surveys.uso.org Open in urlscan Pro
3.231.120.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.e.uso.org/els/v2/8PN4hE2ZejMr/dW1zUEUyUkVmNWtDM2ZqQWdaTmNiYmdYN3dRTk5ydndNSnpsOE5xeVlVRjhoOCtWeDNEUjhQdXNW...
Effective URL:
https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&c...
Submission Tags: falconsandbox
Submission: On June 05 via api (June 5th 2024, 1:54:00 am UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 13 domains to perform 58 HTTP transactions. The main IP is 3.231.120.42, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is surveys.uso.org.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 13th 2023. Valid for: a year.

This is the only time surveys.uso.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.138.36.56 108.138.36.56	16509 (AMAZON-02) (AMAZON-02)
7	3.231.120.42 3.231.120.42	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	52.216.250.92 52.216.250.92	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1	18.173.154.14 18.173.154.14	16509 (AMAZON-02) (AMAZON-02)
4	52.58.95.0 52.58.95.0	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 1	34.211.125.229 34.211.125.229	16509 (AMAZON-02) (AMAZON-02)
1	35.162.129.226 35.162.129.226	16509 (AMAZON-02) (AMAZON-02)
1	52.217.193.97 52.217.193.97	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.230.228.3 54.230.228.3	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.27 54.230.228.27	16509 (AMAZON-02) (AMAZON-02)
1	54.246.242.218 54.246.242.218	16509 (AMAZON-02) (AMAZON-02)
1	34.223.186.159 34.223.186.159	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
58	22

1 108.138.36.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-56.muc50.r.cloudfront.net

links.e.uso.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.231.120.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-120-42.compute-1.amazonaws.com

surveys.uso.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.250.92 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mason-dixon.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-14.muc50.r.cloudfront.net

tag.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.95.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-95-0.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.125.229 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-125-229.us-west-2.compute.amazonaws.com

event.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.129.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-129-226.us-west-2.compute.amazonaws.com

cookie.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.193.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

sfg-surveys.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-3.muc50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-27.muc50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.242.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-242-218.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.186.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-186-159.us-west-2.compute.amazonaws.com

cookie.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	313 KB
9	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2984 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 6383 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6488 tracking.crazyegg.com — Cisco Umbrella Rank: 5345	94 KB
8	uso.org 1 redirects links.e.uso.org surveys.uso.org	95 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3134	9 KB
4	havasedge.com 1 redirects tag.havasedge.com — Cisco Umbrella Rank: 49843 event.havasedge.com — Cisco Umbrella Rank: 31978 cookie.havasedge.com — Cisco Umbrella Rank: 45701	26 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65 region1.google-analytics.com — Cisco Umbrella Rank: 2406	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
3	amazonaws.com mason-dixon.s3.amazonaws.com — Cisco Umbrella Rank: 621407 sfg-surveys.s3.amazonaws.com	639 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	3 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1565 insight.adsrvr.org — Cisco Umbrella Rank: 1044	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	72 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 461	60 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1268	8 KB
58	13

	Domain	Requested by
14	www.googletagmanager.com	surveys.uso.org www.google-analytics.com www.googletagmanager.com
7	surveys.uso.org	surveys.uso.org ajax.googleapis.com
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	tags.srv.stackadapt.com	surveys.uso.org tags.srv.stackadapt.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com surveys.uso.org
2	www.facebook.com	surveys.uso.org
2	cookie.havasedge.com	surveys.uso.org tag.havasedge.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	surveys.uso.org connect.facebook.net
2	www.google-analytics.com	surveys.uso.org www.google-analytics.com
2	mason-dixon.s3.amazonaws.com	surveys.uso.org
2	ajax.googleapis.com	surveys.uso.org
1	insight.adsrvr.org	js.adsrvr.org
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	sfg-surveys.s3.amazonaws.com	surveys.uso.org
1	event.havasedge.com	1 redirects
1	tag.havasedge.com	surveys.uso.org
1	js.adsrvr.org	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	surveys.uso.org
1	links.e.uso.org	1 redirects
58	22

This site contains links to these domains. Also see Links.

Domain
secure.uso.org
www.uso.org

Subject Issuer	Validity	Valid
surveys.uso.org Amazon RSA 2048 M03	`2023-10-13` - `2024-11-10`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.havasedge.com Go Daddy Secure Certificate Authority - G2	`2023-08-09` - `2024-08-30`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Frame ID: 2A1D3FC19ADBB7B1E642E3B03C8446EA
Requests: 56 HTTP requests in this frame

Frame: https://cookie.havasedge.com/bsync?guid=b427ba5e-a4b7-41d6-b296-5f2eaba9f917
Frame ID: 4CE37CBD39FD0A1BB22953B5AC0F79FB
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=d1cd1sa&ref=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&upid=7ftettw&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}
Frame ID: 496C895284AA31D30011A8315E40927A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.e.uso.org/els/v2/8PN4hE2ZejMr/dW1zUEUyUkVmNWtDM2ZqQWdaTmNiYmdYN3dRTk5ydndNSnpsOE5xeVlV... HTTP 302
https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=em... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

