URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=...
Submission: On February 27 via api from US — Scanned from DE

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 115 HTTP transactions. The main IP is 104.199.119.123, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is livecusurvey.com.
TLS certificate: Issued by R3 on January 3rd 2023. Valid for: 3 months.
This is the only time livecusurvey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 104.199.119.123 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 26 107.178.240.224 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.75 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 151.101.66.217 54113 (FASTLY)
6 10 54.72.205.52 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 37.252.173.215 29990 (ASN-APPNEX)
1 104.244.42.67 13414 (TWITTER)
1 2 3.126.56.137 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 142.251.39.2 15169 (GOOGLE)
1 108.138.17.98 16509 (AMAZON-02)
2 18.66.147.3 16509 (AMAZON-02)
1 54.145.101.148 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
115 23
Apex Domain
Subdomains
Transfer
40 livecusurvey.com
livecusurvey.com
3 MB
26 marketingautomation.services
koi-3qngd64pi2.marketingautomation.services
app-3qngd64pi2.marketingautomation.services
329 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
669 KB
10 prfct.co
pixel-geo.prfct.co — Cisco Umbrella Rank: 15474
4 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
storage.googleapis.com — Cisco Umbrella Rank: 398
1 MB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
81 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 377
4 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
1 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2223
202 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1917
api-iam.intercom.io — Cisco Umbrella Rank: 2383
6 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
491 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 lfeeder.com
sc.lfeeder.com — Cisco Umbrella Rank: 13538
tr.lfeeder.com — Cisco Umbrella Rank: 20776
11 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
239 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 422
273 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 628
396 B
1 perfectaudience.com
tag.perfectaudience.com — Cisco Umbrella Rank: 17112
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
48 KB
115 18
Domain Requested by
40 livecusurvey.com livecusurvey.com
16 app-3qngd64pi2.marketingautomation.services 1 redirects koi-3qngd64pi2.marketingautomation.services
app-3qngd64pi2.marketingautomation.services
10 pixel-geo.prfct.co 6 redirects livecusurvey.com
10 koi-3qngd64pi2.marketingautomation.services livecusurvey.com
koi-3qngd64pi2.marketingautomation.services
storage.googleapis.com
8 www.gstatic.com www.google.com
www.gstatic.com
8 fonts.gstatic.com fonts.googleapis.com
6 www.google.com app-3qngd64pi2.marketingautomation.services
www.gstatic.com
www.google.com
4 storage.googleapis.com koi-3qngd64pi2.marketingautomation.services
4 secure.adnxs.com 3 redirects livecusurvey.com
4 fonts.googleapis.com livecusurvey.com
storage.googleapis.com
2 js.intercomcdn.com widget.intercom.io
2 cm.g.doubleclick.net 2 redirects
2 ups.analytics.yahoo.com 1 redirects livecusurvey.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io livecusurvey.com
1 pixel.rubiconproject.com livecusurvey.com
1 us-u.openx.net livecusurvey.com
1 analytics.twitter.com livecusurvey.com
1 stats.g.doubleclick.net www.google-analytics.com
1 tag.perfectaudience.com koi-3qngd64pi2.marketingautomation.services
1 tr.lfeeder.com livecusurvey.com
1 sc.lfeeder.com livecusurvey.com
1 www.googletagmanager.com livecusurvey.com
115 24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
login.livecusurvey.com
Subject Issuer Validity Valid
livecusurvey.com
R3
2023-01-03 -
2023-04-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.marketingautomation.services
GlobalSign RSA OV SSL CA 2018
2022-06-03 -
2023-07-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.lfeeder.com
Amazon
2022-07-09 -
2023-08-07
a year crt.sh
www.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.perfectaudience.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-10-09 -
2023-11-10
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.prfct.co
GlobalSign RSA OV SSL CA 2018
2022-10-28 -
2023-11-29
a year crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M02
2023-02-14 -
2024-03-14
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01
2023-02-21 -
2024-01-29
a year crt.sh
storage.googleapis.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh

This page contains 6 frames:

Primary Page: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Frame ID: 90FC0159421A36C44D16AD414AA51FBF
Requests: 68 HTTP requests in this frame

Frame: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Frame ID: D6AB54BC1B0C2B25BB7FB2AC62AEB7E4
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58
Frame ID: F7FDCE10D24D00F895D7DEC37999F32F
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
Frame ID: EEEBE043A3C9986631DB4A134B317306
Requests: 11 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.feb17e6c.js
Frame ID: 58BD61A4A7992D16BC3FE79358E546A9
Requests: 3 HTTP requests in this frame

Frame: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
Frame ID: E72924C276AA3256B2E901424F8DB54F
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

The Credit Union Member Experience Survey Platform - LiveSurvey

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]
  • /revslider/[/\w-]+/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

115
Requests

93 %
HTTPS

39 %
IPv6

18
Domains

24
Subdomains

23
IPs

4
Countries

5938 kB
Transfer

12618 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://app-3qngd64pi2.marketingautomation.services/prospector/form/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww HTTP 302
  • https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Request Chain 67
  • https://pixel-geo.prfct.co/tagjs?a_id=120430&source=js_tag HTTP 302
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag
Request Chain 72
  • https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202302%7C63fcacd30d9d6437a435514c%26pid%3Dpa_CmVMxzkZ41vUH6fmt HTTP 302
  • https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt
Request Chain 73
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt
Request Chain 74
  • https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true
Request Chain 75
  • https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt
Request Chain 76
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt
Request Chain 77
  • https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ&google_tc= HTTP 302
  • https://pixel-geo.prfct.co/cb?partnerId=goo
Request Chain 79
  • https://secure.adnxs.com/seg?t=2&add=23478535 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535

115 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
livecusurvey.com/
144 KB
27 KB
Document
General
Full URL
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
6da937314be25a21b68defa3ccbf0fe5b2e0488e4a881133f770bd7ba9eda153

