livecusurvey.com Open in urlscan Pro
104.199.119.123  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

• https://app-3qngd64pi2.marketingautomation.services/prospector/form/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww HTTP 302
• https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww

Request Chain 67

• https://pixel-geo.prfct.co/tagjs?a_id=120430&source=js_tag HTTP 302
• https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag

Request Chain 72

• https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202302%7C63fcacd30d9d6437a435514c%26pid%3Dpa_CmVMxzkZ41vUH6fmt HTTP 302
• https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt

Request Chain 73

• https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
• https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt

Request Chain 74

• https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
• https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true

Request Chain 75

• https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt

Request Chain 76

• https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt

Request Chain 77

• https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ&google_tc= HTTP 302
• https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 79

• https://secure.adnxs.com/seg?t=2&add=23478535 HTTP 307
• https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response livecusurvey.com/	144 KB 27 KB	717ms 200ms	Document text/html	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 6da937314be25a21b68defa3ccbf0fe5b2e0488e4a881133f770bd7ba9eda153 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Mon, 27 Feb 2023 13:14:58 GMT link <https://livecusurvey.com/wp-json/>; rel="https://api.w.org/" <https://livecusurvey.com/wp-json/wp/v2/pages/41>; rel="alternate"; type="application/json" <https://livecusurvey.com/>; rel=shortlink server nginx vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 3 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine
GET H2	200	style.min.css livecusurvey.com/wp-includes/css/dist/block-library/	93 KB 13 KB	189ms 186ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Mon, 21 Nov 2022 17:19:47 GMT server nginx etag W/"637bb333-172a9" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	classic-themes.min.css livecusurvey.com/wp-includes/css/	217 B 366 B	191ms 187ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-includes/css/classic-themes.min.css?ver=1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Mon, 21 Nov 2022 17:19:47 GMT server nginx etag W/"637bb333-d9" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	rs6.css livecusurvey.com/wp-content/plugins/revslider/public/assets/css/	57 KB 13 KB	198ms 194ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 933516be9efec38ebef7bbdd6a5652b3db83132c7475cf1c3d54fb60d2e69f2a Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Sun, 13 Dec 2020 12:11:10 GMT server nginx etag W/"5fd604de-e2d4" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	8 KB 826 B	201ms 72ms	Stylesheet text/css	2a00:1450:400d:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44ca3c927d8c2fea44e2732cb6e1621b1d5314d2ac1ff6c19cc2a0e94dd1a466 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Feb 2023 13:14:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Feb 2023 13:06:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Feb 2023 13:14:58 GMT
GET H2	200	pum-site.min.css livecusurvey.com/wp-content/plugins/popup-maker/assets/css/	7 KB 2 KB	198ms 195ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.18.0 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 00c79f73596b16ec7ca8129b4764e00b28a6d63c2750998adacd4570b176a232 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 10 Feb 2023 14:29:32 GMT server nginx etag W/"63e654cc-1d1e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	2 KB 937 B	201ms 71ms	Stylesheet text/css	2a00:1450:400d:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 57816f53bd297e04d4a9a30d1571068bef957813fa5d5837c7438fb7bca05e06 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Feb 2023 13:14:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Feb 2023 12:48:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Feb 2023 13:14:58 GMT
GET H2	200	style.min.css livecusurvey.com/wp-content/themes/Zephyr/css/	241 KB 45 KB	216ms 213ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/css/style.min.css?ver=5.4.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash b24350de2c0eae68926a92eeeea3252e410dcf6da3728f6d833606579bf05792 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag W/"5cf0815d-3c253" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	responsive.min.css livecusurvey.com/wp-content/themes/Zephyr/css/	21 KB 4 KB	216ms 213ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/css/responsive.min.css?ver=5.4.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash dea79c69319ee16958528ec501ed43f83223fcd2a22760b506a6df2dea506be2 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag W/"5cf0815d-52a0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	style.css livecusurvey.com/wp-content/themes/Zephyr-child/	185 B 343 B	217ms 214ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr-child/style.css?ver=5.4.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 2c17e6a794d3bb4417d49c44dc57db7ef141c40e2b4813a96ce265953628e9b5 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag W/"5cf0815d-b9" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	Defaults.css livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/	27 KB 5 KB	234ms 232ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:28 GMT server nginx etag W/"5cf0815c-6bf7" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	ultimate.min.css livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/	439 KB 49 KB	189ms 186ms	Stylesheet text/css	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.25 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 09fd6f05443bb5e53e466b7f19009752271b45fb1d9c40aa900459026a09ba79 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:32 GMT server nginx etag W/"5cf08160-6dcb7" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery.min.js Show response livecusurvey.com/wp-includes/js/jquery/	88 KB 32 KB	387ms 385ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Mon, 21 Nov 2022 17:19:47 GMT server nginx etag W/"637bb333-15e54" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	rbtools.min.js Show response livecusurvey.com/wp-content/plugins/revslider/public/assets/js/	118 KB 47 KB	387ms 385ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.0 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 3e59273841201a5c259d7e3830fcca70cf197f97777bdd466c51726b9f7e9c19 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Sun, 13 Dec 2020 12:11:10 GMT server nginx etag W/"5fd604de-1d959" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	rs6.min.js Show response livecusurvey.com/wp-content/plugins/revslider/public/assets/js/	284 KB 73 KB	387ms 386ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash aaa80de38d05ad615adc4442383ab2ce0c59a1297529da4d323c3508a88a5f35 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Sun, 13 Dec 2020 12:11:10 GMT server nginx etag W/"5fd604de-46f4b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	core.min.js Show response livecusurvey.com/wp-includes/js/jquery/ui/	21 KB 7 KB	388ms 386ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Mon, 21 Nov 2022 17:19:47 GMT server nginx etag W/"637bb333-53c0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	ultimate.min.js Show response livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/	253 KB 58 KB	388ms 386ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.16.25 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash ecbb653b2009cb651efad253e604aae188b622ffe9f8a9abd81118d2efa7d007 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:32 GMT server nginx etag W/"5cf08160-3f5a5" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	wp-emoji-release.min.js Show response livecusurvey.com/wp-includes/js/	18 KB 5 KB	158ms 157ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Tue, 12 Apr 2022 05:56:23 GMT server nginx etag W/"62551487-48b9" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	form.js Show response koi-3qngd64pi2.marketingautomation.services/client/	3 KB 2 KB	280ms 129ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/client/form.js?ver=2.0.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:58 GMT server openresty etag W/"63f90a1e-a49" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:58 GMT