58
Requests

95 %
HTTPS

39 %
IPv6

13
Domains

22
Subdomains

22
IPs

3
Countries

1357 kB
Transfer

2593 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.uso.org/2406_d-day/?show_amount=true&amount=&sc=WA24MYPA27&email=&zip=&first_name=&last_name=
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.uso.org/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.uso.org/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.uso.org/state-disclosures
Title: State Disclosure

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.e.uso.org/els/v2/8PN4hE2ZejMr/dW1zUEUyUkVmNWtDM2ZqQWdaTmNiYmdYN3dRTk5ydndNSnpsOE5xeVlVRjhoOCtWeDNEUjhQdXNWTGplSldkekJ2blM5VnpxU3VoRXhnRDljNHdVNXZQMEJaaWhwRTF5VThPaWg5UHFrQXM9S0/anAxV0s3SXBHbFp6aGE4YjMvNFAxL3V1TjhYZndFbEhNMFR4d1J0ZWR5ST0S1__;!!GahIEkFg!wtGCV9jzyVIGpCdD515fRcsySc9mK1244ms9sP7hfTpf_xUBViDgHzwFJyYwjaiulSr62FTet9sr9ojb$ HTTP 302
https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://event.havasedge.com/track-event?emeta=eyJwIjoiaHR0cHM6Ly9zdXJ2ZXlzLnVzby5vcmcvdXNvLWRkYXktcXVpei0yNDA2LXRlc3Q%2FbnRzYz1XQTI0TVlQQTI3JnV0bV9zb3VyY2U9V1NQMjM5NjA3MzImdXRtX21lZGl1bT1lbWFpbCZzYz1XU1AyMzk2MDczMiZjb2RlPVdTUDIzOTYwNzMyIiwibyI6Imh0dHBzOi8vc3VydmV5cy51c28ub3JnIiwiYW8iOltdLCJwYXJtcyI6eyJudHNjIjoiV0EyNE1ZUEEyNyIsInV0bV9zb3VyY2UiOiJXU1AyMzk2MDczMiIsInV0bV9tZWRpdW0iOiJlbWFpbCIsInNjIjoiV1NQMjM5NjA3MzIiLCJjb2RlIjoiV1NQMjM5NjA3MzIifSwicHIiOiIiLCJpbmYiOmZhbHNlLCJsY2tpZCI6IjY1NTBjNjY5LThhYmMtYzcxNi0zYjI1LWY5ZmZkN2NjNmU0ZV8xNzE3NTUyNDM2Iiwic291cmNlIjoiSGF2YXNFZGdlLkV2ZW50VGFnIiwiYnQiOjE3MTc1NTI0MzYwMjAsImJ6IjotMTIwLCJwbGciOlsiUERGIFZpZXdlciIsIkNocm9tZSBQREYgVmlld2VyIiwiQ2hyb21pdW0gUERGIFZpZXdlciIsIk1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXIiLCJXZWJLaXQgYnVpbHQtaW4gUERGIl0sInBsdCI6IldpbjMyIiwiY2siOnRydWUsInRyIjpmYWxzZSwiaCI6MTIwMCwidyI6MTYwMCwiY2QiOjI0fQ%3D%3D&trkGuid=b427ba5e-a4b7-41d6-b296-5f2eaba9f917&evtGuid=5cf27ba5-9ea8-4014-99ea-ec775d2a8e7e&client_id=1229022460.1717552436 HTTP 302
https://cookie.havasedge.com/sync?trkGuid=b427ba5e-a4b7-41d6-b296-5f2eaba9f917

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request uso-dday-quiz-2406-test Show response
surveys.uso.org/
Redirect Chain

https://links.e.uso.org/els/v2/8PN4hE2ZejMr/dW1zUEUyUkVmNWtDM2ZqQWdaTmNiYmdYN3dRTk5ydndNSnpsOE5xeVlVRjhoOCtWeDNEUjhQdXNWTGplSldkekJ2blM5VnpxU3VoRXhnRDljNHdVNXZQMEJaaWhwRTF5VThPaWg5UHFrQXM9S0/anAxV0...
https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

36 KB
36 KB

431ms
193ms

Document
text/html

3.231.120.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.120.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-120-42.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

b05a77f9211cbc068793376777d4b47770aa9eb1359c5af7bbe5a8c71c7137dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 36708
content-type: text/html; charset=utf-8
date: Wed, 05 Jun 2024 01:53:55 GMT
etag: W/"8f64-N8+5As6OFSEktrHUlDJnDOVbsFY"
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express

Redirect headers

content-language: de-DE
content-length: 0
date: Wed, 05 Jun 2024 01:53:55 GMT
location: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
server: istio-envoy
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
x-amz-cf-id: xdUNAbA0k5RzrDFWY7acDH78a4UwH5MgE04_ReeiEfmTAJ-iE5-Orw==
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 5

GET
H2 200 uso.css
surveys.uso.org/static/ 16 KB
16 KB 102ms
100ms Stylesheet
text/css 3.231.120.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.uso.org/static/uso.css?v=8875907