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 13:14:58 GMT
link
<https://livecusurvey.com/wp-json/>; rel="https://api.w.org/" <https://livecusurvey.com/wp-json/wp/v2/pages/41>; rel="alternate"; type="application/json" <https://livecusurvey.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 3
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
style.min.css
livecusurvey.com/wp-includes/css/dist/block-library/
93 KB
13 KB
Stylesheet
General
Full URL
https://livecusurvey.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 17:19:47 GMT
server
nginx
etag
W/"637bb333-172a9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
classic-themes.min.css
livecusurvey.com/wp-includes/css/
217 B
366 B
Stylesheet
General
Full URL
https://livecusurvey.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 17:19:47 GMT
server
nginx
etag
W/"637bb333-d9"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
rs6.css
livecusurvey.com/wp-content/plugins/revslider/public/assets/css/
57 KB
13 KB
Stylesheet
General
Full URL
https://livecusurvey.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
933516be9efec38ebef7bbdd6a5652b3db83132c7475cf1c3d54fb60d2e69f2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Sun, 13 Dec 2020 12:11:10 GMT
server
nginx
etag
W/"5fd604de-e2d4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/
8 KB
826 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44ca3c927d8c2fea44e2732cb6e1621b1d5314d2ac1ff6c19cc2a0e94dd1a466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 13:06:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 13:14:58 GMT
pum-site.min.css
livecusurvey.com/wp-content/plugins/popup-maker/assets/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://livecusurvey.com/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.18.0
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
00c79f73596b16ec7ca8129b4764e00b28a6d63c2750998adacd4570b176a232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 10 Feb 2023 14:29:32 GMT
server
nginx
etag
W/"63e654cc-1d1e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/
2 KB
937 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57816f53bd297e04d4a9a30d1571068bef957813fa5d5837c7438fb7bca05e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 12:48:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 13:14:58 GMT
style.min.css
livecusurvey.com/wp-content/themes/Zephyr/css/
241 KB
45 KB
Stylesheet
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/css/style.min.css?ver=5.4.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b24350de2c0eae68926a92eeeea3252e410dcf6da3728f6d833606579bf05792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
W/"5cf0815d-3c253"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
responsive.min.css
livecusurvey.com/wp-content/themes/Zephyr/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/css/responsive.min.css?ver=5.4.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dea79c69319ee16958528ec501ed43f83223fcd2a22760b506a6df2dea506be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
W/"5cf0815d-52a0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
livecusurvey.com/wp-content/themes/Zephyr-child/
185 B
343 B
Stylesheet
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr-child/style.css?ver=5.4.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c17e6a794d3bb4417d49c44dc57db7ef141c40e2b4813a96ce265953628e9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
W/"5cf0815d-b9"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
Defaults.css
livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/
27 KB
5 KB
Stylesheet
General
Full URL
https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:28 GMT
server
nginx
etag
W/"5cf0815c-6bf7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ultimate.min.css
livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/
439 KB
49 KB
Stylesheet
General
Full URL
https://livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.25
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
09fd6f05443bb5e53e466b7f19009752271b45fb1d9c40aa900459026a09ba79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:32 GMT
server
nginx
etag
W/"5cf08160-6dcb7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
livecusurvey.com/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://livecusurvey.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 17:19:47 GMT
server
nginx
etag
W/"637bb333-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
rbtools.min.js
livecusurvey.com/wp-content/plugins/revslider/public/assets/js/
118 KB
47 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.0
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e59273841201a5c259d7e3830fcca70cf197f97777bdd466c51726b9f7e9c19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Sun, 13 Dec 2020 12:11:10 GMT
server
nginx
etag
W/"5fd604de-1d959"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
rs6.min.js
livecusurvey.com/wp-content/plugins/revslider/public/assets/js/
284 KB
73 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
aaa80de38d05ad615adc4442383ab2ce0c59a1297529da4d323c3508a88a5f35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Sun, 13 Dec 2020 12:11:10 GMT
server
nginx
etag
W/"5fd604de-46f4b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
core.min.js
livecusurvey.com/wp-includes/js/jquery/ui/
21 KB
7 KB
Script
General
Full URL
https://livecusurvey.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Mon, 21 Nov 2022 17:19:47 GMT
server
nginx
etag
W/"637bb333-53c0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
ultimate.min.js
livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/
253 KB
58 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.16.25
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ecbb653b2009cb651efad253e604aae188b622ffe9f8a9abd81118d2efa7d007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:32 GMT
server
nginx
etag
W/"5cf08160-3f5a5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-emoji-release.min.js
livecusurvey.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://livecusurvey.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
nginx
etag
W/"62551487-48b9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
form.js
koi-3qngd64pi2.marketingautomation.services/client/
3 KB
2 KB
Script
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/client/form.js?ver=2.0.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:58 GMT
server
openresty
etag
W/"63f90a1e-a49"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:58 GMT
css
fonts.googleapis.com/
24 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&ver=6.0.2
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 11:43:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 13:14:58 GMT
gtm4wp-form-move-tracker.js
livecusurvey.com/wp-content/plugins/duracelltomi-google-tag-manager/js/
1 KB
604 B
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f2c809f77b19df64ec8270272ac29ce3d84d242a663e589825a9e4f57b8a5461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 13:37:04 GMT
server
nginx
etag
W/"63763900-5fa"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
us.core.min.js
livecusurvey.com/wp-content/themes/Zephyr/js/
137 KB
34 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/js/us.core.min.js?ver=5.4.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b481d065fdb7959a361b75bc25f8f53b0c17248ac3e53c887bd98ca6cb1ff811

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
W/"5cf0815d-225e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
site.min.js
livecusurvey.com/wp-content/plugins/popup-maker/assets/js/
68 KB
18 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.18.0
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8c09f40aa9ac3105f86ea363d58ad2a81f5d5741b810786a1a6291e7dd9d43ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 10 Feb 2023 14:29:32 GMT
server
nginx
etag
W/"63e654cc-11021"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
mobile-detect.min.js
livecusurvey.com/wp-content/plugins/popup-maker/assets/js/vendor/
38 KB
16 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Fri, 10 Feb 2023 14:29:32 GMT
server
nginx
etag
W/"63e654cc-981e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
pixel-cat.min.js
livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/
13 KB
3 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/pixel-cat.min.js?ver=2.6.8
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
691ad184665a01498912564332853d2358739673b393bc210004d1650253428d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 14:34:45 GMT
server
nginx
etag
W/"63988d85-351a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
video.js
livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/
10 KB
3 KB
Script
General
Full URL
https://livecusurvey.com/wp-content/plugins/facebook-conversion-pixel/video.js?ver=6.1.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
28597da51e1855a4fb7975ab59171ddea301c5af014710169a030482ea4b5d52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 14:34:45 GMT
server
nginx
etag
W/"63988d85-289b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/
123 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8QKPLG
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9cce1a141278768a45b1a8f35cfbd242afbd251efe1756f416e31915fc1ac88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49061
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Feb 2023 13:14:59 GMT
ss.js
koi-3qngd64pi2.marketingautomation.services/client/
12 KB
5 KB
Script
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:58 GMT
server
openresty
etag
W/"63f90a1e-2fe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Mar 2023 13:14:58 GMT
fa-solid-900.woff2
livecusurvey.com/wp-content/themes/Zephyr/fonts/
73 KB
73 KB
Font
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/fonts/fa-solid-900.woff2
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
"5cf0815d-1226c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
74348
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options
nosniff
age
345663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:13:56 GMT
fa-brands-400.woff2
livecusurvey.com/wp-content/themes/Zephyr/fonts/
70 KB
71 KB
Font
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/fonts/fa-brands-400.woff2
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
"5cf0815d-119b0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
72112
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 12:23:05 GMT
x-content-type-options
nosniff
age
348714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 12:23:05 GMT
lftracker_v1_Xbp1oaEw5Db7EdVj.js
sc.lfeeder.com/
31 KB
11 KB
Script
General
Full URL
https://sc.lfeeder.com/lftracker_v1_Xbp1oaEw5Db7EdVj.js
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:dc00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c28f1e3b4878242b98d4a383fefcbd0cac9e9486fce02f5f73caedc6e8d692e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
75AWQNeUaIvfHDFsUSjnpXEyINI0lNpD
content-encoding
gzip
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 13:15:00 GMT
last-modified
Mon, 27 Feb 2023 07:01:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"47e850f7ec20912fa02c65616f53afc4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
3Uq5bBvyc6D8MJqivBXYRR17_LF4up4V1Ea8YeQBHKQWhG5-yOdB8g==
LiveSurvey-Home.jpg
livecusurvey.com/wp-content/uploads/2019/05/
782 KB
783 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2019/05/LiveSurvey-Home.jpg
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1dab9c7ad0b4287a77aeea6fd30bff359b9adfa5ba5514c46495c48ee43b3208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
last-modified
Fri, 31 May 2019 01:20:28 GMT
server
nginx
etag
"5cf0815c-c3851"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
800849
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C700%2C400%2C400italic&subset=latin&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 13:40:31 GMT
x-content-type-options
nosniff
age
344068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:40:31 GMT
dashboard-imac-macbook-2.png
livecusurvey.com/wp-content/uploads/2016/02/
1 MB
1 MB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2016/02/dashboard-imac-macbook-2.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a237b244d08e962e53ec115729cd53289525bd0b07db78544c85340ae60b263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:58 GMT
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
"5cf0815d-12974d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1218381
BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw
app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/ Frame D6AB
Redirect Chain
  • https://app-3qngd64pi2.marketingautomation.services/prospector/form/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
  • https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
39 KB
39 KB
Document
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/client/form.js?ver=2.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
nginx/1.23.2 /
Resource Hash
80648219fd9b3c98e9fb470ffae56d55070727d13f4e528e59e34f65baca7245