GET H2	200	css fonts.googleapis.com/	24 KB 1 KB	84ms 73ms	Stylesheet text/css	2a00:1450:400d:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&ver=6.0.2 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Feb 2023 13:14:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Feb 2023 11:43:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Feb 2023 13:14:58 GMT
GET H2	200	gtm4wp-form-move-tracker.js Show response livecusurvey.com/wp-content/plugins/duracelltomi-google-tag-manager/js/	1 KB 604 B	276ms 265ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash f2c809f77b19df64ec8270272ac29ce3d84d242a663e589825a9e4f57b8a5461 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Thu, 17 Nov 2022 13:37:04 GMT server nginx etag W/"63763900-5fa" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	us.core.min.js Show response livecusurvey.com/wp-content/themes/Zephyr/js/	137 KB 34 KB	277ms 267ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/js/us.core.min.js?ver=5.4.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash b481d065fdb7959a361b75bc25f8f53b0c17248ac3e53c887bd98ca6cb1ff811 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag W/"5cf0815d-225e0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	site.min.js Show response livecusurvey.com/wp-content/plugins/popup-maker/assets/js/	68 KB 18 KB	277ms 268ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.18.0 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 8c09f40aa9ac3105f86ea363d58ad2a81f5d5741b810786a1a6291e7dd9d43ad Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 10 Feb 2023 14:29:32 GMT server nginx etag W/"63e654cc-11021" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	mobile-detect.min.js Show response livecusurvey.com/wp-content/plugins/popup-maker/assets/js/vendor/	38 KB 16 KB	278ms 268ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Fri, 10 Feb 2023 14:29:32 GMT server nginx etag W/"63e654cc-981e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	pixel-cat.min.js Show response livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/	13 KB 3 KB	272ms 266ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/pixel-cat.min.js?ver=2.6.8 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 691ad184665a01498912564332853d2358739673b393bc210004d1650253428d Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Tue, 13 Dec 2022 14:34:45 GMT server nginx etag W/"63988d85-351a" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	video.js Show response livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/	10 KB 3 KB	271ms 266ms	Script application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/video.js?ver=6.1.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 28597da51e1855a4fb7975ab59171ddea301c5af014710169a030482ea4b5d52 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding br last-modified Tue, 13 Dec 2022 14:34:45 GMT server nginx etag W/"63988d85-289b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	gtm.js Show response www.googletagmanager.com/	123 KB 48 KB	200ms 78ms	Script application/javascript	2a00:1450:400d:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-W8QKPLG Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a9cce1a141278768a45b1a8f35cfbd242afbd251efe1756f416e31915fc1ac88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49061 x-xss-protection 0 last-modified Mon, 27 Feb 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 27 Feb 2023 13:14:59 GMT
GET H2	200	ss.js Show response koi-3qngd64pi2.marketingautomation.services/client/	12 KB 5 KB	127ms 126ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:58 GMT server openresty etag W/"63f90a1e-2fe4" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 06 Mar 2023 13:14:58 GMT
GET H2	200	fa-solid-900.woff2 livecusurvey.com/wp-content/themes/Zephyr/fonts/	73 KB 73 KB	150ms 149ms	Font font/woff2	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/fonts/fa-solid-900.woff2 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2 Request headers Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag "5cf0815d-1226c" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 74348
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	171ms 49ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 13:13:56 GMT x-content-type-options nosniff age 345663 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 13:13:56 GMT
GET H2	200	fa-brands-400.woff2 livecusurvey.com/wp-content/themes/Zephyr/fonts/	70 KB 71 KB	150ms 149ms	Font font/woff2	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/fonts/fa-brands-400.woff2 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e Request headers Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag "5cf0815d-119b0" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 72112
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	183ms 62ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:23:05 GMT x-content-type-options nosniff age 348714 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 12:23:05 GMT
GET H2	200	lftracker_v1_Xbp1oaEw5Db7EdVj.js Show response sc.lfeeder.com/	31 KB 11 KB	226ms 133ms	Script application/javascript	2600:9000:20eb:dc00:1f:f723:6fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_Xbp1oaEw5Db7EdVj.js Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:dc00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c28f1e3b4878242b98d4a383fefcbd0cac9e9486fce02f5f73caedc6e8d692e3 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id 75AWQNeUaIvfHDFsUSjnpXEyINI0lNpD content-encoding gzip via 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront) date Mon, 27 Feb 2023 13:15:00 GMT last-modified Mon, 27 Feb 2023 07:01:36 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag W/"47e850f7ec20912fa02c65616f53afc4" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id 3Uq5bBvyc6D8MJqivBXYRR17_LF4up4V1Ea8YeQBHKQWhG5-yOdB8g==
GET H2	200	LiveSurvey-Home.jpg livecusurvey.com/wp-content/uploads/2019/05/	782 KB 783 KB	156ms 155ms	Image image/jpeg	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2019/05/LiveSurvey-Home.jpg Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 1dab9c7ad0b4287a77aeea6fd30bff359b9adfa5ba5514c46495c48ee43b3208 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT last-modified Fri, 31 May 2019 01:20:28 GMT server nginx etag "5cf0815c-c3851" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 800849
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	211ms 105ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 13:40:31 GMT x-content-type-options nosniff age 344068 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 13:40:31 GMT
GET H2	200	dashboard-imac-macbook-2.png livecusurvey.com/wp-content/uploads/2016/02/	1 MB 1 MB	178ms 178ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2016/02/dashboard-imac-macbook-2.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 1a237b244d08e962e53ec115729cd53289525bd0b07db78544c85340ae60b263 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:58 GMT last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag "5cf0815d-12974d" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 1218381