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.120.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-120-42.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

de6ee2cdae1c409a3bc057880e045a3747f70eb2490b016301edb673adecc2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 04 Jun 2024 21:49:58 GMT
server: nginx
x-powered-by: Express
etag: W/"3f34-18fe53afa55"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 16180

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.7/ 155 KB
55 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular.min.js

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb479d4b1f6a64ed66d8eede4ed94c03c8c441c519415410b46e18377147cc9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:32:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56298
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:32:20 GMT

GET
H2 200 angular-aria.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.7/ 15 KB
5 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular-aria.js

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288459f529db1a3fcf0c221c44df3b0348330d00b2bd8b10abf408aa5f1c9d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4096
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:56:30 GMT

GET
H2 200 survey.js Show response
surveys.uso.org/static/ 20 KB
20 KB 103ms
101ms Script
application/javascript 3.231.120.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.uso.org/static/survey.js?v=8875907

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.120.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-120-42.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

1b7b3f15b822b28f5bd7ff2676b7520abeeaaff93c578dc82b821dcfd32e5963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 May 2024 13:12:15 GMT
server: nginx
x-powered-by: Express
etag: W/"5064-18fc47ad398"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 20580

GET
H/1.1 200
OK d0050c13db9210b772bf1698d5832651.png
mason-dixon.s3.amazonaws.com/pagecontent/9026/ 10 KB
10 KB 338ms
119ms Image
application/octet-stream 52.216.250.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mason-dixon.s3.amazonaws.com/pagecontent/9026/d0050c13db9210b772bf1698d5832651.png
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.250.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 92d8b64d8ae6a2dcc35402ae04c5f92ca9b832282b6563493529285f8f4222ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 01:53:57 GMT
Last-Modified: Tue, 24 Mar 2020 17:01:58 GMT
Server: AmazonS3
x-amz-request-id: CASFJHT4ZRKJC769
ETag: "64cfc27c929b7f5391c5eea873c404b9"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 10230
x-amz-id-2: PmwBLqfEuwOtLGNHBmb31POkWDizo3w5/gL1UfqzY8NswLm26Twr2GjyyarVlQ9VkzavzxIDP/M=

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
8 KB 36ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1047
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7201215
cdn-cachedat: 11/11/2022 02:14:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4083f5d376eb849a458cc790b53ba080"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7bb5bfebd315554cd6dff2f2b91b143e
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 88ec882379fd5d85-FRA
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 362 KB
113 KB 49ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T4BTXQ

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a1745d7e00f1abdbdfcaa50396ee9e2742310cbb646d2265d4a7e5e07bfadbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115609
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 01:53:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jun 2024 00:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5087
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jun 2024 02:29:08 GMT

GET
H2 200 classic.html Show response
surveys.uso.org/static/survey_templates/ 2 KB
3 KB 98ms
97ms XHR
text/html 3.231.120.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.uso.org/static/survey_templates/classic.html?v=8875907

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.120.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-120-42.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

6352b585a063193b9de60b2341b3e39b7d0b37f8627461497aca8ffd2aeb581c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 May 2024 13:12:15 GMT
server: nginx
x-powered-by: Express
etag: W/"9ca-18fc47ad398"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2506

GET
H/1.1 200
OK 4edc9c4df2fca5a69a437b3dc1cd9c6f.jpg
mason-dixon.s3.amazonaws.com/pagecontent/9962/ 583 KB
583 KB 306ms
114ms Image
application/octet-stream 52.216.250.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mason-dixon.s3.amazonaws.com/pagecontent/9962/4edc9c4df2fca5a69a437b3dc1cd9c6f.jpg
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.250.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aad1e41f5b856c405c7455a3f82a807a3a12cd61eac953959080b12387e59d45

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 01:53:57 GMT
Last-Modified: Tue, 23 Jun 2020 15:07:41 GMT
Server: AmazonS3
x-amz-request-id: CASBG6XPED27RCBA
ETag: "a236af8986d8a417024fc92f5322eefb"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 596984
x-amz-id-2: tFVpuLxYJSd3YDPhnnQkDdGGV7To6oH3W2S5HLhcjSm2rPYwG4wAT1tvgUOWiLglonnpT/1EzD0=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
221 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=271855244&t=pageview&_s=1&dl=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=400001580&gjid=1206629248&cid=1229022460.1717552436&tid=UA-9499230-36&_gid=523880947.1717552436&_r=1&_slc=1&z=1609105502

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

316bc7244287b6a17b0c4393f7b036d6c504bc546c74f73001ad7ec66603ded1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 01:53:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surveys.uso.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JCMKRVGP7Y&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50f3f81370b0fee0e652b7260b55888b61a5336e901cffaa43693f1cab7a1f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jun 2024 01:53:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
105 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B54WEBTJGF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BTXQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

715893dee14aa9971363e3bfbd6fcc96b26ba63e8d0ac75bb5eee8bfc61437b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jun 2024 01:53:55 GMT