Request headers

Referer
https://livecusurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-length
39959
content-type
text/html
date
Mon, 27 Feb 2023 13:14:59 GMT
etag
"135bdbbdea24818592242e3e1a791ba0"
expires
Tue, 27 Feb 2024 13:14:59 GMT
last-modified
Wed, 29 Dec 2021 20:26:52 GMT
server
nginx/1.23.2
via
1.1 google
x-goog-generation
1640809612149696
x-goog-hash
crc32c=0yJZ8Q== md5=E1vbveokgYWSJC4+GnkboA==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
39959
x-guploader-uploadid
ADPycdvwnGITyEZMJndEX_pn65CR3rvsedOwtzc62IUC_uRROV8_1w0QN-Xa6HOyMJqd60kvpa8eAmxuNcQjwSyjIBFhSg

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 13:14:59 GMT
location
https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
pod-hostname
koi-5bf689d87c-cfrdp
server
openresty
via
1.1 google
x-clacks-overhead
GNU Terry Pratchett
x-xss-protection
1; mode=block
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&ver=6.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 14:10:00 GMT
x-content-type-options
nosniff
age
342299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 14:10:00 GMT
material-icons.woff2
livecusurvey.com/wp-content/themes/Zephyr/fonts/
48 KB
48 KB
Font
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/fonts/material-icons.woff2
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4ffcb784731a65dabd45daaa3efea8f831943811cbc51c510180fff417d49811

Request headers

Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
"5cf0815d-bf84"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
49028
Defaults.woff
livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/
141 KB
141 KB
Font
General
Full URL
https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.woff?rfa9z8
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
edb8324c433c41250990c592405c9ed264ed1eab169687a8cc5d69f77585f38d

Request headers

Referer
https://livecusurvey.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=6.1.1
Origin
https://livecusurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Fri, 31 May 2019 01:20:28 GMT
server
nginx
etag
"5cf0815c-23368"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
144232
magnific-popup.js
livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/
20 KB
8 KB
XHR
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/magnific-popup.js
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4123a0b824634537d4a2a4bb289aadb7c98752c6c2af82ea3d9f0d109cc2272d

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
W/"5cf0815d-4efc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
form-nexus.png
livecusurvey.com/wp-content/uploads/2016/02/
105 KB
105 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2016/02/form-nexus.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0711c9e8ef6cc0ddff57b434929090e9e44ba786ece8bc69da944b46d02ff579

