.online/img/comments/	3 KB 3 KB	19ms 16ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-4.jpeg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d Request headers :path /img/comments/person-4.jpeg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1688 content-length 2709 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-a95" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoAv8fx1AsvLTO2x%2BmlMw7nkWNlWoJ4wrzRI9PkX25d0fPfxvXrpfEBqeBKhGss0oaptTBtDjTVWtSW2Y50XJS0kzLaRQSwWUZPtbNT5vAXHNpkY6NnhEkHVpyfflHRYq0PlzCMBojJoBnX17pKw2pdRFzE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cc44401-FRA cf-bgj h2pri
GET H2	200	person-5.jpg expensivesurvey.online/img/comments/	4 KB 5 KB	22ms 20ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-5.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb Request headers :path /img/comments/person-5.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1688 content-length 4333 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-10ed" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUP5TVkZ5hHKqhfz5SDK0Qav7fI7DV0BnALdQ4KGTAAw9Bl8HqC%2FK3i40YJcWSbTDROZ9Hn%2FCTeTZvea5dMs5c%2F%2B2wHM%2FNkdRGaSCaOeMEOD33cYtxob2RkR%2Ba5xxpmp99QUqe%2B1OmHh1W0h%2Fr5IZIKt6T0%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cc54401-FRA cf-bgj h2pri
GET H2	200	person-6.jpg expensivesurvey.online/img/comments/	4 KB 5 KB	26ms 23ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-6.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /img/comments/person-6.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1688 content-length 4392 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-1128" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4KlntaEW7Rv%2Fn30oZvwZYsZ3sjZZVchuEQnT8MymoE2KoQczBIHRtWFTcneopDzW9Smn0UjPzhAG3GSTa82KEMERTydkcpI8QT9L32rcSjhHZ9r7uK%2BzvU6sba7DMHhqc5LbJO7f0uuAImVeVN2791%2FufQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cc74401-FRA cf-bgj h2pri
GET H2	200	person-8.jpg expensivesurvey.online/img/comments/	6 KB 6 KB	25ms 23ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-8.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /img/comments/person-8.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1688 content-length 5748 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-1674" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Mns3eQw61NPbi3CEtZCvARyAjKvKemFIIvVjEcxuJf%2FpA5wRFYI2MjNmdXOb%2BnuuH2oHd7PA5vncb3alZxXIDBE4j7fz9i2quYDegyELcuoExfuXMBR5l7VBP%2FbPUO3TVCDADXzWSUb819LeovlHlW1yaY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cc94401-FRA cf-bgj h2pri
GET H2	200	person-3.png expensivesurvey.online/img/comments/	7 KB 7 KB	19ms 18ms	Image image/png	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-3.png Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41 Request headers :path /img/comments/person-3.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 1688 etag "616d95f3-1cc8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwLPSwk2EcrOLP7ppaZzQQAKM%2FPMzf8UEXShau6JmKiXxtt5%2BAXA1xjZzjKFXNLLIo2bZZ%2BNMUOp6ZcNzDPKr5eep24x3gA4old%2FpPfEx4LxWr19XG24uZmO9K7z5wBbSCK4WSCa2wSv8BJj1AQfMLt2MRQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6a0674e72ccc4401-FRA content-length 7368
GET H2	200	person-9.jpg expensivesurvey.online/img/comments/	5 KB 5 KB	22ms 20ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-9.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cdf1b8dcdce4e9b76157ce90e086ebafb100063eaeb091e97087d97f5d0fb50b Request headers :path /img/comments/person-9.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1688 content-length 5190 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-1446" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu7fW7HkFjyHGMs281ljSvWI8eW%2BFkGT6osGULK6R6N1Tur5MKCcVWAs0uSd8UiDxFA9d49xZbpcoRo6MKeJ3JshwksUlSEa2hOM0b8eMcWfb8NhAsk4ZG7E991F7qRhfJvK1zqL1Tlzx%2BUD3P7S860LedM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cce4401-FRA cf-bgj h2pri
GET H2	200	person-10.jpg expensivesurvey.online/img/comments/	6 KB 6 KB	21ms 19ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-10.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91 Request headers :path /img/comments/person-10.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1728 content-length 6178 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-1822" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qq%2FN38iGh0dvbOyY8gtG0rliTyL02vl5MJwrX0DsO7RfKKwyTKlx2xMDdm6DUON4wrJGncqlHdGQpJ94PZghBpdxT7v7EB%2B%2F5Z9rZVolOQu%2BUFS16GEDLuMlK2LjCG7btkO9QlnyYILYFpqtSRhDB7YL10%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72ccf4401-FRA cf-bgj h2pri
GET H2	200	person-11.jpeg expensivesurvey.online/img/comments/	4 KB 4 KB	18ms 16ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-11.jpeg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950 Request headers :path /img/comments/person-11.jpeg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1688 content-length 4175 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-104f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiQMJS6Rm7UQH8wQHzVfTbFDN90Fyslt1hSBCULmXCx0pNTuRIGoOiysmIGoW4M6msTv%2Fvj%2B40xYd9Bgu9tceQTKjJY4nq%2Fnglb%2FjIZfuF4O0gyJKmlwOoX2eD3xXLF5xC3vYHUCwx5vs5bST%2FWLsGjQDQY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cd14401-FRA cf-bgj h2pri
GET H2	200	person-12.jpeg expensivesurvey.online/img/comments/	3 KB 4 KB	20ms 18ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-12.jpeg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e Request headers :path /img/comments/person-12.jpeg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4921 content-length 3519 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-dbf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qy%2FzMmc2idoV5aQH18UCvCf0W%2BT%2BA3XyJwgIypnDadOjWWlT8MMEf4RP33A4EeLnYkBIIA0%2FDIi6L%2Bf4o4WBkmFYHkyGxrsRwycGlOFsAiMjA7vHAuvcmz8O2YgE8OFSylgNN0kcAbCdTLJ6cWEvskw8CcI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cd34401-FRA cf-bgj h2pri
GET H2	200	person-13.jpg expensivesurvey.online/img/comments/	3 KB 3 KB	24ms 23ms	Image image/jpeg	2606:4700:20::681a:edc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://expensivesurvey.online/img/comments/person-13.jpg Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:edc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /img/comments/person-13.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority expensivesurvey.online :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1728 content-length 3172 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-c64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGmRxk7vKyjdKiIp9BQGl24v63IFT2QKCzza8lRyo44OOh9I2Vw8tjLdTbUTzWHeKV1PM%2B8pxdplNipeECySpDQ%2BXvN3yIDMQMZLaiqwcMRchB91ObsZhu5gtBGlQmmx%2FFEl6dKbW6GQTfoTlH2Oh1DCXKU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674e72cd44401-FRA cf-bgj h2pri