GET
H2 200 1744.js Show response
script.crazyegg.com/pages/scripts/0073/ 6 KB
2 KB 52ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0073/1744.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BTXQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7cab4f2e7f3bce48f99aa59602afbaa1c3e71b9051c01385bde67db1d090e5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 12065
cf-polished: origSize=6229
ce-version: 11.5.219
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 22:32:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 88ec8824cbc53615-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 64ms
29ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BTXQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 05 Jun 2024 01:53:55 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40DD757C19A54BFF94295653FCF2F402 Ref B: FRAEDGE1814 Ref C: 2024-06-05T01:53:55Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 01:53:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: t/FprHFCUboml3jgRLPx3hc1sV2Iftz5FQMZopcpoyF2oKHjVA/DZTenEhrtkCV0buCozaTiZC0iFPWwvITPoQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 62ms
14ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BTXQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 04 Jun 2024 04:46:20 GMT
Content-Encoding: gzip
Via: 1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 May 2024 04:42:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 76056
x-amz-server-side-encryption: AES256
ETag: W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: aT9zGEvjqLOxZXkXdyZ4T3W23I_kM0s8JoDSa2pK6wYFMGyuY6UjXA==

GET
H2 200 evt.js Show response
tag.havasedge.com/js/ 24 KB
25 KB 77ms
16ms Script
application/javascript 18.173.154.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.havasedge.com/js/evt.js
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-14.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 585a5ffa8c3c01d26bfa9e61e12aecfac2b9440051ce482de6919393f76dcdf3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:41:45 GMT
via: 1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 22:25:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 870
x-amz-server-side-encryption: AES256
etag: "9e337224b5d07d91b201b650ce02ea4f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 24737
x-amz-cf-id: g4xNJlULWcgNwjMe267YMxuq6pCL25Pvbas0vXlJU3rNA0TFS5l8yQ==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 120ms
99ms Script
text/javascript 52.58.95.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.58.95.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-95-0.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d47ebd458e529e30ba70f6a3e25754e1a89f5c672ef1f4645c1296fe26394f9b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 01:53:56 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 38ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JCMKRVGP7Y&gtm=45je4630v9126185031za200&_p=1717552435842&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1229022460.1717552436&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&sid=1717552435&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=974
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JCMKRVGP7Y&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 01:53:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surveys.uso.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 13ms
13ms Image
text/plain 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&dl=surveys.uso.org%2Fuso-dday-quiz-2406-test&tdp=G-JCMKRVGP7Y;126185031;1;5;0&frm=0&pcid=_UA-9499230-36&z=0
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 01:53:55 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 14ms
13ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=gtm.init_consent&eid=-1&z=0

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 15ms
15ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=gtm.init&eid=0&tr=1ogtgasend.1ogtipmark.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdconversionmarking.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtipmark.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdconversionmarking.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 16ms
15ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=*&eid=1&u=AAAAAAAIAAAAAAAI&tr=1gct&ti=1gct&z=0

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 15ms
15ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=gtag.config&eid=18&u=AAAAAAAIAAAAAAAI&epr=1G.3G&z=0

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 17ms
17ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=gtm.dom&eid=19&u=AAAAAAAIAAAAAAAI&z=0

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:55 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 email_cell_phone_fields.html Show response
surveys.uso.org/static/survey_templates/common/ 822 B
1 KB 97ms
96ms XHR
text/html 3.231.120.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.uso.org/static/survey_templates/common/email_cell_phone_fields.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.120.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-120-42.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

2eabc32949b2e0aae7c69e2aa07088c4de79c7f618feb085a690378027d8bda8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 May 2024 13:12:15 GMT
server: nginx
x-powered-by: Express
etag: W/"336-18fc47ad398"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 822

GET
H2 200 radio.html Show response
surveys.uso.org/static/survey_templates/common/ 2 KB
3 KB 95ms
95ms XHR
text/html 3.231.120.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.uso.org/static/survey_templates/common/radio.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.120.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-120-42.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

c4e3e0814986c17ff5922c4f88494b138141b2f33b5e59c1ac7495d8d743634b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 May 2024 13:12:15 GMT
server: nginx
x-powered-by: Express
etag: W/"90e-18fc47ad398"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2318

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B54WEBTJGF&gtm=45je4630v874036487z86465342za200zb6465342&_p=1717552435842&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1229022460.1717552436&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717552435&sct=1&seg=0&dl=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&dt=D-Day%2080th%20Anniversary%20Quiz&en=page_view&_fv=1&_ss=1&ep.subdomain=surveys&ep.source_code=wsp23960732&ep.full_path_no_query=surveys.uso.org%2Fuso-dday-quiz-2406-test&ep.content_group=Surveys&tfd=1013&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B54WEBTJGF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 01:53:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surveys.uso.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 669826379746231 Show response
connect.facebook.net/signals/config/ 58 KB
13 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/669826379746231?v=2.9.157&r=stable&domain=surveys.uso.org&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d98174e40cdee6b4c8f960e9cae739b533c79a0d74a96fcba16b7b009613ad91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 01:53:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1328, tbw=63482, tp=-1, tpl=-1, uplat=51, ullat=0
pragma: public
x-fb-debug: cBYZ0H+TdSikl75tQPPAQygy6qro3xo6gUrqzZMah4LhI3clJg1Nr/bqIM943H/OBKXkKWCpKpPOnv8UpkeIiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 surveys.uso.org.json Show response
script.crazyegg.com/pages/data-scripts/0073/1744/site/ 8 KB
3 KB 37ms
21ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0073/1744/site/surveys.uso.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0073/1744.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38532b0849f31d45c03f40b406a3c02fa5ca2d6702635257126b6902e582e613