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
"5cf0815d-1a298"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
107160
owl.carousel.js
livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/
43 KB
12 KB
XHR
General
Full URL
https://livecusurvey.com/wp-content/themes/Zephyr/framework/js/vendor/owl.carousel.js
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
br
last-modified
Fri, 31 May 2019 01:20:29 GMT
server
nginx
etag
W/"5cf0815d-ad3c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
koi
koi-3qngd64pi2.marketingautomation.services/
660 B
488 B
Script
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/koi?rf=&hn=livecusurvey.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1677503699045&ac=KOI-42CKEWHK5K&ts=1677503699&pt=0&pl=0&loc=https%3A%2F%2Flivecusurvey.com%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DszAwM7c0NzG2sDS3AAA%26sseid%3DMzI1MjcwNLQwMQIA%26jobid%3Df0c1cbde-57b5-42a8-91b3-6b1be5c8f795&tp=page&ti=The%20Credit%20Union%20Member%20Experience%20Survey%20Platform%20-%20LiveSurvey
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
7457432b9163f08039bd9d9ab92f789aaf8e4653b6037b546df3fa86eb8d1f40
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
last-modified
Mon, 27 Feb 2023 13:14:59 GMT
server
openresty
via
1.1 google
vary
Accept-Encoding
p3p
CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname
koi-5bf689d87c-wdvbr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8QKPLG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 13:12:19 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
160
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 27 Feb 2023 15:12:19 GMT
/
tr.lfeeder.com/
43 B
292 B
Image
General
Full URL
https://tr.lfeeder.com/?sid=Xbp1oaEw5Db7EdVj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MC4xIn0sInBhZ2VVcmwiOiJodHRwczovL2xpdmVjdXN1cnZleS5jb20vP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1zaGFycHNwcmluZyZzc2xpZD1zekF3TTdjME56RzJzRFMzQUFBJnNzZWlkPU16STFNamN3TkxRd01RSUEmam9iaWQ9ZjBjMWNiZGUtNTdiNS00MmE4LTkxYjMtNmIxYmU1YzhmNzk1IiwicGFnZVRpdGxlIjoiVGhlIENyZWRpdCBVbmlvbiBNZW1iZXIgRXhwZXJpZW5jZSBTdXJ2ZXkgUGxhdGZvcm0gLSBMaXZlU3VydmV5IiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIwODZkNGM4ZDBlNzc3OTIzIiwic2NyaXB0SWQiOiJYYnAxb2FFdzVEYjdFZFZqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5jMjQ0NzQzM2ZkNTUyZTRkLjE2Nzc1MDM2OTkyNjQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-75.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
MFHdtokCojxa-w9I40bS4EV3MX2gDCW--zjcm7O9sqZl1tlAmNAarw==
formbasics.css
app-3qngd64pi2.marketingautomation.services/includes/css/ Frame D6AB
7 KB
2 KB
Stylesheet
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/css/formbasics.css
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:02:51 GMT
server
openresty
etag
W/"63f909db-1c3d"
vary
Accept-Encoding
content-type
text/css
pod-hostname
app-7675df558c-nrjdq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jquery-ui.min.css
app-3qngd64pi2.marketingautomation.services/includes/css/jquery/ Frame D6AB
31 KB
9 KB
Stylesheet
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/css/jquery/jquery-ui.min.css
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:00:36 GMT
server
openresty
etag
W/"63f90954-7d0a"
vary
Accept-Encoding
content-type
text/css
pod-hostname
app-7675df558c-vsqqd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
base.css
app-3qngd64pi2.marketingautomation.services/includes/css/jquery/datepicker/ Frame D6AB
4 KB
1 KB
Stylesheet
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/css/jquery/datepicker/base.css
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:00:36 GMT
server
openresty
etag
W/"63f90954-f70"
vary
Accept-Encoding
content-type
text/css
pod-hostname
app-7675df558c-7mh2t
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
datetimepicker.css
app-3qngd64pi2.marketingautomation.services/includes/css/ Frame D6AB
9 KB
3 KB
Stylesheet
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/css/datetimepicker.css
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:02:51 GMT
server
openresty
etag
W/"63f909db-237e"
vary
Accept-Encoding
content-type
text/css
pod-hostname
app-7675df558c-vsqqd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jquery-1.7.2.min.js
app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB
92 KB
38 KB
Script
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:52 GMT
server
openresty
etag
W/"63f90a18-16fa7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:59 GMT
jquery.validate.min.js
app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB
24 KB
9 KB
Script
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery.validate.min.js?ver=5.75-35
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:56 GMT
server
openresty
etag
W/"63f90a1c-5e52"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:59 GMT
additional-methods.min.js
app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB
17 KB
5 KB
Script
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/core/additional-methods.min.js?ver=5.75-35
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:45 GMT
server
openresty
etag
W/"63f90a11-4230"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:59 GMT
jquery.form.js
app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB
13 KB
5 KB
Script
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery.form.js?ver=5.75-35
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:52 GMT
server
openresty
etag
W/"63f90a18-3248"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:59 GMT
jquery-ui.min.js
app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/ Frame D6AB
248 KB
82 KB
Script
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/jquery-ui.min.js?ver=5.75-35
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:00:37 GMT
server
openresty
etag
W/"63f90955-3dee5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:59 GMT
datetimepicker.js
app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB
37 KB
13 KB
Script
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/core/datetimepicker.js?ver=5.75-35
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:50 GMT
server
openresty
etag
W/"63f90a16-94d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:59 GMT
jquery.placeholder.js
app-3qngd64pi2.marketingautomation.services/includes/js/core/ Frame D6AB
2 KB
867 B
Script
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery.placeholder.js?ver=5.75-35
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:53 GMT
server
openresty
etag
W/"63f90a19-7e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:14:59 GMT
api.js
www.google.com/recaptcha/ Frame D6AB
850 B
874 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:14:59 GMT
CU-of-rockies-logo.png
livecusurvey.com/wp-content/uploads/2020/10/
21 KB
22 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/CU-of-rockies-logo.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff0bea54acd2b8d1f87f68be0caf302b025aad0cc80e0edd158a372f30460bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:54 GMT
server
nginx
etag
"5f8f3e36-5551"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21841
Alliance-Catholic-logo.png
livecusurvey.com/wp-content/uploads/2020/10/
8 KB
8 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/Alliance-Catholic-logo.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
248138c53bb9ad726bbbbf57c99ff9db58fb41e22d38fee25f72f33a8acb4550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:50 GMT
server
nginx
etag
"5f8f3e32-1fc3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8131
Calcom-logo-1024x220.png
livecusurvey.com/wp-content/uploads/2020/10/
31 KB
31 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/Calcom-logo-1024x220.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6d99aa9343abfa4c05392d9c701602ab4e1380636449e1f31eeb45202ce15cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:51 GMT
server
nginx
etag
"5f8f3e33-7b9d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
31645
CU-benefits-alliance-logo.png
livecusurvey.com/wp-content/uploads/2020/10/
45 KB
45 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/CU-benefits-alliance-logo.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
73f08eba3ff8c10c27438693bf9a70841a02d93aa586233cbaf6750d647bfb82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:53 GMT
server
nginx
etag
"5f8f3e35-b2cb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
45771
Northern-hills-logo.png
livecusurvey.com/wp-content/uploads/2020/10/
48 KB
48 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/Northern-hills-logo.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a21a0a8bbed971496d6c3065f21c9b99a5e67e6127f374583da1b0ec05546765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:40 GMT
server
nginx
etag
"5f8f3e28-c043"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
49219
Tucoemas-logo.png
livecusurvey.com/wp-content/uploads/2020/10/
8 KB
8 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/Tucoemas-logo.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e0c316b560a99d47e0ee5915f36ac050ebef8ab6182ff67cfa8491fcfbc21e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:45 GMT
server
nginx
etag
"5f8f3e2d-1f07"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7943
Parsons-logo.png
livecusurvey.com/wp-content/uploads/2020/10/
33 KB
33 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/Parsons-logo.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
168d0b801d6ec50c3cf6ab6e453add1d964b3164a22c7a92d05228431940367e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:40 GMT
server
nginx
etag
"5f8f3e28-846a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
33898
Nikkei-logo-1024x597.png
livecusurvey.com/wp-content/uploads/2020/10/
82 KB
82 KB
Image
General
Full URL
https://livecusurvey.com/wp-content/uploads/2020/10/Nikkei-logo-1024x597.png
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4c6c296770c36226db63a4c7c38d8f02812670ed000abb992e6f722c14b56e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
last-modified
Tue, 20 Oct 2020 19:44:39 GMT
server
nginx
etag
"5f8f3e27-14658"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
83544
5f46d823d13faf170d000430.js
tag.perfectaudience.com/serve/
12 KB
4 KB
Script
General
Full URL
https://tag.perfectaudience.com/serve/5f46d823d13faf170d000430.js
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2eeec1a53ad4aa2ae2385af32754a057c2d9073c402eefba5d25e1e04ba1a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220026-HHN
date
Mon, 27 Feb 2023 13:14:59 GMT
via
1.1 vegur, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
server
Cowboy
age
125
x-timer
S1677503699.497626,VS0,VE1
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
3956
x-cache-hits
1
freeemailproviderlist.json
app-3qngd64pi2.marketingautomation.services/includes/js/app/ Frame D6AB
75 KB
21 KB
Fetch
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/includes/js/app/freeemailproviderlist.json
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/forms-proxy/MzawMDE3NLAwBwA/BcFJAQAwCAMwRX1wDdADxb-EJWGu3ZKYGcL3CWqtcFxNVroFPw?instance=vj16ww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:00:36 GMT
server
openresty
etag
W/"63f90954-12aa5"
vary
Accept-Encoding
content-type
application/json
pod-hostname
app-7675df558c-vsqqd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tagjs
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/tagjs?a_id=120430&source=js_tag
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag
125 B
454 B
Script
General
Full URL
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
HTTP/1.1
Server
54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-205-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
60bfbd3aca5d6f46af4c08025dab146fccc7d2c82562ec6b2235cdd8b00d01e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
125
Content-Type
text/javascript