GET H2	200	IzPOD-eRXzW0sj33oxDAwUkVqGuQXtbMzsUiHX9n2IbW2chh_1Q2cNjL3Stbqg1EQK0bhj_yoWtZF-sWx0PBqaY4ZK9j9gQHhCFouQMqsumX_TSXoBf_fxAciZc8rsyWbmaoJBd--i2b8yGPWpfo-sAnSmyAeVdIlfimt9kLZ4AB6rWQXIO152blmhYFEgcKTTXoL... forflygonom.com/impression/	43 B 326 B	64ms 15ms	Image image/gif	139.45.197.238 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forflygonom.com/impression/IzPOD-eRXzW0sj33oxDAwUkVqGuQXtbMzsUiHX9n2IbW2chh_1Q2cNjL3Stbqg1EQK0bhj_yoWtZF-sWx0PBqaY4ZK9j9gQHhCFouQMqsumX_TSXoBf_fxAciZc8rsyWbmaoJBd--i2b8yGPWpfo-sAnSmyAeVdIlfimt9kLZ4AB6rWQXIO152blmhYFEgcKTTXoLi9LzjNDDsIc403x9HS1Pd1IlkQFydpM-7rKS_Y2ujWRgjWbMr2wf7TA7xi5oBobrO5WaJkwedKXJzDwEmjYq4lCBXCmtvwdAikxIiVUR2c6CXAxsHiWkqHoeX-uCxJe_WqSb8fQnZLApIk0kfrOStbvSE0hoGD2xy6yXyl93zEIHbFVj7_X_V6wHV4P8EONuIAQNqq-lCi_KQXmuVN0XYVE11Dh?_z=4292526 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.238 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-trace-id f7fa5ef6b374b135afc42ccef0ce354c pragma no-cache date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server nginx vary Origin content-type image/gif cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 strict-transport-security max-age=1 timing-allow-origin * content-length 43 expires Wed, 31 Dec 1969 19:00:00 EST
GET H2	200	tag.js tagstaticx.com/	55 KB 20 KB	50ms 19ms	Script application/javascript	2606:4700:3033::6815:1c0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tagstaticx.com/tag.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/survey.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1c0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT last-modified Tue, 12 Oct 2021 14:30:19 GMT server cloudflare age 3111 etag W/"61659bfb-da74" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzTJh8A0CKKUmpk2YX%2FQXxLFJBvU6cw7MQo9GqiQeLRAlGLWGrUUrL6Yo5Eat8r6ZD4YCCJ9ShBzxw1uZm4rksfOdLDiCJYZTRSbkb8S1Klot1WzvthLdz71YdAwQIr%2FNdIfLBv2Ic4rQ2HTyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674e79b466964-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ itweedler.com/4533056/	2 KB 2 KB	266ms 19ms	Document text/html	139.45.197.238 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://itweedler.com/4533056/?var=4493500&request_var=1309_492&var3=474147868474351662 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/js/survey.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.238 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers :method GET :authority itweedler.com :scheme https :path /4533056/?var=4493500&request_var=1309_492&var3=474147868474351662 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Tue, 19 Oct 2021 02:08:06 GMT content-type text/html; charset=utf8 x-trace-id 5879ea91dee57e23607b616f8244de6f link <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://sweepstakessurvey.org>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch" access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding access-control-max-age 86400 pragma no-cache cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 expires Tue, 11 Jan 1994 10:00:00 GMT timing-allow-origin * * set-cookie OAID=48c896d24cde40e98bbf272e22b3916e; expires=Wed, 19 Oct 2022 02:08:06 GMT; path=/; secure; SameSite=None oaidts=1634609286; expires=Wed, 19 Oct 2022 02:08:06 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip
POST H2	200	zone ugyplysh.com/	0 258 B	57ms 13ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?pub=0&zone_id=4292865&is_mobile=false&domain=expensivesurvey.online&var=4493500&ymid=1309_492&var_3=null&action=prerequest Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/pfe/current/micro.tag.min.js?z=4292865&sw=/sw/sw4292865.js&var=4493500&var_3=null&ymid=1309_492&cdn=1&domain=ugyplysh.com Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-trace-id ce7b072611f0b247b5fce530852a4034 date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-origin https://expensivesurvey.online access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
POST H2	200	collect stats.g.doubleclick.net/j/	4 B 418 B	46ms 13ms	XHR text/plain	2a00:1450:400c:c04::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-174297796-1&cid=283081018.1634609286&jid=543209436&gjid=2146464144&_gid=1396277467.1634609286&_u=YGBAgEABAAAAAE~&z=867639000 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 19 Oct 2021 02:08:06 GMT content-type text/plain access-control-allow-origin https://expensivesurvey.online cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	7ms 6ms	Image image/gif	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j93&a=386359978&t=pageview&_s=1&dl=https%3A%2F%2Fexpensivesurvey.online%2Ffinance-survey.html%3Fz%3D4493500%26offer_id%3D2897%26var%3D1309_492%26ymid%3D613f5a30e98e930001b0af5c%26utm_campaign%3D1309_492%26utm_medium%3D4493500%26utm_content%3Dzd_public_v2&ul=en-us&de=UTF-8&dt=Would%20You%20Make%20A%20Great%20Career%20Online%20And%20Become%20A%20Millionaire%20By%202022%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=543209436&gjid=2146464144&cid=283081018.1634609286&tid=UA-174297796-1&_gid=1396277467.1634609286&gtm=2wgad0NLSFF85&z=890995423 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 18 Oct 2021 08:05:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 64972 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	58ms 36ms	Fetch text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: tagstaticx.com URL: https://tagstaticx.com/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 19 Oct 2021 02:08:06 GMT content-encoding gzip x-content-type-options nosniff server cafe etag 12711124070318238879 vary Accept-Encoding, Origin p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private, max-age=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Tue, 19 Oct 2021 02:08:06 GMT
GET H2	200	gid.js my.rtmark.net/	65 B 549 B	37ms 12ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: tagstaticx.com URL: https://tagstaticx.com/tag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:07:58 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://expensivesurvey.online access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H/1.1	200 OK	pix.jpg tagdataxrt.com/	0 0	80ms 17ms	Fetch image/jpeg	37.48.68.71 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://tagdataxrt.com/pix.jpg?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a Requested by Host: tagstaticx.com URL: https://tagstaticx.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx/1.19.10 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 19 Oct 2021 02:08:06 GMT Server nginx/1.19.10 Etag 7b5ed1cf-3838-400f-9b55-d6c10413ab58 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type image/jpeg Access-Control-Allow-Origin https://expensivesurvey.online Access-Control-Expose-Headers ETag Cache-Control private, must-revalidate, proxy-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 28