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 901
ce-version: 11.5.219
content-length: 2799
last-modified: Wed, 05 Jun 2024 01:38:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88ec88253e4b9bac-FRA

GET
H2 204 14002260.js Show response
bat.bing.com/p/action/ 0
116 B 30ms
30ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/14002260.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 05 Jun 2024 01:53:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0480717C0C684A98A0650E97BDB47150 Ref B: FRAEDGE1814 Ref C: 2024-06-05T01:53:56Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 73ms
73ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=14002260&tm=gtm002&Ver=2&mid=d52e8144-afc6-4ee5-8baf-46291c766c14&sid=77d31b4022de11ef8806bf02f34fc5ce&vid=77d33ef022de11efa5fc6b2bd778e01f&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=D-Day%2080th%20Anniversary%20Quiz&p=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&r=&lt=880&evt=pageLoad&sv=1&rn=495742

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jun 2024 01:53:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D33355C45C614180B224BE42DED4FFE0 Ref B: FRAEDGE1814 Ref C: 2024-06-05T01:53:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
cookie.havasedge.com/
Redirect Chain

https://event.havasedge.com/track-event?emeta=eyJwIjoiaHR0cHM6Ly9zdXJ2ZXlzLnVzby5vcmcvdXNvLWRkYXktcXVpei0yNDA2LXRlc3Q%2FbnRzYz1XQTI0TVlQQTI3JnV0bV9zb3VyY2U9V1NQMjM5NjA3MzImdXRtX21lZGl1bT1lbWFpbCZzY...
https://cookie.havasedge.com/sync?trkGuid=b427ba5e-a4b7-41d6-b296-5f2eaba9f917

35 B
535 B

525ms
162ms

Image
image/gif

35.162.129.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookie.havasedge.com/sync?trkGuid=b427ba5e-a4b7-41d6-b296-5f2eaba9f917
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: H2
Server: 35.162.129.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-129-226.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surveys.uso.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 05 Jun 2024 01:53:57 GMT
content-length: 35
content-type: image/gif

Redirect headers

location: https://cookie.havasedge.com/sync?trkGuid=b427ba5e-a4b7-41d6-b296-5f2eaba9f917
date: Wed, 05 Jun 2024 01:53:56 GMT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 8eeb2924bd41887f98d9cf5f91c9c9ed.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 148 KB
49 KB 22ms
21ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0073/1744.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74c089861b357f2d7aefccb4ad68cc92de7fd4041e8674c8c7d2d128adeca379

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:56 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 May 2024 14:46:51 GMT
server: cloudflare
age: 34349
cf-polished: origSize=151950
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88ec88255c093615-FRA

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 98ms
97ms Stylesheet
text/css 52.58.95.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.58.95.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-95-0.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 217bb9abcec006a54c8584307d24baf9b1c59817bc39066473b585158ae49064

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 01:53:56 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 113ms
99ms Fetch
image/jpeg 52.58.95.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.58.95.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-95-0.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 01:53:56 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H/1.1 200
OK 61e17f1382474d91f4fac45f4c3bb6b5.jpg
sfg-surveys.s3.amazonaws.com/pagecontent/26047/ 45 KB
45 KB 308ms
112ms Image
application/octet-stream 52.217.193.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfg-surveys.s3.amazonaws.com/pagecontent/26047/61e17f1382474d91f4fac45f4c3bb6b5.jpg
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.193.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 50bfab7348f22917ca226b5ce126e18066e13d83537f15f02b3c6f33ed8b0c2f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 01:53:57 GMT
x-amz-version-id: null
Last-Modified: Fri, 26 May 2023 22:34:54 GMT
Server: AmazonS3
x-amz-request-id: CAS0M9Z6SRJWFWMZ
ETag: "2e5ef05584919769bf6259d8124be006"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 45771
x-amz-id-2: b29aRgy6Mu6SB2Ept6CJqX6fk1KBC+xZBc85616FAUefiZriodtGYmT8fBeMGXWiBV9pMePcN7Y=

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 55ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=669826379746231&ev=PageView&dl=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&rl=&if=false&ts=1717552436079&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717552436078.679149636804339414&ler=empty&cdl=API_unavailable&it=1717552436010&coo=false&rqm=GET

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 01:53:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 196ms
148ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=669826379746231&ev=PageView&dl=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&rl=&if=false&ts=1717552436079&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717552436078.679149636804339414&ler=empty&cdl=API_unavailable&it=1717552436010&coo=false&rqm=FGET