Redirect headers

Location
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=120430&source=js_tag
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame D6AB
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app-3qngd64pi2.marketingautomation.services
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 08:17:30 GMT
53429917-ccce-4d61-8d38-fed27e87435e
app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/ Frame D6AB
5 KB
1 KB
XHR
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/53429917-ccce-4d61-8d38-fed27e87435e?instance=vj16ww&rf__doc=https%3A%2F%2Flivecusurvey.com%2F
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
4c0432153c7216a0bb2cd676fbfd088b6aeb9d3947c3d518a441c35f8afd96ab
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
via
1.1 google
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
pod-hostname
koi-5bf689d87c-pbgkq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/
4 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=525282582&t=pageview&_s=1&dl=https%3A%2F%2Flivecusurvey.com%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DszAwM7c0NzG2sDS3AAA%26sseid%3DMzI1MjcwNLQwMQIA%26jobid%3Df0c1cbde-57b5-42a8-91b3-6b1be5c8f795&ul=en-us&de=UTF-8&dt=The%20Credit%20Union%20Member%20Experience%20Survey%20Platform%20-%20LiveSurvey&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1302456341&gjid=1260208691&cid=1191598394.1677503700&tid=UA-74859478-1&_gid=1386785158.1677503700&_r=1&_slc=1&gtm=45He32m0n81W8QKPLG&z=1429733737
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://livecusurvey.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 13:14:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://livecusurvey.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
347 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-74859478-1&cid=1191598394.1677503700&jid=1302456341&gjid=1260208691&_gid=1386785158.1677503700&_u=YEBAAEAAAAAAACAAI~&z=1888053484
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://livecusurvey.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 27 Feb 2023 13:14:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://livecusurvey.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pixel-geo.prfct.co/usermap/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202302%7C63fcacd30d9d6437a435514c%26pid%3Dpa_CmVMxzkZ41vUH6fmt
  • https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt
43 B
256 B
Image
General
Full URL
https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
HTTP/1.1
Server
54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-205-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 27 Feb 2023 13:14:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e7013232-fb6b-4618-a6ea-8427d771fbe1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel-geo.prfct.co/usermap/?xid=2354708260401429110&sid=202302|63fcacd30d9d6437a435514c&pid=pa_CmVMxzkZ41vUH6fmt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsct
analytics.twitter.com/i/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt
43 B
396 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
105
date
Mon, 27 Feb 2023 13:14:59 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9773a6bbfaf0d64b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
881849f1223452455f0302c9c28e261a587f68073173d4c418c7743879293917
content-length
43