GET H/1.1	200 OK	version.js tagdataxrt.com/	57 B 0	80ms 15ms	Script application/javascript	37.48.68.71 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://tagdataxrt.com/version.js?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a Requested by Host: tagstaticx.com URL: https://tagstaticx.com/tag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx/1.19.10 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 19 Oct 2021 02:08:06 GMT Cache-Control private, max-age=63072000 Server nginx/1.19.10 Connection keep-alive Content-Length 57 Content-Type application/javascript
GET H2	200	googlelogo_color_120x44dp.png www.google.com/images/branding/googlelogo/2x/	5 KB 5 KB	47ms 24ms	Image image/png	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:30:00 GMT server sffe report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control private, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5087 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 19 Oct 2021 02:08:06 GMT
GET H2	200	googlelogo_color_272x92dp.png www.google.com/images/branding/googlelogo/1x/	6 KB 6 KB	41ms 19ms	Image image/png	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:30:00 GMT server sffe report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control private, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5969 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 19 Oct 2021 02:08:06 GMT
GET H2	200	googlelogo_color_272x92dp.png www.google.com/images/branding/googlelogo/2x/	13 KB 13 KB	41ms 20ms	Image image/png	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:30:00 GMT server sffe report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control private, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13504 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 19 Oct 2021 02:08:06 GMT
GET H2	200	googlelogo_color_160x56dp.png www.google.com/images/branding/googlelogo/2x/	7 KB 7 KB	47ms 25ms	Image image/png	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:30:00 GMT server sffe report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control private, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7048 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 19 Oct 2021 02:08:06 GMT
GET H2	200	googlelogo_color_90x40dp.png www.google.com/images/branding/googlelogo/2x/	4 KB 4 KB	49ms 27ms	Image image/png	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:30:00 GMT server sffe report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control private, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3934 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 19 Oct 2021 02:08:06 GMT
OPTIONS H/1.1	200 OK	add tagdataxrt.com/ir/	0 0	76ms 15ms	Preflight	37.48.68.71 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://tagdataxrt.com/ir/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a Protocol HTTP/1.1 Server 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx/1.19.10 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://expensivesurvey.online User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx/1.19.10 Date Tue, 19 Oct 2021 02:08:06 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://expensivesurvey.online Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials true
POST		add tagdataxrt.com/ir/	0 0
GET H2	200	gid.js my.rtmark.net/	65 B 548 B	13ms 12ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4292865&checkDuplicate=true&ymid=1309_492&var=4493500 Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/pfe/current/micro.tag.min.js?z=4292865&sw=/sw/sw4292865.js&var=4493500&var_3=null&ymid=1309_492&cdn=1&domain=ugyplysh.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://expensivesurvey.online access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	0 0	77ms 14ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?pub=0&zone_id=4292865&is_mobile=false&domain=expensivesurvey.online&var=4493500&ymid=1309_492&var_3=null&action=settings Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/pfe/current/micro.tag.min.js?z=4292865&sw=/sw/sw4292865.js&var=4493500&var_3=null&ymid=1309_492&cdn=1&domain=ugyplysh.com Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-trace-id 9eb373257b155805aae8f49b87c35f9c date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 content-type application/json; charset=utf-8 access-control-allow-origin https://expensivesurvey.online access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 736
GET H2	200	ga-audiences www.google.com/ads/	42 B 293 B	42ms 28ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-174297796-1&cid=283081018.1634609286&jid=543209436&_u=YGBAgEABAAAAAE~&z=985699049 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 522 B	39ms 17ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-174297796-1&cid=283081018.1634609286&jid=543209436&_u=YGBAgEABAAAAAE~&z=985699049 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tag.js mc.yandex.ru/metrika/	189 KB 64 KB	34ms 34ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: expensivesurvey.online URL: https://expensivesurvey.online/finance-survey.html?z=4493500&offer_id=2897&var=1309_492&ymid=613f5a30e98e930001b0af5c&utm_campaign=1309_492&utm_medium=4493500&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br last-modified Mon, 18 Oct 2021 18:41:17 GMT etag "616d959d-10089" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 65673 expires Tue, 19 Oct 2021 03:08:06 GMT
GET		sync_cookie_image_check mc.yandex.com/	0 0
GET		advert.gif mc.yandex.com/metrika/	0 0
OPTIONS H/1.1	200 OK	etag tagdataxrt.com/	0 0	12ms 12ms	Preflight	37.48.68.71 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://tagdataxrt.com/etag?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a Protocol HTTP/1.1 Server 37.48.68.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx/1.19.10 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://expensivesurvey.online User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx/1.19.10 Date Tue, 19 Oct 2021 02:08:06 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://expensivesurvey.online Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials true