Requested by

Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8e3ec61e11141c72","source_keys":["1","2"]},{"key_piece":"0xc8bc244960c981bf","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 01:53:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1328, tbw=3100, tp=-1, tpl=-1, uplat=141, ullat=0
pragma: no-cache
x-fb-debug: SsRA+Td2zXrVmABMOWaXMhRYvq2D/5/zz47nrhNnxjtq0nlt+eINYtBZhztZ9Bt/P2qY1E1Smd8KVDJm/Kms8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 surveys.uso.org.json Show response
script.crazyegg.com/pages/data-scripts/0073/1744/sampling/ 148 B
231 B 16ms
16ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0073/1744/sampling/surveys.uso.org.json?t=477097
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fbbbbd78ea17bef12027241f61c8fec96f710f80359ff28179761c12eb9a6b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 901
ce-version: 11.5.219
content-length: 143
last-modified: Wed, 05 Jun 2024 01:38:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88ec8825ae999bac-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 52ms
13ms XHR
application/json 54.230.228.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-3.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 8a0110b64ead65f0aff7193e350b2c52.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 22378229
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 3n2GG4kjzRI4HhsO3rtNQ0zocXnGxTKQjrVYA_HFgVBBcd_BEmckxQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
462 B 51ms
13ms XHR
application/json 54.230.228.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 01:23:29 GMT
via: 1.1 7d775f7e444ed74169f0db8decde7d20.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 14517028
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: gfJwcS5YQLR8qasKHQcWH7PtXmGzvo7vym2dQdf-6zc9fXz3F6ylcA==

GET
BLOB 200
OK 16203ce8-7c5b-4b69-bd35-6a7be30175cb
https://surveys.uso.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://surveys.uso.org/16203ce8-7c5b-4b69-bd35-6a7be30175cb
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 39 B
146 B 117ms
45ms XHR
text/plain 54.246.242.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1717552436177&tk=cda3d9fe70be3dc9e9882006f0d40a39&s=286318&p=%2Fuso-dday-quiz-2406-test&u=731744&v=82bcb79d12b4bc5680a1b693d179105e79e8f441&f=surveys.uso.org%2F*&ul=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/8eeb2924bd41887f98d9cf5f91c9c9ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.242.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-242-218.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 59700850bb2d2827990de605cc9298612081d4d1faa0cf5469bff5d4a2ed0ac0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 05 Jun 2024 01:53:56 GMT
cache-control: no-store
server: awselb/2.0
content-length: 39
content-type: text/plain

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
287 B 98ms
98ms XHR
text/plain 52.58.95.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=G9WYaPQrAYUgh-J11A2TWA&is_js=true&landing_url=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&t=D-Day%2080th%20Anniversary%20Quiz&tip=Jk0N9iB4dcsn7qLM3qEqt2B_JVEjjoiE1t3AAuNL-mw&host=https%3A%2F%2Fsurveys.uso.org&sa_conv_data_css_value=%270-172b024b-84ae-58f5-5378-c41f12b7db03%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9172b024b84ae58f55378c41f12b7db032d8d984a&sa-user-id-v3=s%253AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCC0iv-yBjABOgSTRxQUQgROYWi3.iDShwS0GW48VTv0ntQFDCxowBH3UNMkBqX%252FMrWrdtQ4&sa-user-id-v2=s%253AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%252B17RnH5ZPsuIzq2eoOufNqoxpldFQ&sa-user-id=s%253A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.58.95.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-95-0.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://surveys.uso.org
date: Wed, 05 Jun 2024 01:53:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 17ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0073/1744.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:56 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:55:25 GMT
server: cloudflare
age: 34350
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88ec8826ecda3615-FRA

GET
BLOB 200
OK 34637cc0-f6cd-4f0a-af0d-f65c5fb648ec
https://surveys.uso.org/ 256 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://surveys.uso.org/34637cc0-f6cd-4f0a-af0d-f65c5fb648ec
Requested by: Host: surveys.uso.org
URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d88f54a9178a5c0b75abb4b7d66c4a084f4234e580f2c83a321c693702f7b41

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 256
Content-Type: text/javascript

GET
H2 200 556f7559f794c4b7f3fa7753ad882b97.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 21ms
21ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/556f7559f794c4b7f3fa7753ad882b97.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0073/1744.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:56 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:55:22 GMT
server: cloudflare
age: 34350
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 88ec88270ce43615-FRA

GET
H2 200 bsync
cookie.havasedge.com/ Frame 4CE3 0
0 503ms
168ms Document
text/html 34.223.186.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cookie.havasedge.com/bsync?guid=b427ba5e-a4b7-41d6-b296-5f2eaba9f917
Requested by: Host: tag.havasedge.com
URL: https://tag.havasedge.com/js/evt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.186.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-186-159.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surveys.uso.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 60
content-type: text/html;charset=utf-8
date: Wed, 05 Jun 2024 01:53:57 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 14ms
13ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=*&eid=25&u=AgAAAAAIAAAAACAI&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:57 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 up
insight.adsrvr.org/track/ Frame 496C 0
0 107ms
33ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=d1cd1sa&ref=https%3A%2F%2Fsurveys.uso.org%2Fuso-dday-quiz-2406-test%3Fntsc%3DWA24MYPA27%26utm_source%3DWSP23960732%26utm_medium%3Demail%26sc%3DWSP23960732%26code%3DWSP23960732&upid=7ftettw&upv=1.1.0&orderid={orderid}&v={v}&vf={vf}
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surveys.uso.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Wed, 05 Jun 2024 01:53:57 GMT
server: Kestrel