Redirect headers

Location
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_CmVMxzkZ41vUH6fmt
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=yah
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:14:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_CmVMxzkZ41vUH6fmt&_origin=1&verify=true
date
Mon, 27 Feb 2023 13:14:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=opx
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt
43 B
273 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 13:14:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_CmVMxzkZ41vUH6fmt
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_CmVMxzkZ41vUH6fmt
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cb
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=goo
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQ21WTXh6a1o0MXZVSDZmbXQ&google_tc=
  • https://pixel-geo.prfct.co/cb?partnerId=goo
43 B
365 B
Image
General
Full URL
https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
HTTP/1.1
Server
54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-205-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 13:15:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel-geo.prfct.co/cb?partnerId=goo
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pixel-geo.prfct.co/seg/
43 B
365 B
Image
General
Full URL
https://pixel-geo.prfct.co/seg/?add=23478535&source=js_tag&a_id=120430
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.205.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-205-52.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?t=2&add=23478535
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 13:14:59 GMT
AN-X-Request-Uuid
17f3d791-a728-44ab-8b9d-eb35d51aca0e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date
Mon, 27 Feb 2023 13:14:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d625d2a6-b588-47fb-8520-cf34665c5d9d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23478535
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame F7FD
43 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
348c9a988159748af9b0bb20bdc700ed67ca6afc2fba8af29401d9ce333d5b92
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YvUozoBPQ2wlXbt1uYM7ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23233
content-security-policy
script-src 'report-sample' 'nonce-YvUozoBPQ2wlXbt1uYM7ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 13:15:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F7FD
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 09:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 09:55:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame F7FD
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 08:17:30 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame F7FD
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT&co=aHR0cHM6Ly9hcHAtM3FuZ2Q2NHBpMi5tYXJrZXRpbmdhdXRvbWF0aW9uLnNlcnZpY2VzOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&badge=inline&cb=j6i4a0yv7f58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:15:00 GMT
53429917-ccce-4d61-8d38-fed27e87435e
app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/ Frame D6AB
5 KB
1 KB
XHR
General
Full URL
https://app-3qngd64pi2.marketingautomation.services/prospector/getFormData/MzawMDE3NLAwBwA/53429917-ccce-4d61-8d38-fed27e87435e?instance=vj16ww&rf__doc=https%3A%2F%2Flivecusurvey.com%2F
Requested by
Host: app-3qngd64pi2.marketingautomation.services
URL: https://app-3qngd64pi2.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
4c0432153c7216a0bb2cd676fbfd088b6aeb9d3947c3d518a441c35f8afd96ab
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:15:00 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
via
1.1 google
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
pod-hostname
koi-5bf689d87c-njndw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
lo85pn32
widget.intercom.io/widget/
8 KB
4 KB
Script
General
Full URL
https://widget.intercom.io/widget/lo85pn32
Requested by
Host: livecusurvey.com
URL: https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-98.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecd52673e207772acc0e67d469cbc4cfd89f8b6214db8799b353e0f88548624a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
q8aGpMx1PwfFf9wa5qmBsBbcV6lfruam
content-encoding
gzip
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 13:10:30 GMT
x-amz-cf-pop
FRA56-P7
age
298
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3261
last-modified
Fri, 24 Feb 2023 14:04:38 GMT
server
AmazonS3
etag
"7c5a9582f5d74f00620f706ab667c54d"
vary
Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
8t-JSz57oxQlR9Z8TlCggdZ5Axoyovc26LIgjwBLoOqFQVJCcmKzFQ==
getChatbot
koi-3qngd64pi2.marketingautomation.services/
244 B
226 B
Script
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/getChatbot?rf=&hn=livecusurvey.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1677503699045&ac=KOI-42CKEWHK5K&ts=1677503701&pt=0&pl=0&loc=https%3A%2F%2Flivecusurvey.com%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DszAwM7c0NzG2sDS3AAA%26sseid%3DMzI1MjcwNLQwMQIA%26jobid%3Df0c1cbde-57b5-42a8-91b3-6b1be5c8f795&tk=202302%7C63fcacd30d9d6437a435514c
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
92aa9fb6a9dfe41d683a05e2ce2394ca5f4dda56bfccb5c89e78c57520a0b9d8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:15:00 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
via
1.1 google
server
openresty
vary
Accept-Encoding
content-type
application/javascript
pod-hostname
app-pubapi-86bc9886dd-s6czb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame EEEB
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87672b4e9c7575be50a314adabdcfbbb19c685b3408847889638044806f93fc8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sUwAW02g6PGzHNYj76Fonw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-sUwAW02g6PGzHNYj76Fonw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 13:15:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
frame-modern.feb17e6c.js
js.intercomcdn.com/ Frame 58BD
485 KB
129 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.feb17e6c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/lo85pn32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6e87f4f93a379f05269bddd3acd54a253a3e50a48efb9127d9cb94cf3970333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
AoJSJyxDmkc3X1wFovBkmaMYXOEssazP
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 13:08:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
392
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
131296
last-modified
Fri, 24 Feb 2023 14:02:17 GMT
server
AmazonS3
etag
"cd85ccf3dc368f2a6f1f9e4c25c1de45"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
XrV-QfNJ-0J1l4sYiX9yqXEQ9u4BueKGO__WSnI2F1f5QTow9pIJlw==
vendor-modern.ebc5d705.js
js.intercomcdn.com/ Frame 58BD
236 KB
73 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.ebc5d705.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/lo85pn32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c17b1a7e002c083947f21ffac64eb85fc76f5e94c2460fb64876f56f6a37fdd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
xqEwbF2CIUTKfV0UlRFPA7_.rjojaJ_c
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 12:06:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
4127
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74395
last-modified
Fri, 24 Feb 2023 14:02:17 GMT
server
AmazonS3
etag
"5d20e022d39aabb62bf802df0269ff81"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
8hrrhmPT7E3ISvz47J_q2uU4DZ7hun7pw9rtILuIsnN1z1TSkl1V3g==
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame EEEB
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 09:55:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 09:55:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame EEEB
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 08:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 08:17:30 GMT
publicChatbot
koi-3qngd64pi2.marketingautomation.services/ Frame E729
2 KB
870 B
Document
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
5e0569e3424af4aa952dedfe18ddd693bdba3fad3c6bb8fe52c7371cd41931a7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://livecusurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 13:15:00 GMT
pod-hostname
app-7675df558c-vsqqd
server
openresty
vary
Accept-Encoding
via
1.1 google
x-clacks-overhead
GNU Terry Pratchett
x-xss-protection
1; mode=block
ping
api-iam.intercom.io/messenger/web/ Frame 58BD
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.feb17e6c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.101.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-101-148.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9aada19a9155dfac40975d64d86a6d2d5e8886b4845deaacca1b2c610cb5df2b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Feb 2023 13:15:01 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0be81d9dffa4bc64a
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0004rbh0pmnrprqbk0ag
x-runtime
0.341048
server
nginx
etag
W/"9aada19a9155dfac40975d64d86a6d2d"
x-ratelimit-remaining
13332
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livecusurvey.com
x-intercom-version
088644527e94060d3eced7a99e3627a5fc12d805
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1677503710
x-ratelimit-limit
13333
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
polyfill.min.js
koi-3qngd64pi2.marketingautomation.services/includes/js/dist/ Frame E729
202 KB
58 KB
Script
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/includes/js/dist/polyfill.min.js?ver=d0348f920d-1
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
b9a6fca766ed9a201b3658950e9692b259d61f22b13e27b76cbc58d8fb5a4d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:15:00 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 24 Feb 2023 19:03:42 GMT
server
openresty
etag
W/"63f90a0e-32984"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Mar 2023 13:15:00 GMT
de.js
storage.googleapis.com/frontend-prod/i18next/master/ Frame E729
708 KB
158 KB
Script
General
Full URL
https://storage.googleapis.com/frontend-prod/i18next/master/de.js
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4462d8aa96e24d561ecea68e7b5eea32869c92505955a0efb7b4321386acbae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qngd64pi2.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:15:01 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsh0jAgXeIljXzIAEPTPbTu2Dd8A3ofNUrFMivM3q7Vxs1-91Pbubp9yDUPfQVirm4NcYmp5IxVzGUcKQlK1AURrz27GXnC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161564
last-modified
Tue, 03 Jan 2023 18:20:52 GMT
server
UploadServer
etag
"b8fe1d23477a77c2aa40528bcfef3a1a"
x-goog-generation
1672770052562566
x-goog-hash
crc32c=mRBuAQ==, md5=uP4dI0d6d8KqQFKLz+86Gg==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
161564
accept-ranges
bytes
expires
Tue, 27 Feb 2024 13:15:01 GMT
antd.css
storage.googleapis.com/frontend-prod/fireant/7f67539c/style/ Frame E729
439 KB
440 KB
Stylesheet
General
Full URL
https://storage.googleapis.com/frontend-prod/fireant/7f67539c/style/antd.css
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
934ecb719a9eb78212ebfa8985f42d4242769b9b650622a1d6e16184378d8eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qngd64pi2.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:11:39 GMT
x-goog-meta-goog-reserved-file-mtime
1640118138
age
201
x-guploader-uploadid
ADPycdtGwOdvOlFhGsB6JPYEtTlte2DDP_Eqvuhyj_NuvSRwk9HEI_24KSP-oYbnoQGMPzbuWNE8AnABiO6gfpDVijDqJGaQphbW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
449797
last-modified
Tue, 21 Dec 2021 20:50:54 GMT
server
UploadServer
etag
"79f1517ddc36a516ffbac1d4c1d47233"
x-goog-generation
1640119854776231
x-goog-hash
crc32c=Joc7bg==, md5=efFRfdw2pRb/usHUwdRyMw==
content-type
text/css
cache-control
public, max-age=3600
x-goog-stored-content-length
449797
accept-ranges
bytes
expires
Mon, 27 Feb 2023 14:11:39 GMT
en_US.main.css
storage.googleapis.com/frontend-prod/common/7e16c022/ Frame E729
122 KB
64 KB
Stylesheet
General
Full URL
https://storage.googleapis.com/frontend-prod/common/7e16c022/en_US.main.css
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2abc10b98bfce0b592d37587d5e8eb1d3c76c6b5e6d549171b1670fa6dab832f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qngd64pi2.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 12:26:45 GMT
content-encoding
gzip
age
2895
x-guploader-uploadid
ADPycdsed-m1WolWz0nM12m7kw-XGFNFRlHuEyvCH7D_NqAI4lGbWQFzoevKk6bN5EHLOD8YqcxdiQDLKPXvfJ9Qc6_AZKJd6pag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64483
last-modified
Tue, 21 Dec 2021 15:53:55 GMT
server
UploadServer
etag
"85e642aba7acca59008f68a454d27b57"
x-goog-generation
1640102035706343
x-goog-hash
crc32c=Z647nA==, md5=heZCq6esylkAj2ikVNJ7Vw==
content-type
text/css
cache-control
public, max-age=31536000,no-transform
x-goog-stored-content-length
64483
accept-ranges
bytes
expires
Tue, 27 Feb 2024 12:26:45 GMT
en_US.main.js
storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/ Frame E729
3 MB
641 KB
Script
General
Full URL
https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js
Requested by
Host: koi-3qngd64pi2.marketingautomation.services
URL: https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c871a837a5b4f74ae8eec2034164fac3e7e8eaf1d3e365770c6f6b7c294f4bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qngd64pi2.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 12:26:45 GMT
content-encoding
gzip
age
2895
x-guploader-uploadid
ADPycdskQXKU41qcNSqyjyE6xI0snQ-E0onaCjWXBpIWTrdANxyz7tOjq9VHM7rgKt6br-bv4x6kq9arQepH7xicBdlxUmuIwpEg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
656100
last-modified
Thu, 23 Feb 2023 15:57:17 GMT
server
UploadServer
etag
"adf99ce3641b7938b7e56651b9180c04"
x-goog-generation
1677167837855577
x-goog-hash
crc32c=rEDi2g==, md5=rfmc42QbeTi35WZRuRgMBA==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
656100
accept-ranges
bytes
expires
Tue, 27 Feb 2024 12:26:45 GMT
reload
www.google.com/recaptcha/api2/ Frame EEEB
40 KB
24 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d9ac6b477f704750e98d15c64f1bb3ad02bfd3bff81f0c9deb01fac8bc16dbdb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 27 Feb 2023 13:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24670
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:15:00 GMT
payload
www.google.com/recaptcha/api2/ Frame EEEB
32 KB
32 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFY_a8WNpGCTcvwwwElBfQ1_GTOW02n6V76-YU5V5iMRGFx03JDFUqaF_fsQaeh6OTJtIs8hAbBftRIGQq4X6cRsZx4r2q9ZfKRMyxvB9jV_J8KIJBHeftlhQ44iXqFanMrsdKdwe6znPRN5XiKv3f9moTeF1lpdRJ2_5JrKItOh5v8AhseqZqhYrzbLbKqCcmpmChqL2gybqGC_XYnFW0mCnkAZbiVLuA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9feed56aca6e347ff77eb155e84598071c8ce7584e3f6fdd3305a7a9e70d91d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LejtCsUAAAAACVGXaLz6W52O7rQkHl_obMS1ptT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:15:01 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32626
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:15:01 GMT
css
fonts.googleapis.com/ Frame E729
3 KB
548 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/common/7e16c022/en_US.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b3d5b1db4356aae7e5116c691fb90da522c78ef8bff00e410e4cff222467250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 13:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 13:15:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 13:15:01 GMT
graphql-public
koi-3qngd64pi2.marketingautomation.services/ Frame E729
16 KB
16 KB
Fetch
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ceab624ef9baab7850062c9a6929b3bdcfe87e027bc39245384292a04b2ce666