GET H3	200	BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw Show response app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/ Frame D6AB Redirect Chain https://app-3qngd64pi2.marketingautomation.services/prospector/form/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww	39 KB 39 KB	155ms 155ms	Document text/html	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/client/form.js?ver=2.0.1 Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software nginx/1.23.2 / Resource Hash 80648219fd9b3c98e9fb470ffae56d55070727d13f4e528e59e34f65baca7245 Request headers Referer https://livecusurvey.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache content-length 39959 content-type text/html date Mon, 27 Feb 2023 13:14:59 GMT etag "135bdbbdea24818592242e3e1a791ba0" expires Tue, 27 Feb 2024 13:14:59 GMT last-modified Wed, 29 Dec 2021 20:26:52 GMT server nginx/1.23.2 via 1.1 google x-goog-generation 1640809612149696 x-goog-hash crc32c=0yJZ8Q== md5=E1vbveokgYWSJC4+GnkboA== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 39959 x-guploader-uploadid ADPycdvwnGITyEZMJndEX_pn65CR3rvsedOwtzc62IUC_uRROV8_1w0QN-Xa6HOyMJqd60kvpa8eAmxuNcQjwSyjIBFhSg Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8 date Mon, 27 Feb 2023 13:14:59 GMT location https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww pod-hostname koi-5bf689d87c-cfrdp server openresty via 1.1 google x-clacks-overhead GNU Terry Pratchett x-xss-protection 1; mode=block
GET H2	200	KFOkCnqEu92Fr1MmgVxIIzI.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	198ms 124ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&ver=6.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 14:10:00 GMT x-content-type-options nosniff age 342299 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15764 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 14:10:00 GMT
GET H2	200	material-icons.woff2 livecusurvey.com/wp-content/themes/Zephyr/fonts/	48 KB 48 KB	169ms 169ms	Font font/woff2	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/fonts/material-icons.woff2 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 4ffcb784731a65dabd45daaa3efea8f831943811cbc51c510180fff417d49811 Request headers Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag "5cf0815d-bf84" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 49028
GET H2	200	Defaults.woff livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/	141 KB 141 KB	169ms 169ms	Font font/woff	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.woff?rfa9z8 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash edb8324c433c41250990c592405c9ed264ed1eab169687a8cc5d69f77585f38d Request headers Referer https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1 Origin https://livecusurvey.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Fri, 31 May 2019 01:20:28 GMT server nginx etag "5cf0815c-23368" vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 144232
GET H2	200	magnific-popup.js Show response livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/	20 KB 8 KB	162ms 161ms	XHR application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/magnific-popup.js Requested by Host: livecusurvey.com URL: https://livecusurvey.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 4123a0b824634537d4a2a4bb289aadb7c98752c6c2af82ea3d9f0d109cc2272d Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag W/"5cf0815d-4efc" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	form-nexus.png livecusurvey.com/wp-content/uploads/2016/02/	105 KB 105 KB	189ms 189ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2016/02/form-nexus.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 0711c9e8ef6cc0ddff57b434929090e9e44ba786ece8bc69da944b46d02ff579 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag "5cf0815d-1a298" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 107160
GET H2	200	owl.carousel.js Show response livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/	43 KB 12 KB	184ms 184ms	XHR application/javascript	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/owl.carousel.js Requested by Host: livecusurvey.com URL: https://livecusurvey.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding br last-modified Fri, 31 May 2019 01:20:29 GMT server nginx etag W/"5cf0815d-ad3c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H3	200	koi Show response koi-3qngd64pi2.marketingautomation.services/	660 B 488 B	265ms 264ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/koi?rf=&hn=livecusurvey.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1677503699045&ac=KOI-42CKEWHK5K&ts=1677503699&pt=0&pl=0&loc=https%3A%2F%2Flivecusurvey.com%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DszAwM7c0NzG2sDS3AAA%26sseid%3DMzI1MjcwNLQwMQIA%26jobid%3Df0c1cbde-57b5-42a8-91b3-6b1be5c8f795&tp=page&ti=The%20Credit%20Union%20Member%20Experience%20Survey%20Platform%20-%20LiveSurvey Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1 Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 7457432b9163f08039bd9d9ab92f789aaf8e4653b6037b546df3fa86eb8d1f40 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip x-clacks-overhead GNU Terry Pratchett last-modified Mon, 27 Feb 2023 13:14:59 GMT server openresty via 1.1 google vary Accept-Encoding p3p CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.' content-type application/javascript cache-control no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pod-hostname koi-5bf689d87c-wdvbr alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	285ms 49ms	Script text/javascript	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8QKPLG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 27 Feb 2023 13:12:19 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 160 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Mon, 27 Feb 2023 15:12:19 GMT
GET H2	200	/ tr.lfeeder.com/	43 B 292 B	466ms 404ms	Image image/gif	18.66.122.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr.lfeeder.com/?sid=Xbp1oaEw5Db7EdVj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MC4xIn0sInBhZ2VVcmwiOiJodHRwczovL2xpdmVjdXN1cnZleS5jb20vP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1zaGFycHNwcmluZyZzc2xpZD1zekF3TTdjME56RzJzRFMzQUFBJnNzZWlkPU16STFNamN3TkxRd01RSUEmam9iaWQ9ZjBjMWNiZGUtNTdiNS00MmE4LTkxYjMtNmIxYmU1YzhmNzk1IiwicGFnZVRpdGxlIjoiVGhlIENyZWRpdCBVbmlvbiBNZW1iZXIgRXhwZXJpZW5jZSBTdXJ2ZXkgUGxhdGZvcm0gLSBMaXZlU3VydmV5IiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIwODZkNGM4ZDBlNzc3OTIzIiwic2NyaXB0SWQiOiJYYnAxb2FFdzVEYjdFZFZqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5jMjQ0NzQzM2ZkNTUyZTRkLjE2Nzc1MDM2OTkyNjQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.75 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-75.fra60.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT via 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA60-P2 x-cache LambdaGeneratedResponse from cloudfront content-type image/gif content-length 43 x-amz-cf-id MFHdtokCojxa-w9I40bS4EV3MX2gDCW--zjcm7O9sqZl1tlAmNAarw==