POST		vb propeller-tracking.com/	0 0
POST		etag tagdataxrt.com/	0 0
POST H2	200	img.gif my.rtmark.net/	43 B 504 B	13ms 13ms	Ping image/gif	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/img.gif?f=merge&userId=48c896d24cde40e98bbf272e22b3916e Requested by Host: itweedler.com URL: https://itweedler.com/4533056/?var=4493500&request_var=1309_492&var3=474147868474351662 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 19 Oct 2021 02:08:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/gif access-control-allow-origin https://itweedler.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 43
GET H2	200	Primary Request sweep.html Show response sweepstakessurvey.org/	5 KB 2 KB	312ms 48ms	Document text/html	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Requested by Host: itweedler.com URL: https://itweedler.com/4533056/?var=4493500&request_var=1309_492&var3=474147868474351662 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49ea263f6631a4e77a422f737bc3a3f2781eeff7aac04dac30189a7da14a0df8 Request headers :method GET :authority sweepstakessurvey.org :scheme https :path /sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-type text/html last-modified Mon, 18 Oct 2021 15:42:43 GMT vary Accept-Encoding cache-control max-age=1800 cf-cache-status MISS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3oPPx%2FDPR19f3%2BFN8Q4jz3ltfNeQZbqRA3MbvwyHv9uabOWL9qEHhWF8mNKYkUmEkA%2BZcEL%2Flws7pWQlj6gGcJ1aCDFgQupfsyqgrNO0RXGIZpoUDmaB4L8OuXWVoN8a7YyIStLQB931G56Y2B1DVfjEQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a0674eb0be55cb0-FRA content-encoding br
GET H2	200	fv.js Show response propeller-tracking.com/	5 KB 3 KB	13ms 12ms	Script text/javascript	139.45.197.240 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://propeller-tracking.com/fv.js?t=82892&cb=12724596 Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.240 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:07:58 GMT content-encoding gzip x-content-type-options nosniff x-trace-id d644246c313f10a69100cf33f2971ed0 pragma no-cache server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/javascript; charset=utf8 access-control-allow-origin access-control-expose-headers Authorization cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	rtc.js Show response sweepstakessurvey.org/js/data/	11 KB 5 KB	14ms 13ms	Script application/javascript	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/js/data/rtc.js Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0 Request headers :path /js/data/rtc.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6669 cf-polished origSize=15077 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-3ae5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3837%2FOVWTKQo7ssZNwed61SBVFJYuNHkNxc%2FlBZqMD9tsyLT47y0Scj9aSr2S6YcZo8hx70uP4oHxgeXLFkwN6NzgFKz9au600UxunY5QCFem4vUPMoYANT5qnbo5xv8uIyg6CVbIwsvQT7CNwjLCgPxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6a0674eb7c575cb0-FRA cf-bgj minify
GET H2	200	config.js Show response sweepstakessurvey.org/js/	61 KB 19 KB	22ms 21ms	Script application/javascript	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/js/config.js Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40528342d9aad607efcd0f6c79b6e0d83722686c49b52675d2aaef948dddc103 Request headers :path /js/config.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 6669 etag W/"616d95f3-f5b9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuViMLprzqfpk2fyOpmiicsaeceQ3LoOOtTwnPRxCxhrwFoqB6rrznnovsyq51hit20NSYRG1E7N8TSfkioJs67oTiuLqg%2BF6mO6I1zUFih4uOxu603t8ZhLKwnEJxvM%2BaA7VIbbltwE3202uouX6jm%2FbA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674eb7c5a5cb0-FRA cf-bgj minify
GET H2	200	survey.css sweepstakessurvey.org/css/	19 KB 5 KB	16ms 16ms	Stylesheet text/css	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/css/survey.css Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46e82abefb7f047ffecd1a09b10868ae7f49272fb06bf2013559afd325bd75f5 Request headers :path /css/survey.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6669 cf-polished origSize=19903 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-4dbf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwyoDXPexkggMAMCEd3OLL2GosnEgEIDTKG2ebZYILi%2FFFX%2Fo9MPndE0wJ2mySpFiyUdvpy9NLmKmuspcQEhW4rb06DljGZN%2BeyRW%2B02GxiYRLUO%2FEnbJr7MkM5Fk28tcF8D7Kix%2B1JHLvkhcIPXF1q35w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6a0674eb7c5c5cb0-FRA cf-bgj minify
GET H2	200	sweep.css sweepstakessurvey.org/css/	8 KB 2 KB	17ms 17ms	Stylesheet text/css	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/css/sweep.css Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85d24acd503fccbf47e3ce8a567cac7f9dca11e78ae1344e85d8d817b9300cc4 Request headers :path /css/sweep.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6669 cf-polished origSize=7884 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-1ecc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmcRRg0TEl5M2RQIWr6YHC7b8rraby0bf8g2YxLC3Li8bJeMtw1UEUGn60GJH2SDFaeA627g8PKIATACRKgNw2ahz7TRvbzceP9pZnVo%2BYrisvB3FJAxq%2Fw2uQ%2BSfY6Df32pyqoCA4WeSP51jLDdTCO1ww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6a0674eb7c5e5cb0-FRA cf-bgj minify
GET H2	200	box_c.png sweepstakessurvey.org/img/sweep/	4 KB 4 KB	15ms 15ms	Image image/png	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/sweep/box_c.png Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cff9cd1c5becb5c7fc4332898e6e98066be2e9f389abc54db50836d660a03809 Request headers :path /img/sweep/box_c.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 5970 etag "616d95f3-ef0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEmpa3nIk7zUBJHpDB6CWRMBI1lT%2BxLonSJ7cnh1fHSbXmZmnRT2O1Rq%2Bt2RlQJ10B%2BrOsIMqR95mBffWYxVsJDHSau9EwF0y6nKwmzmU%2FWBKvRG5CQInIQucleFkvKzuTvaADagHVm%2BuXQ1Jw1UbVOmqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6a0674ebbca95cb0-FRA content-length 3824
GET H2	200	survey.js Show response sweepstakessurvey.org/js/	273 KB 85 KB	20ms 20ms	Script application/javascript	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/js/survey.js Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3affea23599e52b0e73d8f71a35aa360d91ddea761519c7ac24e0828b1f54f1 Request headers :path /js/survey.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6452 cf-polished origSize=279119 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-4424f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHqVgPwJnj%2FrbbK36Yz8laeACvyp7T8%2FPuI%2B5YuEno4mMrs4wNbDW1AcczZ1C8WtGhOE6dRfEgGS5ElJBJGYqLCKXEPrMcLKUYf70bnCW1XBZJ5%2Bc8FXqZh0OH2bCQ0DaHJ0vOW8ElPmZXSkWSLP5Y8myA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6a0674eb9c845cb0-FRA cf-bgj minify