Request headers

accept
*/*
Referer
https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Feb 2023 13:15:01 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qngd64pi2.marketingautomation.services
x-kube-pod
api-769fc6df66-b9lh4
content-length
16217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
graphql-public
koi-3qngd64pi2.marketingautomation.services/ Frame E729
30 B
45 B
Fetch
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303

Request headers

accept
*/*
Referer
https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Feb 2023 13:15:01 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qngd64pi2.marketingautomation.services
x-kube-pod
api-769fc6df66-lljzk
content-length
30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
graphql-public
koi-3qngd64pi2.marketingautomation.services/ Frame E729
16 KB
16 KB
Fetch
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ceab624ef9baab7850062c9a6929b3bdcfe87e027bc39245384292a04b2ce666

Request headers

accept
*/*
Referer
https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Feb 2023 13:15:02 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qngd64pi2.marketingautomation.services
x-kube-pod
api-769fc6df66-lljzk
content-length
16217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
graphql-public
koi-3qngd64pi2.marketingautomation.services/ Frame E729
30 B
45 B
Fetch
General
Full URL
https://koi-3qngd64pi2.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/6c01b88/en_US.main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303

Request headers

accept
*/*
Referer
https://koi-3qngd64pi2.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Feb 2023 13:15:02 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qngd64pi2.marketingautomation.services
x-kube-pod
api-769fc6df66-bm87b
content-length
30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame E729
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://koi-3qngd64pi2.marketingautomation.services
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 01:03:59 GMT
x-content-type-options
nosniff
age
389462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 01:03:59 GMT
truncated
/ Frame E729
92 KB
92 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e8d88f037e62776e9355c3264513f9dd9136a0c05a60a6f8b10df944166882

Request headers

Referer
Origin
https://koi-3qngd64pi2.marketingautomation.services
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
font/woff
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame EEEB
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 10:11:03 GMT
x-content-type-options
nosniff
age
270241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 03 Mar 2023 10:11:03 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame EEEB
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 01:00:41 GMT
x-content-type-options
nosniff
age
389663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 02 Mar 2023 01:00:41 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame EEEB
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:23:22 GMT
x-content-type-options
nosniff
age
474702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 01 Mar 2023 01:23:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EEEB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 20:22:37 GMT
x-content-type-options
nosniff
age
319947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 20:22:37 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EEEB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 09:20:14 GMT
x-content-type-options
nosniff
age
446090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 09:20:14 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EEEB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 08:57:56 GMT
x-content-type-options
nosniff
age
361028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 08:57:56 GMT
/
livecusurvey.com/wp-json/pum/v1/analytics/
0
381 B
Image
General
Full URL
https://livecusurvey.com/wp-json/pum/v1/analytics/?event=open&pid=23356&_cache=1677503704498
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.119.123 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
123.119.199.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://livecusurvey.com/?utm_medium=email&utm_source=sharpspring&sslid=szAwM7c0NzG2sDS3AAA&sseid=MzI1MjcwNLQwMQIA&jobid=f0c1cbde-57b5-42a8-91b3-6b1be5c8f795
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:15:04 GMT
x-cache-group
normal
x-content-type-options
nosniff
x-cacheable
SHORT
server
nginx
x-powered-by
WP Engine
vary
Accept-Encoding,Cookie
x-cache
MISS
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
x-robots-tag
noindex
link
<https://livecusurvey.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery undefined| RS_CacheGS undefined| RS_CacheGS_queue undefined| RS_Cache_define object| tpGS string| ease object| punchgs object| gsapVersions object| Back object| Bounce object| CSSPlugin object| Circ object| Cubic object| Elastic object| Expo object| Linear object| Power0 object| Power1 object| Power2 object| Power3 object| Power4 object| Quad object| Quart object| Quint object| Sine object| SteppedEase object| Strong function| TimelineLite function| TimelineMax function| TweenLite function| TweenMax object| gsap function| CustomBounce function| CustomEase function| CustomWiggle object| DrawSVGPlugin function| TPGSSPLITTEXT object| MotionPathPlugin undefined| GreenSockGlobals undefined| _gsQueue undefined| _gsDefine object| RSANYID object| RSANYID_sliderID function| countUp function| ult_creative_link_ht function| recallme function| info_box_set_auto_height function| calculate_clipped_circle function| info_circle_slide function| show_next_info_circle function| responsive_check function| make_info_circle function| part_circle_icon function| setmytime undefined| fixto undefined| resizedd undefined| time_f_arr object| ldfdr object| dataLayer_content boolean| jQueryMigrateHelperHasSentDowngrade object| root function| setREVStartSize object| _ss object| $us object| ss_form function| EventEmitter object| eventie function| imagesLoaded object| pum_vars object| pum_sub_vars object| pum_popups object| PUM object| PUM_Accessibility object| PUM_Analytics function| pm_cookie function| pm_cookie_json function| pm_remove_cookie undefined| pum_debug string| pum_debug_mode string| ajaxurl object| pum function| FormSerializer function| MobileDetect object| fcaPcEvents object| fcaPcPost object| fcaPcCAPI object| fcaPcGA function| onYouTubeIframeAPIReady undefined| detect_videos object| intercomSettings function| Intercom boolean| sharpspring_tracking_installed object| twemoji object| wp object| __gaConnectorEventsEmitted object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _pa boolean| loadedBool function| facebookEventsHelper function| googleAdsEventsHelper object| _pq object| gaplugins object| gaGlobal object| gaData boolean| documentIsReady boolean| chatbotLoadWrapperBool function| __intercomAssignLocation function| __intercomReloadLocation object| ssChatbot boolean| ssChatbotBranding