GET H3	200	formbasics.css app-3qngd64pi2.marketingautomation.services/includes/css/ Frame D6AB	7 KB 2 KB	120ms 119ms	Stylesheet text/css	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/css/formbasics.css Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:02:51 GMT server openresty etag W/"63f909db-1c3d" vary Accept-Encoding content-type text/css pod-hostname app-7675df558c-nrjdq alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	jquery-ui.min.css app-3qngd64pi2.marketingautomation.services/includes/css/jquery/ Frame D6AB	31 KB 9 KB	124ms 121ms	Stylesheet text/css	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/css/jquery/jquery-ui.min.css Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:00:36 GMT server openresty etag W/"63f90954-7d0a" vary Accept-Encoding content-type text/css pod-hostname app-7675df558c-vsqqd alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	base.css app-3qngd64pi2.marketingautomation.services/includes/css/jquery/datepicker/ Frame D6AB	4 KB 1 KB	129ms 126ms	Stylesheet text/css	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/css/jquery/datepicker/base.css Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:00:36 GMT server openresty etag W/"63f90954-f70" vary Accept-Encoding content-type text/css pod-hostname app-7675df558c-7mh2t alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	datetimepicker.css app-3qngd64pi2.marketingautomation.services/includes/css/ Frame D6AB	9 KB 3 KB	124ms 121ms	Stylesheet text/css	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/css/datetimepicker.css Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:02:51 GMT server openresty etag W/"63f909db-237e" vary Accept-Encoding content-type text/css pod-hostname app-7675df558c-vsqqd alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	jquery-1.7.2.min.js Show response app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB	92 KB 38 KB	136ms 134ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35 Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:52 GMT server openresty etag W/"63f90a18-16fa7" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:59 GMT
GET H3	200	jquery.validate.min.js Show response app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB	24 KB 9 KB	125ms 122ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery.validate.min.js?ver=5.75-35 Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:56 GMT server openresty etag W/"63f90a1c-5e52" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:59 GMT
GET H3	200	additional-methods.min.js Show response app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB	17 KB 5 KB	124ms 122ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/core/additional-methods.min.js?ver=5.75-35 Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:45 GMT server openresty etag W/"63f90a11-4230" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:59 GMT
GET H3	200	jquery.form.js Show response app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB	13 KB 5 KB	130ms 127ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery.form.js?ver=5.75-35 Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:52 GMT server openresty etag W/"63f90a18-3248" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:59 GMT
GET H3	200	jquery-ui.min.js Show response app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/ Frame D6AB	248 KB 82 KB	131ms 128ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/jquery-ui.min.js?ver=5.75-35 Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:00:37 GMT server openresty etag W/"63f90955-3dee5" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:59 GMT
GET H3	200	datetimepicker.js Show response app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB	37 KB 13 KB	134ms 131ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/core/datetimepicker.js?ver=5.75-35 Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:50 GMT server openresty etag W/"63f90a16-94d3" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:59 GMT
GET H3	200	jquery.placeholder.js Show response app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB	2 KB 867 B	131ms 128ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery.placeholder.js?ver=5.75-35 Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:53 GMT server openresty etag W/"63f90a19-7e4" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:14:59 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/ Frame D6AB	850 B 874 B	264ms 73ms	Script text/javascript	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 554 x-xss-protection 1; mode=block expires Mon, 27 Feb 2023 13:14:59 GMT
GET H2	200	CU-of-rockies-logo.png livecusurvey.com/wp-content/uploads/2020/10/	21 KB 22 KB	210ms 206ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/CU-of-rockies-logo.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash ff0bea54acd2b8d1f87f68be0caf302b025aad0cc80e0edd158a372f30460bb2 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:54 GMT server nginx etag "5f8f3e36-5551" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 21841
GET H2	200	Alliance-Catholic-logo.png livecusurvey.com/wp-content/uploads/2020/10/	8 KB 8 KB	210ms 204ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/Alliance-Catholic-logo.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 248138c53bb9ad726bbbbf57c99ff9db58fb41e22d38fee25f72f33a8acb4550 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:50 GMT server nginx etag "5f8f3e32-1fc3" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 8131
GET H2	200	Calcom-logo-1024x220.png livecusurvey.com/wp-content/uploads/2020/10/	31 KB 31 KB	210ms 204ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/Calcom-logo-1024x220.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 6d99aa9343abfa4c05392d9c701602ab4e1380636449e1f31eeb45202ce15cd9 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:51 GMT server nginx etag "5f8f3e33-7b9d" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 31645
GET H2	200	CU-benefits-alliance-logo.png livecusurvey.com/wp-content/uploads/2020/10/	45 KB 45 KB	211ms 206ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/CU-benefits-alliance-logo.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 73f08eba3ff8c10c27438693bf9a70841a02d93aa586233cbaf6750d647bfb82 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:53 GMT server nginx etag "5f8f3e35-b2cb" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 45771
GET H2	200	Northern-hills-logo.png livecusurvey.com/wp-content/uploads/2020/10/	48 KB 48 KB	212ms 207ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/Northern-hills-logo.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash a21a0a8bbed971496d6c3065f21c9b99a5e67e6127f374583da1b0ec05546765 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:40 GMT server nginx etag "5f8f3e28-c043" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 49219
GET H2	200	Tucoemas-logo.png livecusurvey.com/wp-content/uploads/2020/10/	8 KB 8 KB	216ms 211ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/Tucoemas-logo.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 4e0c316b560a99d47e0ee5915f36ac050ebef8ab6182ff67cfa8491fcfbc21e0 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:45 GMT server nginx etag "5f8f3e2d-1f07" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 7943
GET H2	200	Parsons-logo.png livecusurvey.com/wp-content/uploads/2020/10/	33 KB 33 KB	350ms 346ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/Parsons-logo.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash 168d0b801d6ec50c3cf6ab6e453add1d964b3164a22c7a92d05228431940367e Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:40 GMT server nginx etag "5f8f3e28-846a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 33898
GET H2	200	Nikkei-logo-1024x597.png livecusurvey.com/wp-content/uploads/2020/10/	82 KB 82 KB	210ms 205ms	Image image/png	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-content/uploads/2020/10/Nikkei-logo-1024x597.png Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / Resource Hash b4c6c296770c36226db63a4c7c38d8f02812670ed000abb992e6f722c14b56e0 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT last-modified Tue, 20 Oct 2020 19:44:39 GMT server nginx etag "5f8f3e27-14658" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 83544
GET H2	200	5f46d823d13faf170d000430.js Show response tag.perfectaudience.com/serve/	12 KB 4 KB	68ms 7ms	Script text/javascript	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tag.perfectaudience.com/serve/5f46d823d13faf170d000430.js Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cowboy / Resource Hash 2eeec1a53ad4aa2ae2385af32754a057c2d9073c402eefba5d25e1e04ba1a7e5 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-served-by cache-hhn-etou8220026-HHN date Mon, 27 Feb 2023 13:14:59 GMT via 1.1 vegur, 1.1 varnish x-content-type-options nosniff content-encoding gzip server Cowboy age 125 x-timer S1677503699.497626,VS0,VE1 vary Accept-Encoding x-cache HIT content-type text/javascript cache-control max-age=1800 accept-ranges bytes content-length 3956 x-cache-hits 1