GET H2	200	sweep.js Show response sweepstakessurvey.org/js/	2 KB 844 B	22ms 21ms	Script application/javascript	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/js/sweep.js Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34b85cd1b30b56624555b19f2091ce88f865af29882cba4b763516a89fbd7aa0 Request headers :path /js/sweep.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:06 GMT content-encoding br cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 6451 etag W/"616d95f3-617" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SOI4w8nRdtfSr7I8FNhB4ViKJsRRkQ3trxiuP8Lg4HOJaDoIoyHGXYkz9%2BWCtY24NUjyBWDP5eE5S1ep13%2FXcAwuVThuR%2BChBM7kGAhKPYMEvSxAnaqT4N2dUMuqlRefL2DI6TVV4LPjE29KG7rgzKYag%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674ebac995cb0-FRA cf-bgj minify
GET H2	204	vctx Show response propeller-tracking.com/	0 496 B	12ms 12ms	XHR text/plain	139.45.197.240 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://propeller-tracking.com/vctx?t=82892 Requested by Host: propeller-tracking.com URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.240 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-trace-id 8159fcacbdb1486884d7759abd4f9a27 pragma no-cache date Tue, 19 Oct 2021 02:07:58 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://sweepstakessurvey.org access-control-expose-headers Authorization cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	sd-999901.js Show response sweepstakessurvey.org/js/data/	4 KB 2 KB	17ms 17ms	Script application/javascript	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/js/data/sd-999901.js Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/js/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7d6f3f5f3e6052d69d3a32d218da607bc1eae6c633ff1481c5ca2c6f52e1718 Request headers :path /js/data/sd-999901.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2609 cf-polished origSize=7502 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-1d4e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWp7ozeRwSUEZx1Ba5udFaOc5DTIVwl407VoGei%2Bza9mRvkrHkM9pIBHoYphk0ZZ8esVuKMfNEXr7NLM6D7MLjnRSH3pNBOKHUZ5AQ2k2QWt7jd%2B516i8iuf2ToSFis2wyHvmnVNHzXaUJ6HdradAu4h2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6a0674ebbcab5cb0-FRA cf-bgj minify
POST H2	204	vbl propeller-tracking.com/	0 496 B	13ms 12ms	Ping text/plain	139.45.197.240 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://propeller-tracking.com/vbl?t=82892&bid=undefined&aid=undefined Requested by Host: propeller-tracking.com URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.240 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-trace-id 847e1ddbe1fcee03f894c8796a9e4eae pragma no-cache date Tue, 19 Oct 2021 02:07:58 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://sweepstakessurvey.org access-control-expose-headers Authorization cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 547 B	12ms 12ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/js/survey.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 5fee89917af8e06455bb2305ac0b7ddcb06d56196664722f1c5b387c584a51ed Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://sweepstakessurvey.org access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	189 KB 64 KB	35ms 35ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT content-encoding br last-modified Mon, 18 Oct 2021 18:41:17 GMT etag "616d959d-10089" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 65673 expires Tue, 19 Oct 2021 03:08:07 GMT
GET H2	200	cookie-consent-1.json Show response sweepstakessurvey.org/js/dict/	4 KB 2 KB	46ms 46ms	XHR application/json	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/js/dict/cookie-consent-1.json?v=1 Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/js/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e76bbe806b385849442561f6e3f5a4a33008004c3f9c35c2fcfeb099a140dcff Request headers :path /js/dict/cookie-consent-1.json?v=1 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept application/json, text/plain, */* cache-control no-cache sec-fetch-dest empty :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-11dd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udZ2Ui7YH2fJLhzNTj6ftx6CVk%2Bwi6IRRxzDjDHpDGMBG9mtUP1dmg6117Yb1wsZiSvI%2F%2BDQDGBZmpx6NNU4I6t80Uub4PnU8NEiHTkOwCRauScsYRsfrAEZw%2Bb81kgghW5IFCByndvtJQUqmfnvsIecpw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674ebfd0f5cb0-FRA
GET H2	200	tokens10k.png sweepstakessurvey.org/img/sweep/	65 KB 65 KB	17ms 16ms	Image image/png	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/sweep/tokens10k.png Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cb3f101f3327f07baf3bcd509372a6058d871da12ae0661771a5c7c339fff36 Request headers :path /img/sweep/tokens10k.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare age 6911 etag "616d95f3-1043e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HO2lit6OFU2sayCBYotrEvrFLhkpsZt14tWpy5zmmOYi%2B8EWr6jMzGOLcpoqJxI6z8P4KCliTnjbuqotqVL6QzkJrsbHmMkuETyl74OUPTy3NuRA11gARopRr3ChmNTI9ZwGr8ZTy7%2BgmKkW91reNwczzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6a0674ec0d2b5cb0-FRA content-length 66622
GET H2	200	en-sweep.json Show response sweepstakessurvey.org/js/comments/	5 KB 1 KB	41ms 41ms	XHR application/json	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sweepstakessurvey.org/js/comments/en-sweep.json Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/js/survey.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b799b20264b97b575e4c6cd9aa8dbc1723fc9de24f6ba796e4afb8c41909d42 Request headers :path /js/comments/en-sweep.json pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept application/json, text/plain, */* cache-control no-cache sec-fetch-dest empty :authority sweepstakessurvey.org :scheme https sec-fetch-site same-origin :method GET Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag W/"616d95f3-12fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zW07gU%2BLkdQT41kGnhobe1u5Av5%2FpZ0i9fAVygxC6jLDL8HOpaUTKqibBBspgrKIwPOYeMwpGhtG%2BDR6Mnfs4eEHuXOUze2wS0cvMn2q4yOyecCv4D9aDAlRqVZQI2WHEvskiMIvXQ3B3aGJZ2Rnm2VoZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a0674ec0d315cb0-FRA