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 13ms
13ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=gtm.load&eid=26&u=AgAAAAAIAAAAACAI&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:57 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 14ms
13ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=*&eid=27&u=AgAAAAAIAAAAACAI&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:57 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 14ms
13ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=*&eid=28&u=AgAAAAAIAAAAACAI&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:57 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 favicon.ico
surveys.uso.org/ 16 KB
16 KB 100ms
100ms Other
image/x-icon 3.231.120.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.uso.org/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.231.120.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-120-42.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

ee3328c394bf7199fcfc0b509d9292bf0cbc5bf38f40ab9213e1b96eef05d577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 May 2024 13:12:15 GMT
server: nginx
x-powered-by: Express
etag: W/"406d-18fc47ad398"
content-type: image/x-icon
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 16493

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 13ms
13ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JCMKRVGP7Y&v=3&t=t&pid=1954144772&cv=2&rv=4630&tc=14&es=1&e=*&eid=29&u=AgAAAAAIAAAAACAI&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://surveys.uso.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 01:53:58 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uso.org/	1970-01-20 21:07:18	Name: _gid Value: GA1.2.523880947.1717552436
.uso.org/	1970-01-20 21:05:52	Name: _gat Value: 1
.uso.org/	1970-01-21 06:41:52	Name: _ga_JCMKRVGP7Y Value: GS1.2.1717552435.1.0.1717552435.0.0.0
.uso.org/	1970-01-21 06:41:52	Name: _ga Value: GA1.1.1229022460.1717552436
.uso.org/	1970-01-20 21:07:18	Name: _uetsid Value: 77d31b4022de11ef8806bf02f34fc5ce
.uso.org/	1970-01-21 06:27:28	Name: _uetvid Value: 77d33ef022de11efa5fc6b2bd778e01f
surveys.uso.org/	1970-01-21 06:41:52	Name: __helocckid Value: 6550c669-8abc-c716-3b25-f9ffd7cc6e4e_1717552436
tags.srv.stackadapt.com/	1970-01-21 05:51:28	Name: sa-user-id Value: s%3A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
.srv.stackadapt.com/	1970-01-21 05:51:28	Name: sa-user-id Value: s%3A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
tags.srv.stackadapt.com/	1970-01-21 05:51:28	Name: sa-user-id-v2 Value: s%3AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%2B17RnH5ZPsuIzq2eoOufNqoxpldFQ
.srv.stackadapt.com/	1970-01-21 05:51:28	Name: sa-user-id-v2 Value: s%3AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%2B17RnH5ZPsuIzq2eoOufNqoxpldFQ
tags.srv.stackadapt.com/	1970-01-21 05:51:28	Name: sa-user-id-v3 Value: s%3AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCC0iv-yBjABOgSTRxQUQgROYWi3.iDShwS0GW48VTv0ntQFDCxowBH3UNMkBqX%2FMrWrdtQ4
.srv.stackadapt.com/	1970-01-21 05:51:28	Name: sa-user-id-v3 Value: s%3AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCC0iv-yBjABOgSTRxQUQgROYWi3.iDShwS0GW48VTv0ntQFDCxowBH3UNMkBqX%2FMrWrdtQ4
surveys.uso.org/	1970-01-21 05:51:28	Name: sa-user-id Value: s%253A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
surveys.uso.org/	1970-01-21 05:51:28	Name: sa-user-id-v2 Value: s%253AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%252B17RnH5ZPsuIzq2eoOufNqoxpldFQ
surveys.uso.org/	1970-01-21 05:51:28	Name: sa-user-id-v3 Value: s%253AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCC0iv-yBjABOgSTRxQUQgROYWi3.iDShwS0GW48VTv0ntQFDCxowBH3UNMkBqX%252FMrWrdtQ4
.uso.org/	1970-01-20 23:15:28	Name: _fbp Value: fb.1.1717552436078.679149636804339414
.bing.com/	1970-01-21 06:27:28	Name: MUID Value: 2FD82723B6BC69D91C4633B6B7BC6858
.uso.org/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.uso.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.uso.org/	1970-01-20 21:07:18	Name: _ce.clock_event Value: 1
.uso.org/	1970-01-20 21:07:18	Name: _ce.clock_data Value: 19%2C45.141.152.74%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CDE
.uso.org/	1970-01-21 05:51:28	Name: _CEFT Value: Q%3D%3D%3D
.uso.org/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.uso.org/	1970-01-21 05:51:28	Name: _ce.s Value: v~82bcb79d12b4bc5680a1b693d179105e79e8f441~lcw~1717552436300~lva~1717552436122~vpv~0~v11.cs~286318~v11.s~77fe18c0-22de-11ef-ad89-87a0158d449c~lcw~1717552436300
.havasedge.com/	1970-01-20 21:49:04	Name: hecookie_sync Value: eyJjaGFuZ2VkIjpmYWxzZSwiY29tcGxldGUiOmZhbHNlLCJpc0pzIjpmYWxzZSwidmVyaWZpZWQiOnRydWUsImhhdmFzRWRnZUNvb2tpZUlkIjoiYzc2ZjQ5NjYtODIzMy00MWQxLWIxMGMtZDJmM2JjMzQzYTdjIiwicHJvdmlkZXJDb29raWVJZHMiOnt9LCJwcm92aWRlckNvb2tpZU1ldGEiOnt9LCJmaXJzdFJlcXVlc3RlZFJlZGlyZWN0IjpudWxsLCJ0cmFja2VycyI6W10sInR3b1dheVN5bmNPcmRlciI6IkJBTEFOQ0VEIiwicHJvdmlkZXJQcmlvcml0eSI6e30sInByb3ZpZGVyc1RvU3luYyI6W119
.uso.org/	1970-01-21 06:41:52	Name: _ga_B54WEBTJGF Value: GS1.1.1717552435.1.0.1717552437.0.0.0