GET H3	200	freeemailproviderlist.json Show response app-3qngd64pi2.marketingautomation.services/includes/js/app/ Frame D6AB	75 KB 21 KB	119ms 119ms	Fetch application/json	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/includes/js/app/freeemailproviderlist.json Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:00:36 GMT server openresty etag W/"63f90954-12aa5" vary Accept-Encoding content-type application/json pod-hostname app-7675df558c-vsqqd alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H/1.1	200 OK	tagjs Show response pixel-geo.prfct.co/ Redirect Chain https://pixel-geo.prfct.co/tagjs?a_id=120430&source=js_tag https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag	125 B 454 B	28ms 27ms	Script text/javascript	54.72.205.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol HTTP/1.1 Server 54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-205-52.eu-west-1.compute.amazonaws.com Software / Resource Hash 60bfbd3aca5d6f46af4c08025dab146fccc7d2c82562ec6b2235cdd8b00d01e7 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 125 Content-Type text/javascript Redirect headers Location https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame D6AB	408 KB 163 KB	169ms 49ms	Script text/javascript	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://app-3qngd64pi2.marketingautomation.services accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 08:17:30 GMT content-encoding gzip x-content-type-options nosniff age 104249 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 166391 x-xss-protection 0 last-modified Mon, 20 Feb 2023 05:03:28 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 26 Feb 2024 08:17:30 GMT
GET H3	200	53429917-ccce-4d61-8d38-fed27e87435e Show response app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/ Frame D6AB	5 KB 1 KB	173ms 173ms	XHR application/json	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/53429917-ccce-4d61-8d38-fed27e87435e?instance=vj16ww&rf__doc=https%3A%2F%2Flivecusurvey.com%2F Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35 Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 4c0432153c7216a0bb2cd676fbfd088b6aeb9d3947c3d518a441c35f8afd96ab Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT content-encoding gzip x-clacks-overhead GNU Terry Pratchett via 1.1 google server openresty vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * pod-hostname koi-5bf689d87c-pbgkq alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 210 B	71ms 70ms	XHR text/plain	2a00:1450:400d:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=525282582&t=pageview&_s=1&dl=https%3A%2F%2Flivecusurvey.com%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DszAwM7c0NzG2sDS3AAA%26sseid%3DMzI1MjcwNLQwMQIA%26jobid%3Df0c1cbde-57b5-42a8-91b3-6b1be5c8f795&ul=en-us&de=UTF-8&dt=The%20Credit%20Union%20Member%20Experience%20Survey%20Platform%20-%20LiveSurvey&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1302456341&gjid=1260208691&cid=1191598394.1677503700&tid=UA-74859478-1&_gid=1386785158.1677503700&_r=1&_slc=1&gtm=45He32m0n81W8QKPLG&z=1429733737 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://livecusurvey.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Feb 2023 13:14:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://livecusurvey.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 347 B	56ms 18ms	XHR text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-74859478-1&cid=1191598394.1677503700&jid=1302456341&gjid=1260208691&_gid=1386785158.1677503700&_u=YEBAAEAAAAAAACAAI~&z=1888053484 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://livecusurvey.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 27 Feb 2023 13:14:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://livecusurvey.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ pixel-geo.prfct.co/usermap/ Redirect Chain https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202302%7C63fcacd30d9d6437a435514c%26pid%3Dpa_CmVMxzkZ41vUH6fmt https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt	43 B 256 B	44ms 27ms	Image image/gif	54.72.205.52 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol HTTP/1.1 Server 54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-205-52.eu-west-1.compute.amazonaws.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Date Mon, 27 Feb 2023 13:14:59 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid e7013232-fb6b-4618-a6ea-8427d771fbe1 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	adsct analytics.twitter.com/i/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=twtr https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt	43 B 396 B	137ms 112ms	Image image/gif	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-response-time 105 date Mon, 27 Feb 2023 13:14:59 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 9773a6bbfaf0d64b cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 881849f1223452455f0302c9c28e261a587f68073173d4c418c7743879293917 content-length 43 Redirect headers Location https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	204	sync ups.analytics.yahoo.com/ups/58288/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=yah https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1 https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true	0 121 B	11ms 11ms	Image text/plain	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.25 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:14:59 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true date Mon, 27 Feb 2023 13:14:59 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=opx https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt	43 B 273 B	99ms 24ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Mon, 27 Feb 2023 13:14:59 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Location https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=rbcn https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt	0 239 B	79ms 9ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 28e1e7d28d06b07ec669bc9e43057b8e P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Location https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H/1.1	200 OK	cb pixel-geo.prfct.co/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=goo https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ&google_tc= https://pixel-geo.prfct.co/cb?partnerId=goo	43 B 365 B	28ms 28ms	Image image/gif	54.72.205.52 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-geo.prfct.co/cb?partnerId=goo Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol HTTP/1.1 Server 54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-205-52.eu-west-1.compute.amazonaws.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers pragma no-cache date Mon, 27 Feb 2023 13:15:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel-geo.prfct.co/cb?partnerId=goo p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 240 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ pixel-geo.prfct.co/seg/	43 B 365 B	165ms 107ms	Image image/gif	54.72.205.52 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-geo.prfct.co/seg/?add=23478535&source=js_tag&a_id=120430 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-205-52.eu-west-1.compute.amazonaws.