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check?t=ti(4) https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9430.tJF6H6o8NbBPdq8EbbFAdX1-1Z0O-S8xYpHx6cWLdfr7RDAD8E4r-8I61TnS6YZq.kXqW-RLrxBMOFFkYEvrEKpmz8AY%2C https://mc.yandex.com/sync_cookie_image_decide?token=9430.XEtRuaFX-DcUZ2837Sl3VNzrIAXOIMbixRL6EBH18hC4b3TzlyrJ0xYlNpPrElXueTVvQJlIyfe0tHDQzNhtow%2C%2C.gfOIvS2iMWWiH7cguNFbM5wpE9g%2C	75 B 75 B	31ms 31ms	Image text/html	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9430.XEtRuaFX-DcUZ2837Sl3VNzrIAXOIMbixRL6EBH18hC4b3TzlyrJ0xYlNpPrElXueTVvQJlIyfe0tHDQzNhtow%2C%2C.gfOIvS2iMWWiH7cguNFbM5wpE9g%2C Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9430.XEtRuaFX-DcUZ2837Sl3VNzrIAXOIMbixRL6EBH18hC4b3TzlyrJ0xYlNpPrElXueTVvQJlIyfe0tHDQzNhtow%2C%2C.gfOIvS2iMWWiH7cguNFbM5wpE9g%2C date Tue, 19 Oct 2021 02:08:07 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 72 B	33ms 33ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif?t=ti(4) Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT last-modified Mon, 18 Oct 2021 18:41:17 GMT etag "616d959d-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 19 Oct 2021 03:08:07 GMT
GET H2	200	unnamed.jpg sweepstakessurvey.org/img/comments/	1 KB 2 KB	14ms 11ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/unnamed.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59 Request headers :path /img/comments/unnamed.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 1378 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-562" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FA7ZhwclapbJMVIookmW7vqQvjax8ZPGYJgIV5uWuKy6xfBAMF4HSTI%2B0dBHqOFybs4pVspMxNoKqJoakGL51yJ%2F49ZgdOoRBAJFBpX%2BV4B%2BkJLewlwRxhdb%2FkjfIWHvCCJ3HfYvsE7pqmd7j%2F8IRO2lvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec7dac5cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-1.jpg sweepstakessurvey.org/img/comments/	4 KB 4 KB	16ms 10ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-1.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a106ad9f340c7bafdd365ea1ad24b9336c304b1e72653eb58e84b5604471030 Request headers :path /img/comments/person-sweep-1.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 3900 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-f3c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=621D2uttKDUQjDpNamrfPr2Ye9TnD1gHtVvqI%2Fyp%2FebejUcNJx7C2qjEgJj%2B6x9wYhJlRQzs71zL31VtG9wRtgIlS2rUQAQmvLhyd%2BMHvBEtwGUaG0T4pG72N%2BIreAilWDutADMVzFLDYPub3aqFqbCu9w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec7db35cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-2.jpg sweepstakessurvey.org/img/comments/	1 KB 1 KB	15ms 10ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-2.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c39b4bfbcc6aa147547ca922c4f80350b48dbfa59cbd5176f44373e3b20f3567 Request headers :path /img/comments/person-sweep-2.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 1042 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-412" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FcADnhDbIyhXO1x3W9aud%2FZA9V7SB0z4KljSShERzi4Ou%2FB00tq6%2BSWWGBFtxlZJ0mETE4xY0CS3Qknhr8HhrBvcKXmbUkTm5S3V8ZKZEXWRZdupXn%2Bg7llYKNxnmUPQZQgCHgojitoSceBvH02k1w4gQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec7db45cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-3.jpg sweepstakessurvey.org/img/comments/	1 KB 1 KB	16ms 10ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-3.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5d70c3abf95aecc84bcc1b1f9fc25848e690852071169bf57522fd671550291 Request headers :path /img/comments/person-sweep-3.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 1063 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-427" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7ESrgD8I4IinOJTNe%2BqsI56MQ7M5O2rLvwboZDi%2FFYtaApui8wRMRPmMJ9%2BJZNLVc86HDoI%2FdAy7MCHHZR7OOB%2FdXOLc8JIc%2BTiUAX5L5sKzYcsdN4CJRvGBKOY9YfZT9TQ%2B67iM7IU2F6CD35O8X98sw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec7db85cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-4.jpg sweepstakessurvey.org/img/comments/	4 KB 4 KB	19ms 14ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-4.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0038f9d5f6fe1ce8fe1bf1cc7256f05e16c11d27041739c55918b823744753c Request headers :path /img/comments/person-sweep-4.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 3694 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-e6e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpUAzbODdKxRqwVs%2B%2BjQpf2TwyYy3T62Pi1ZbDrS6sz7HLQ7DmUmQ8kJcCNErwYiierIrqUPd3l6TFzGkRtvaBcmqZ1btPiY0JbkQXotw1%2F7s8GLHi0deEYx8EzX8IevSnkJlzC5AF24lUIFes6V86AkGA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec7db95cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-5.jpg sweepstakessurvey.org/img/comments/	3 KB 4 KB	29ms 24ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-5.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64e47fb0b1dc439d03463c15a7977d88988a4d3f7d563e3d772cc9ca8d41e414 Request headers :path /img/comments/person-sweep-5.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 3268 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-cc4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4LPgL7jpL5slnisGO%2FZgM%2FQioYaSwm1cfUjxNZcwPxotyxBMrX5klLzR9ZMN%2FaYTacwzAThbfaKqGWDd0L1pHyUJ86bt%2FjxBUO4F4Aa1ej5aB6M70xukIYX6fUFtnxVmk5%2BonRW0OJTpcO3SHgTDt1K5Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec7dba5cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-6.jpg sweepstakessurvey.org/img/comments/	10 KB 11 KB	22ms 17ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-6.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92aaaee44b9c6f7f69cd778106927274a9c6f0fec665555be6b020d220207fb6 Request headers :path /img/comments/person-sweep-6.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 10400 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-28a0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGPPHIcyqnDY%2FjK%2FYBTdpnLfDwdMp7CnAmXn%2BpCveJ%2B3x6ZizMlfJV%2Fcev1uh9n1Hb%2F29jR03F%2FyAx2cE%2FBZRLsPG91CmtMNMpbsJiahGq9LnZs4QeyLyiywldj0BoTZ9rxbkzGFjbiCml4VDHgjOB9pDQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dbb5cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-7.jpg sweepstakessurvey.org/img/comments/	11 KB 11 KB	20ms 16ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-7.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5afe11e79d5ce7715f2dd2a291c3841d7abc1a62ac89002214f9562f6f58865b Request headers :path /img/comments/person-sweep-7.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 10884 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-2a84" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rq4KCdk5LTzSUlBlb9RCdIf5%2Bg2DLSs1ksGunLqGlLh%2BjJzvpR0DiowhiOccdN1TqilV7HF93qAIrkwXmhWo8EIF%2BsSZ4t6adNSRDcABbXhJj7PqK7MiM71kPAqllzF%2FCkVB3%2BqS8VhKzuaypVRmRrEkQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dbc5cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-8.jpg sweepstakessurvey.org/img/comments/	1 KB 1 KB	21ms 17ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-8.