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surveys.uso.org/uso-dday-quiz-2406-test?ntsc=WA24MYPA27&utm_source=WSP23960732&utm_medium=email&sc=WSP23960732&code=WSP23960732 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-tracking.crazyegg.com
bat.bing.com
connect.facebook.net
cookie.havasedge.com
event.havasedge.com
insight.adsrvr.org
js.adsrvr.org
links.e.uso.org
mason-dixon.s3.amazonaws.com
maxcdn.bootstrapcdn.com
pagestates-tracking.crazyegg.com
region1.google-analytics.com
script.crazyegg.com
sfg-surveys.s3.amazonaws.com
surveys.uso.org
tag.havasedge.com
tags.srv.stackadapt.com
tracking.crazyegg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
108.138.36.56
108.138.40.116
18.173.154.14
2001:4860:4802:32::36
2606:4700::6812:acf
2606:4700::6813:9308
2620:1ec:c11::237
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.231.120.42
34.211.125.229
34.223.186.159
35.162.129.226
52.216.250.92
52.217.193.97
52.223.40.198
52.58.95.0
54.230.228.27
54.230.228.3
54.246.242.218
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
1b7b3f15b822b28f5bd7ff2676b7520abeeaaff93c578dc82b821dcfd32e5963
217bb9abcec006a54c8584307d24baf9b1c59817bc39066473b585158ae49064
288459f529db1a3fcf0c221c44df3b0348330d00b2bd8b10abf408aa5f1c9d08
2a1745d7e00f1abdbdfcaa50396ee9e2742310cbb646d2265d4a7e5e07bfadbe
2eabc32949b2e0aae7c69e2aa07088c4de79c7f618feb085a690378027d8bda8
316bc7244287b6a17b0c4393f7b036d6c504bc546c74f73001ad7ec66603ded1
38532b0849f31d45c03f40b406a3c02fa5ca2d6702635257126b6902e582e613
3d88f54a9178a5c0b75abb4b7d66c4a084f4234e580f2c83a321c693702f7b41
3f7cab4f2e7f3bce48f99aa59602afbaa1c3e71b9051c01385bde67db1d090e5
3fbbbbd78ea17bef12027241f61c8fec96f710f80359ff28179761c12eb9a6b7
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
50bfab7348f22917ca226b5ce126e18066e13d83537f15f02b3c6f33ed8b0c2f
50f3f81370b0fee0e652b7260b55888b61a5336e901cffaa43693f1cab7a1f28
585a5ffa8c3c01d26bfa9e61e12aecfac2b9440051ce482de6919393f76dcdf3
59700850bb2d2827990de605cc9298612081d4d1faa0cf5469bff5d4a2ed0ac0
6352b585a063193b9de60b2341b3e39b7d0b37f8627461497aca8ffd2aeb581c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
715893dee14aa9971363e3bfbd6fcc96b26ba63e8d0ac75bb5eee8bfc61437b3
74c089861b357f2d7aefccb4ad68cc92de7fd4041e8674c8c7d2d128adeca379
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
92d8b64d8ae6a2dcc35402ae04c5f92ca9b832282b6563493529285f8f4222ed
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aad1e41f5b856c405c7455a3f82a807a3a12cd61eac953959080b12387e59d45
b05a77f9211cbc068793376777d4b47770aa9eb1359c5af7bbe5a8c71c7137dd
c4e3e0814986c17ff5922c4f88494b138141b2f33b5e59c1ac7495d8d743634b
d47ebd458e529e30ba70f6a3e25754e1a89f5c672ef1f4645c1296fe26394f9b
d98174e40cdee6b4c8f960e9cae739b533c79a0d74a96fcba16b7b009613ad91
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6ee2cdae1c409a3bc057880e045a3747f70eb2490b016301edb673adecc2ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51
ee3328c394bf7199fcfc0b509d9292bf0cbc5bf38f40ab9213e1b96eef05d577
fb479d4b1f6a64ed66d8eede4ed94c03c8c441c519415410b46e18377147cc9a

surveys.uso.org Open in urlscan Pro 3.231.120.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

95 %HTTPS

39 %IPv6

13 Domains

22 Subdomains

22 IPs

3 Countries

1357 kBTransfer

2593 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

surveys.uso.org Open in urlscan Pro
3.231.120.42 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

95 %
HTTPS

39 %
IPv6

13
Domains

22
Subdomains

22
IPs

3
Countries

1357 kB
Transfer

2593 kB
Size

27
Cookies

58 HTTP transactions
0 data transactions