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/seg?t=2&add=23478535 https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535	43 B 1 KB	8ms 8ms	Image image/gif	37.252.173.215 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol HTTP/1.1 Server 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Mon, 27 Feb 2023 13:14:59 GMT AN-X-Request-Uuid 17f3d791-a728-44ab-8b9d-eb35d51aca0e Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Date Mon, 27 Feb 2023 13:14:59 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid d625d2a6-b588-47fb-8520-cf34665c5d9d Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame F7FD	43 KB 23 KB	81ms 79ms	Document text/html	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 348c9a988159748af9b0bb20bdc700ed67ca6afc2fba8af29401d9ce333d5b92 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-YvUozoBPQ2wlXbt1uYM7ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 23233 content-security-policy script-src 'report-sample' 'nonce-YvUozoBPQ2wlXbt1uYM7ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 27 Feb 2023 13:15:00 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F7FD	55 KB 24 KB	150ms 50ms	Stylesheet text/css	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 09:55:34 GMT content-encoding gzip x-content-type-options nosniff age 11966 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Mon, 20 Feb 2023 05:03:28 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 27 Feb 2024 09:55:34 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F7FD	408 KB 163 KB	175ms 76ms	Script text/javascript	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 08:17:30 GMT content-encoding gzip x-content-type-options nosniff age 104250 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 166391 x-xss-protection 0 last-modified Mon, 20 Feb 2023 05:03:28 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 26 Feb 2024 08:17:30 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame F7FD	102 B 134 B	72ms 72ms	Other text/javascript	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:15:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112 x-xss-protection 1; mode=block expires Mon, 27 Feb 2023 13:15:00 GMT
GET H3	200	53429917-ccce-4d61-8d38-fed27e87435e Show response app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/ Frame D6AB	5 KB 1 KB	176ms 176ms	XHR application/json	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/53429917-ccce-4d61-8d38-fed27e87435e?instance=vj16ww&rf__doc=https%3A%2F%2Flivecusurvey.com%2F Requested by Host: app-3qngd64pi2.marketingautomation.services URL: https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35 Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 4c0432153c7216a0bb2cd676fbfd088b6aeb9d3947c3d518a441c35f8afd96ab Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:15:00 GMT content-encoding gzip x-clacks-overhead GNU Terry Pratchett via 1.1 google server openresty vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * pod-hostname koi-5bf689d87c-njndw alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block
GET H2	200	lo85pn32 Show response widget.intercom.io/widget/	8 KB 4 KB	47ms 11ms	Script application/javascript	108.138.17.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/lo85pn32 Requested by Host: livecusurvey.com URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-98.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ecd52673e207772acc0e67d469cbc4cfd89f8b6214db8799b353e0f88548624a Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id q8aGpMx1PwfFf9wa5qmBsBbcV6lfruam content-encoding gzip via 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront) date Mon, 27 Feb 2023 13:10:30 GMT x-amz-cf-pop FRA56-P7 age 298 x-amz-server-side-encryption AES256 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 3261 last-modified Fri, 24 Feb 2023 14:04:38 GMT server AmazonS3 etag "7c5a9582f5d74f00620f706ab667c54d" vary Origin content-type application/javascript; charset=UTF-8 cache-control max-age=900, s-maxage=900, public accept-ranges bytes x-amz-cf-id 8t-JSz57oxQlR9Z8TlCggdZ5Axoyovc26LIgjwBLoOqFQVJCcmKzFQ==
GET H3	200	getChatbot Show response koi-3qngd64pi2.marketingautomation.services/	244 B 226 B	134ms 133ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/getChatbot?rf=&hn=livecusurvey.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1677503699045&ac=KOI-42CKEWHK5K&ts=1677503701&pt=0&pl=0&loc=https%3A%2F%2Flivecusurvey.com%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DszAwM7c0NzG2sDS3AAA%26sseid%3DMzI1MjcwNLQwMQIA%26jobid%3Df0c1cbde-57b5-42a8-91b3-6b1be5c8f795&tk=202302%7C63fcacd30d9d6437a435514c Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1 Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 92aa9fb6a9dfe41d683a05e2ce2394ca5f4dda56bfccb5c89e78c57520a0b9d8 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:15:00 GMT content-encoding gzip x-clacks-overhead GNU Terry Pratchett via 1.1 google server openresty vary Accept-Encoding content-type application/javascript pod-hostname app-pubapi-86bc9886dd-s6czb alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame EEEB	7 KB 1 KB	75ms 75ms	Document text/html	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 87672b4e9c7575be50a314adabdcfbbb19c685b3408847889638044806f93fc8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-sUwAW02g6PGzHNYj76Fonw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1116 content-security-policy script-src 'report-sample' 'nonce-sUwAW02g6PGzHNYj76Fonw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 27 Feb 2023 13:15:00 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	frame-modern.feb17e6c.js Show response js.intercomcdn.com/ Frame 58BD	485 KB 129 KB	93ms 8ms	Script application/javascript	18.66.147.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.feb17e6c.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/lo85pn32 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-3.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash e6e87f4f93a379f05269bddd3acd54a253a3e50a48efb9127d9cb94cf3970333 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id AoJSJyxDmkc3X1wFovBkmaMYXOEssazP content-encoding gzip via 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront) date Mon, 27 Feb 2023 13:08:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 392 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 content-length 131296 last-modified Fri, 24 Feb 2023 14:02:17 GMT server AmazonS3 etag "cd85ccf3dc368f2a6f1f9e4c25c1de45" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id XrV-QfNJ-0J1l4sYiX9yqXEQ9u4BueKGO__WSnI2F1f5QTow9pIJlw==
GET H2	200	vendor-modern.ebc5d705.js Show response js.intercomcdn.com/ Frame 58BD	236 KB 73 KB	107ms 22ms	Script application/javascript	18.66.147.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.ebc5d705.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/lo85pn32 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-3.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c17b1a7e002c083947f21ffac64eb85fc76f5e94c2460fb64876f56f6a37fdd3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id xqEwbF2CIUTKfV0UlRFPA7_.rjojaJ_c content-encoding gzip via 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront) date Mon, 27 Feb 2023 12:06:14 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 4127 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 74395 last-modified Fri, 24 Feb 2023 14:02:17 GMT server AmazonS3 etag "5d20e022d39aabb62bf802df0269ff81" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id 8hrrhmPT7E3ISvz47J_q2uU4DZ7hun7pw9rtILuIsnN1z1TSkl1V3g==
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame EEEB	55 KB 24 KB	50ms 50ms	Stylesheet text/css	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 09:55:34 GMT content-encoding gzip x-content-type-options nosniff age 11966 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Mon, 20 Feb 2023 05:03:28 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 27 Feb 2024 09:55:34 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame EEEB	408 KB 163 KB	52ms 51ms	Script text/javascript	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 08:17:30 GMT content-encoding gzip x-content-type-options nosniff age 104250 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 166391 x-xss-protection 0 last-modified Mon, 20 Feb 2023 05:03:28 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 26 Feb 2024 08:17:30 GMT