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed7ea3a5c85d0ba010c783b9599441ba28fb4333cf1ef534f6ec07b5d81e7fd8 Request headers :path /img/comments/person-sweep-8.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6718 content-length 1182 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-49e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0l93hMMsxM8RphjPYZdfeT0s8uLMbwF1cRcK%2BhZl2lxHPldyXrV%2B3q1AA3W%2BDmwpPYLaj73ViAxnAKoYjJh9ze5ZtmBu5AVbJid0DuGe6xYBiqgxZwXmczw0vq4DURSbu9W9Gil0d1HoBJIYjgiENm17A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dbd5cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-9.jpg sweepstakessurvey.org/img/comments/	12 KB 12 KB	20ms 16ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-9.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccfcb58ee86d9df13807286e232dd153f04c84527fd80d5efc2212157cb6386e Request headers :path /img/comments/person-sweep-9.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6309 content-length 11871 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-2e5f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfiPyeNjh52qrGdfwPLItmVvejsWPPe8WiHpSFf6%2BgbB1tsbL9kNGiQRr6mhJ6BD3E%2BHpkZ2a8IQoyenR5CnaRgyBun3Cbe4eWjgf%2BfvzZoblc2GRdn9wrYHFfPh2wl%2FznsIsM7%2BFzBwRxAqZC46d5sXMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dbe5cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-10.jpg sweepstakessurvey.org/img/comments/	11 KB 11 KB	26ms 22ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-10.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 271e2dabe37ae76b27d28edfeaf49c9a4135f62dd24a3c0ff3387ea9354841f1 Request headers :path /img/comments/person-sweep-10.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6309 content-length 10828 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-2a4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4v7LpFGAlU4TQiQHbRF6SGBijNxQb42ftMaGHm0LYUw2WGiLxwWp4AJnlH%2BwKIJPHxXBRxmNRC%2Bx2v2dSCBw%2BMRMdmNE%2FujtwQpzCjlkMVm%2BsICK4AY3YhbPDaXcvHXmgbNVgOq%2F4bKXPIBSLD1mfFv%2BHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dc35cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-11.jpg sweepstakessurvey.org/img/comments/	10 KB 11 KB	22ms 18ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-11.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d020381e094ab0ae1556c751f9c4af6498cf12989cd9c3605ca91b856cb5951 Request headers :path /img/comments/person-sweep-11.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6308 content-length 10636 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-298c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fF4fqC6lgqKigFXWkVjy2C6MepQzwBfvvoyPIOt2mUynpyE9Q8jKb7DOly3SnNmZW5XL1%2FA38wPdQmy%2BfEDuzjeLSMKZUVDWvD5Yt1mt3LQ7YZSRERUvEwZNN7fYbq%2F4cyyC9KSiNsag8RI1sqKD3csw6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dc55cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-12.jpg sweepstakessurvey.org/img/comments/	11 KB 11 KB	23ms 19ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-12.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65e9048c6b09381baa8056de19ad758b2a302dbbc3fb1cdb509e414ed73c69b8 Request headers :path /img/comments/person-sweep-12.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6307 content-length 11188 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-2bb4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eIUP5q%2FF4DW3HXd5K%2FoCdOlRS%2B7W%2F%2BfcSojQkoSJOzLgExtF8V5XmKwJBW%2BbJJkyylbUU8YWzy16XlwwSkgUVYfcfYW%2B%2BLhqg9DUNEuQfSubdUGBLTP0Boako9d2l%2FXQiqkbfoooSq4buNML1hyjcuH%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dc65cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-13.jpg sweepstakessurvey.org/img/comments/	1 KB 1 KB	28ms 25ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-13.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f442be1fc6ab7aa64035207cedeff057625371b7a58d551fda451acee6b4f58 Request headers :path /img/comments/person-sweep-13.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6307 content-length 1110 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-456" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv8cpYJSthIbH1gWgJWIZVu4r6z7DakfquYmMPzLLlwj%2FWaZOYP7K4WJc0dJDKCZ50RLBCzpQuRWVND3KI%2BBYMPJHDCrF3bRsF1EPGGTIMiicdM2CKd5HyYSvuysvuiAiHBRRfVBBo3POS1WZWBjAtIdTw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dc85cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-14.jpg sweepstakessurvey.org/img/comments/	1 KB 1 KB	24ms 21ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-14.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 174659ceb240363f2d31a6fd392f108ad714a592b0dc3192d1051c42237bf8b8 Request headers :path /img/comments/person-sweep-14.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2250 content-length 1146 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-47a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BelXp8%2FlOCfZUQfU7cPZD3KsrtSEOWHQffDDgZRNrVj7Ls9J74qpzM1EfIS8S6VLxOcjqibK5Clx0kJwyceruA%2Bv%2F4YV05D85Q134x%2BN0dbv4VCl6cyV0j5LO5KZ0rl%2FNMKfVO2XxnPXOZqLvdhayMwUaQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dc95cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-15.jpg sweepstakessurvey.org/img/comments/	1 KB 1 KB	25ms 23ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-15.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f739552ded4074fa25475c5a5ed9c49dc0a769e791e9916b5d8bcbc044f8818a Request headers :path /img/comments/person-sweep-15.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6910 content-length 1067 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-42b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vh9mSl%2FwK8xv%2FSMH%2B8a8dHGAt2VFtWj0XJHm7K3rlbFYy1tTMXuVo56UnquMQljMGI3YNb3Yl8VqbbbtWMMoNHYMAx0JxeyHnTDOpB8qYdRCaxjAWnwDq5r6IJeuORitQv%2FfKm06xK6La5YSOrUE6uJKmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dcc5cb0-FRA cf-bgj h2pri