GET H3	200	publicChatbot Show response koi-3qngd64pi2.marketingautomation.services/ Frame E729	2 KB 870 B	126ms 125ms	Document text/html	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1 Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 5e0569e3424af4aa952dedfe18ddd693bdba3fad3c6bb8fe52c7371cd41931a7 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://livecusurvey.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 27 Feb 2023 13:15:00 GMT pod-hostname app-7675df558c-vsqqd server openresty vary Accept-Encoding via 1.1 google x-clacks-overhead GNU Terry Pratchett x-xss-protection 1; mode=block
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 58BD	4 KB 2 KB	734ms 505ms	XHR application/json	54.145.101.148 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.feb17e6c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.145.101.148 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-145-101-148.compute-1.amazonaws.com Software nginx / Resource Hash 9aada19a9155dfac40975d64d86a6d2d5e8886b4845deaacca1b2c610cb5df2b Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 27 Feb 2023 13:15:01 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0be81d9dffa4bc64a status 200 OK x-xss-protection 1; mode=block x-request-id 0004rbh0pmnrprqbk0ag x-runtime 0.341048 server nginx etag W/"9aada19a9155dfac40975d64d86a6d2d" x-ratelimit-remaining 13332 vary Accept,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://livecusurvey.com x-intercom-version 088644527e94060d3eced7a99e3627a5fc12d805 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1677503710 x-ratelimit-limit 13333 access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN
GET H3	200	polyfill.min.js Show response koi-3qngd64pi2.marketingautomation.services/includes/js/dist/ Frame E729	202 KB 58 KB	121ms 121ms	Script application/javascript	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/includes/js/dist/polyfill.min.js?ver=d0348f920d-1 Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash b9a6fca766ed9a201b3658950e9692b259d61f22b13e27b76cbc58d8fb5a4d86 Request headers accept-language de-DE,de;q=0.9 Referer https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:15:00 GMT content-encoding gzip via 1.1 google last-modified Fri, 24 Feb 2023 19:03:42 GMT server openresty etag W/"63f90a0e-32984" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, public alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 29 Mar 2023 13:15:00 GMT
GET H2	200	de.js Show response storage.googleapis.com/frontend-prod/i18next/master/ Frame E729	708 KB 158 KB	365ms 274ms	Script application/javascript	2a00:1450:4001:811::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/frontend-prod/i18next/master/de.js Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 4462d8aa96e24d561ecea68e7b5eea32869c92505955a0efb7b4321386acbae3 Request headers accept-language de-DE,de;q=0.9 Referer https://koi-3qngd64pi2.marketingautomation.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:15:01 GMT content-encoding gzip age 0 x-guploader-uploadid ADPycdsh0jAgXeIljXzIAEPTPbTu2Dd8A3ofNUrFMivM3q7Vxs1-91Pbubp9yDUPfQVirm4NcYmp5IxVzGUcKQlK1AURrz27GXnC x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 161564 last-modified Tue, 03 Jan 2023 18:20:52 GMT server UploadServer etag "b8fe1d23477a77c2aa40528bcfef3a1a" x-goog-generation 1672770052562566 x-goog-hash crc32c=mRBuAQ==, md5=uP4dI0d6d8KqQFKLz+86Gg== content-type application/javascript cache-control no-transform x-goog-stored-content-length 161564 accept-ranges bytes expires Tue, 27 Feb 2024 13:15:01 GMT
GET H2	200	antd.css storage.googleapis.com/frontend-prod/fireant/7f67539c/style/ Frame E729	439 KB 440 KB	180ms 89ms	Stylesheet text/css	2a00:1450:4001:811::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/frontend-prod/fireant/7f67539c/style/antd.css Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 934ecb719a9eb78212ebfa8985f42d4242769b9b650622a1d6e16184378d8eb4 Request headers accept-language de-DE,de;q=0.9 Referer https://koi-3qngd64pi2.marketingautomation.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:11:39 GMT x-goog-meta-goog-reserved-file-mtime 1640118138 age 201 x-guploader-uploadid ADPycdtGwOdvOlFhGsB6JPYEtTlte2DDP_Eqvuhyj_NuvSRwk9HEI_24KSP-oYbnoQGMPzbuWNE8AnABiO6gfpDVijDqJGaQphbW x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 449797 last-modified Tue, 21 Dec 2021 20:50:54 GMT server UploadServer etag "79f1517ddc36a516ffbac1d4c1d47233" x-goog-generation 1640119854776231 x-goog-hash crc32c=Joc7bg==, md5=efFRfdw2pRb/usHUwdRyMw== content-type text/css cache-control public, max-age=3600 x-goog-stored-content-length 449797 accept-ranges bytes expires Mon, 27 Feb 2023 14:11:39 GMT
GET H2	200	en_US.main.css storage.googleapis.com/frontend-prod/common/7e16c022/ Frame E729	122 KB 64 KB	134ms 44ms	Stylesheet text/css	2a00:1450:4001:811::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/frontend-prod/common/7e16c022/en_US.main.css Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 2abc10b98bfce0b592d37587d5e8eb1d3c76c6b5e6d549171b1670fa6dab832f Request headers accept-language de-DE,de;q=0.9 Referer https://koi-3qngd64pi2.marketingautomation.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 12:26:45 GMT content-encoding gzip age 2895 x-guploader-uploadid ADPycdsed-m1WolWz0nM12m7kw-XGFNFRlHuEyvCH7D_NqAI4lGbWQFzoevKk6bN5EHLOD8YqcxdiQDLKPXvfJ9Qc6_AZKJd6pag x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64483 last-modified Tue, 21 Dec 2021 15:53:55 GMT server UploadServer etag "85e642aba7acca59008f68a454d27b57" x-goog-generation 1640102035706343 x-goog-hash crc32c=Z647nA==, md5=heZCq6esylkAj2ikVNJ7Vw== content-type text/css cache-control public, max-age=31536000,no-transform x-goog-stored-content-length 64483 accept-ranges bytes expires Tue, 27 Feb 2024 12:26:45 GMT
GET H2	200	en_US.main.js Show response storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/ Frame E729	3 MB 641 KB	292ms 202ms	Script application/javascript	2a00:1450:4001:811::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js Requested by Host: koi-3qngd64pi2.marketingautomation.services URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash c871a837a5b4f74ae8eec2034164fac3e7e8eaf1d3e365770c6f6b7c294f4bcc Request headers accept-language de-DE,de;q=0.9 Referer https://koi-3qngd64pi2.marketingautomation.services/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 12:26:45 GMT content-encoding gzip age 2895 x-guploader-uploadid ADPycdskQXKU41qcNSqyjyE6xI0snQ-E0onaCjWXBpIWTrdANxyz7tOjq9VHM7rgKt6br-bv4x6kq9arQepH7xicBdlxUmuIwpEg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 656100 last-modified Thu, 23 Feb 2023 15:57:17 GMT server UploadServer etag "adf99ce3641b7938b7e56651b9180c04" x-goog-generation 1677167837855577 x-goog-hash crc32c=rEDi2g==, md5=rfmc42QbeTi35WZRuRgMBA== content-type application/javascript cache-control no-transform x-goog-stored-content-length 656100 accept-ranges bytes expires Tue, 27 Feb 2024 12:26:45 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame EEEB	40 KB 24 KB	129ms 129ms	XHR application/json	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d9ac6b477f704750e98d15c64f1bb3ad02bfd3bff81f0c9deb01fac8bc16dbdb Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-protobuffer Response headers date Mon, 27 Feb 2023 13:15:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24670 x-xss-protection 1; mode=block expires Mon, 27 Feb 2023 13:15:00 GMT