GET H2	200	person-sweep-16.jpg sweepstakessurvey.org/img/comments/	1 KB 2 KB	27ms 25ms	Image image/jpeg	2606:4700:20::681a:fd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sweepstakessurvey.org/img/comments/person-sweep-16.jpg Requested by Host: sweepstakessurvey.org URL: https://sweepstakessurvey.org/sweep.html?survey_id=999901&comments=en-sweep&geo=DE&oaid=48c896d24cde40e98bbf272e22b3916e&s=474148312870843008&z=4533056&b=10037337&var=4493500&campaignid=4634920&utm_campaign=4493500&utm_medium=4533056&utm_source=zd_4634920&utm_term=10037337&utm_content=zd_public_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15f660e8aec56d65e9da4efcd552984e5a623c25b8484c3efbdfa7567bdab17d Request headers :path /img/comments/person-sweep-16.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority sweepstakessurvey.org cookie _ym_uid=1634609287276263283; _ym_d=1634609287 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 02:08:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6910 content-length 1208 last-modified Mon, 18 Oct 2021 15:42:43 GMT server cloudflare etag "616d95f3-4b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wd%2BS0KU8PG3G3L8WOeV%2B6naYeE6QeYc8n94hHN4HQ2oG5VkzFrcEAcntJpeq5xSbKXO8qCcKsq%2FDa7E0HjIf3ad1dV20EIANP%2BV%2BA%2FRHre0RO8jftet25qkdNsnM7GY8JPubRJoUGcTH1K5hfVpEds9MUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6a0674ec8dcd5cb0-FRA cf-bgj h2pri
GET H2	200	1 Show response mc.yandex.com/watch/66423859/ Redirect Chain https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b3916... https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b39...	331 B 413 B	33ms 32ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b3916e%26s%3D474148312870843008%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A376%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1122123323183%3Ahid%3A989489863%3Az%3A0%3Ai%3A202101019020807%3Aet%3A1634609287%3Ac%3A1%3Arn%3A331354374%3Arqn%3A1%3Au%3A1634609287276263283%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634609286623%3Ads%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C90%2C2%2C%2C%2C%2C408%3Adsn%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C93%2C2%2C%2C%2C%2C408%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634609287%3At%3ADear%20user&t=gdpr%2814%29ti%282%29 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash b706952b04e72372f95843e0e34d18352a007d2cfc374384040ee232758ba0c6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 19 Oct 2021 02:08:07 GMT x-content-type-options nosniff last-modified Tue, 19-Oct-2021 02:08:07 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://sweepstakessurvey.org cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 331 x-xss-protection 1; mode=block expires Tue, 19-Oct-2021 02:08:07 GMT Redirect headers pragma no-cache date Tue, 19 Oct 2021 02:08:07 GMT last-modified Tue, 19-Oct-2021 02:08:07 GMT location /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b3916e%26s%3D474148312870843008%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A376%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1122123323183%3Ahid%3A989489863%3Az%3A0%3Ai%3A202101019020807%3Aet%3A1634609287%3Ac%3A1%3Arn%3A331354374%3Arqn%3A1%3Au%3A1634609287276263283%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634609286623%3Ads%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C90%2C2%2C%2C%2C%2C408%3Adsn%3A242%2C21%2C49%2C0%2C2%2C0%2C%2C93%2C2%2C%2C%2C%2C408%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634609287%3At%3ADear%20user&t=gdpr%2814%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://sweepstakessurvey.org cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 19-Oct-2021 02:08:07 GMT
POST H2	200	1 Show response mc.yandex.com/watch/66423859/	43 B 73 B	33ms 33ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonUnique&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b3916e%26s%3D474148312870843008%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A1%3Als%3A1122123323183%3Ahid%3A989489863%3Az%3A0%3Ai%3A202101019020807%3Aet%3A1634609287%3Ac%3A1%3Arn%3A670195783%3Arqn%3A2%3Au%3A1634609287276263283%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634609286623%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C592%2C592%2C0%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C592%2C592%2C0%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634609287%3At%3ADear%20user&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 19 Oct 2021 02:08:07 GMT last-modified Tue, 19-Oct-2021 02:08:07 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://sweepstakessurvey.org cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 19-Oct-2021 02:08:07 GMT
POST H2	200	1 Show response mc.yandex.com/watch/66423859/	43 B 73 B	34ms 33ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fsweepstakessurvey.org%2FonStepChange&page-ref=https%3A%2F%2Fsweepstakessurvey.org%2Fsweep.html%3Fsurvey_id%3D999901%26comments%3Den-sweep%26geo%3DDE%26oaid%3D48c896d24cde40e98bbf272e22b3916e%26s%3D474148312870843008%26z%3D4533056%26b%3D10037337%26var%3D4493500%26campaignid%3D4634920%26utm_campaign%3D4493500%26utm_medium%3D4533056%26utm_source%3Dzd_4634920%26utm_term%3D10037337%26utm_content%3Dzd_public_v2&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A1%3Als%3A1122123323183%3Ahid%3A989489863%3Az%3A0%3Ai%3A202101019020807%3Aet%3A1634609287%3Ac%3A1%3Arn%3A747567042%3Arqn%3A3%3Au%3A1634609287276263283%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634609286623%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634609287%3At%3ADear%20user&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 19 Oct 2021 02:08:07 GMT last-modified Tue, 19-Oct-2021 02:08:07 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://sweepstakessurvey.org cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 19-Oct-2021 02:08:07 GMT
POST H2	204	vbri propeller-tracking.com/	0 496 B	13ms 13ms	Ping text/plain	139.45.197.240 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://propeller-tracking.com/vbri?t=82892&bid=undefined&aid=undefined&tp=2371.9000000953674 Requested by Host: propeller-tracking.com URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.240 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-trace-id a1ac073a746ee65e634c49d36304c725 pragma no-cache date Tue, 19 Oct 2021 02:08:00 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://sweepstakessurvey.org access-control-expose-headers Authorization cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token expires Tue, 11 Jan 1994 10:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tagdataxrt.com

URL

https://tagdataxrt.com/ir/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

Domain

mc.yandex.com

URL

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)

Domain

mc.yandex.com

URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Domain

propeller-tracking.com

URL

https://propeller-tracking.com/vb?t=82892&bid=undefined&aid=undefined&tp=1145.8000001907349

Domain

tagdataxrt.com

URL

https://tagdataxrt.com/etag?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a