GET H3	200	payload www.google.com/recaptcha/api2/ Frame EEEB	32 KB 32 KB	72ms 72ms	Image image/jpeg	2a00:1450:400d:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/recaptcha/api2/payload?p=06AFY_a8WNpGCTcvwwwElBfQ1_GTOW02n6V76-YU5V5iMRGFx03JDFUqaF_fsQaeh6OTJtIs8hAbBftRIGQq4X6cRsZx4r2q9ZfKRMyxvB9jV_J8KIJBHeftlhQ44iXqFanMrsdKdwe6znPRN5XiKv3f9moTeF1lpdRJ2_5JrKItOh5v8AhseqZqhYrzbLbKqCcmpmChqL2gybqGC_XYnFW0mCnkAZbiVLuA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9feed56aca6e347ff77eb155e84598071c8ce7584e3f6fdd3305a7a9e70d91d6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:15:01 GMT content-security-policy frame-ancestors 'self' x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type image/jpeg cache-control private, max-age=30 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32626 x-xss-protection 1; mode=block expires Mon, 27 Feb 2023 13:15:01 GMT
GET H2	200	css fonts.googleapis.com/ Frame E729	3 KB 548 B	73ms 73ms	Stylesheet text/css	2a00:1450:400d:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/frontend-prod/common/7e16c022/en_US.main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4b3d5b1db4356aae7e5116c691fb90da522c78ef8bff00e410e4cff222467250 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://storage.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Feb 2023 13:15:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Feb 2023 13:15:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Feb 2023 13:15:01 GMT
POST H3	200	graphql-public Show response koi-3qngd64pi2.marketingautomation.services/ Frame E729	16 KB 16 KB	186ms 186ms	Fetch application/json	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/graphql-public Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software / Resource Hash ceab624ef9baab7850062c9a6929b3bdcfe87e027bc39245384292a04b2ce666 Request headers accept */* Referer https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 content-type application/json Response headers date Mon, 27 Feb 2023 13:15:01 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin https://koi-3qngd64pi2.marketingautomation.services x-kube-pod api-769fc6df66-b9lh4 content-length 16217 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H3	200	graphql-public Show response koi-3qngd64pi2.marketingautomation.services/ Frame E729	30 B 45 B	222ms 221ms	Fetch application/json	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/graphql-public Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software / Resource Hash 12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303 Request headers accept */* Referer https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 content-type application/json Response headers date Mon, 27 Feb 2023 13:15:01 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin https://koi-3qngd64pi2.marketingautomation.services x-kube-pod api-769fc6df66-lljzk content-length 30 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H3	200	graphql-public Show response koi-3qngd64pi2.marketingautomation.services/ Frame E729	16 KB 16 KB	188ms 188ms	Fetch application/json	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/graphql-public Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software / Resource Hash ceab624ef9baab7850062c9a6929b3bdcfe87e027bc39245384292a04b2ce666 Request headers accept */* Referer https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 content-type application/json Response headers date Mon, 27 Feb 2023 13:15:02 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin https://koi-3qngd64pi2.marketingautomation.services x-kube-pod api-769fc6df66-lljzk content-length 16217 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H3	200	graphql-public Show response koi-3qngd64pi2.marketingautomation.services/ Frame E729	30 B 45 B	161ms 160ms	Fetch application/json	107.178.240.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://koi-3qngd64pi2.marketingautomation.services/graphql-public Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js Protocol H3 Security QUIC, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software / Resource Hash 12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303 Request headers accept */* Referer https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 content-type application/json Response headers date Mon, 27 Feb 2023 13:15:02 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin https://koi-3qngd64pi2.marketingautomation.services x-kube-pod api-769fc6df66-bm87b content-length 30 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/ Frame E729	23 KB 23 KB	52ms 50ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://koi-3qngd64pi2.marketingautomation.services accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 01:03:59 GMT x-content-type-options nosniff age 389462 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 01:03:59 GMT
GET DATA	200 OK	truncated / Frame E729	92 KB 92 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e0e8d88f037e62776e9355c3264513f9dd9136a0c05a60a6f8b10df944166882 Request headers Referer Origin https://koi-3qngd64pi2.marketingautomation.services accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type font/woff
GET H3	200	refresh_2x.png www.gstatic.com/recaptcha/api2/ Frame EEEB	600 B 624 B	50ms 49ms	Image image/png	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/refresh_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 10:11:03 GMT x-content-type-options nosniff age 270241 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 600 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 03 Mar 2023 10:11:03 GMT
GET H3	200	audio_2x.png www.gstatic.com/recaptcha/api2/ Frame EEEB	530 B 554 B	51ms 50ms	Image image/png	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/audio_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 01:00:41 GMT x-content-type-options nosniff age 389663 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 530 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 02 Mar 2023 01:00:41 GMT
GET H3	200	info_2x.png www.gstatic.com/recaptcha/api2/ Frame EEEB	665 B 689 B	51ms 50ms	Image image/png	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/info_2x.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 22 Feb 2023 01:23:22 GMT x-content-type-options nosniff age 474702 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 665 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Wed, 01 Mar 2023 01:23:22 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame EEEB	15 KB 15 KB	50ms 49ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 20:22:37 GMT x-content-type-options nosniff age 319947 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 20:22:37 GMT
GET H3	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame EEEB	15 KB 15 KB	71ms 71ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:20:14 GMT x-content-type-options nosniff age 446090 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15340 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 22 Feb 2024 09:20:14 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame EEEB	15 KB 15 KB	52ms 52ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 08:57:56 GMT x-content-type-options nosniff age 361028 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 08:57:56 GMT
GET H2	204	/ livecusurvey.com/wp-json/pum/v1/analytics/	0 381 B	295ms 294ms	Image text/plain	104.199.119.123 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://livecusurvey.com/wp-json/pum/v1/analytics/?event=open&pid=23356&_cache=1677503704498 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 123.119.199.104.bc.googleusercontent.com Software nginx / WP Engine Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 13:15:04 GMT x-cache-group normal x-content-type-options nosniff x-cacheable SHORT server nginx x-powered-by WP Engine vary Accept-Encoding,Cookie x-cache MISS access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control max-age=600, must-revalidate x-robots-tag noindex link <https://livecusurvey.com/wp-json/>; rel="https://api.w.org/" access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type