24 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJBLKW3VDlTgYd68OWkMqYBaGXGhWHe9MNrqOwvJM2ca9iDB9UthqVvDv8A3jP5ZPzfisnHwH6AoMkQLC6x5SP0
livecusurvey.com/ Name: __ss
Value: 1677503699045
livecusurvey.com/ Name: __ss_referrer
Value: https%3A//livecusurvey.com/%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DszAwM7c0NzG2sDS3AAA%26sseid%3DMzI1MjcwNLQwMQIA%26jobid%3Df0c1cbde-57b5-42a8-91b3-6b1be5c8f795
.livecusurvey.com/ Name: _lfa
Value: LF1.1.c2447433fd552e4d.1677503699264
.marketingautomation.services/ Name: koitk
Value: 202302%7C63fcacd30d9d6437a435514c
livecusurvey.com/ Name: __ss_tk
Value: 202302%7C63fcacd30d9d6437a435514c
.livecusurvey.com/ Name: _ga
Value: GA1.2.1191598394.1677503700
.livecusurvey.com/ Name: _gid
Value: GA1.2.1386785158.1677503700
.livecusurvey.com/ Name: _gat_UA-74859478-1
Value: 1
.prfct.co/ Name: pa_uid
Value: pa_CmVMxzkZ41vUH6fmt
.adnxs.com/ Name: uuid2
Value: 2354708260401429110
.prfct.co/ Name: pa_twitter_ts
Value: 1677503699740
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GU%tD-^$!]tbP6j2F-XstGt!@D^($k9UE
.prfct.co/ Name: pa_yahoo_ts
Value: 1677503699768
.prfct.co/ Name: pa_openx_ts
Value: 1677503699791
.prfct.co/ Name: pa_rubicon_ts
Value: 1677503699793
.prfct.co/ Name: pa_google_ts
Value: 1677503699796
.yahoo.com/ Name: A3
Value: d=AQABBNOs_GMCEKa0-IV1jQ4SaZ68O534AFkFEgEBAQH-_WMGZAAAAAAA_eMAAA&S=AQAAAoVBWX1yfni17hDb-GEn860
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z4~2a8d
.twitter.com/ Name: personalization_id
Value: "v1_EMny8ERz8cBFtjN8TShZgA=="
.doubleclick.net/ Name: IDE
Value: AHWqTUmOqF5gbkLPLZ7eySx3l4p96S-kpN2unRGFwda7P1CNcGcMIsHE4GWiSZYYlBE
.livecusurvey.com/ Name: intercom-id-lo85pn32
Value: ed94724e-64ac-4b71-a907-4b7bd6258e34
.livecusurvey.com/ Name: intercom-session-lo85pn32
Value:
.livecusurvey.com/ Name: intercom-device-id-lo85pn32
Value: a4752981-b0d9-4eeb-9f60-cd686f8208e6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api-iam.intercom.io
app-3qngd64pi2.marketingautomation.services
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
koi-3qngd64pi2.marketingautomation.services
livecusurvey.com
pixel-geo.prfct.co
pixel.rubiconproject.com
sc.lfeeder.com
secure.adnxs.com
stats.g.doubleclick.net
storage.googleapis.com
tag.perfectaudience.com
tr.lfeeder.com
ups.analytics.yahoo.com
us-u.openx.net
widget.intercom.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.199.119.123
104.244.42.67
107.178.240.224
108.138.17.98
142.251.39.2
151.101.66.217
18.66.122.75
18.66.147.3
2600:9000:20eb:dc00:1f:f723:6fc0:93a1
2a00:1450:4001:811::2010
2a00:1450:400c:c06::9c
2a00:1450:400d:803::200e
2a00:1450:400d:805::2003
2a00:1450:400d:807::2004
2a00:1450:400d:808::2008
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::200a
3.126.56.137
35.244.159.8
37.252.173.215
54.145.101.148
54.72.205.52
69.173.144.139
00c79f73596b16ec7ca8129b4764e00b28a6d63c2750998adacd4570b176a232
0711c9e8ef6cc0ddff57b434929090e9e44ba786ece8bc69da944b46d02ff579
09fd6f05443bb5e53e466b7f19009752271b45fb1d9c40aa900459026a09ba79
0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70
12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303
14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85
168d0b801d6ec50c3cf6ab6e453add1d964b3164a22c7a92d05228431940367e
1a237b244d08e962e53ec115729cd53289525bd0b07db78544c85340ae60b263
1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a
1dab9c7ad0b4287a77aeea6fd30bff359b9adfa5ba5514c46495c48ee43b3208
1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0
248138c53bb9ad726bbbbf57c99ff9db58fb41e22d38fee25f72f33a8acb4550
2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691
28597da51e1855a4fb7975ab59171ddea301c5af014710169a030482ea4b5d52
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2abc10b98bfce0b592d37587d5e8eb1d3c76c6b5e6d549171b1670fa6dab832f
2c17e6a794d3bb4417d49c44dc57db7ef141c40e2b4813a96ce265953628e9b5
2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae
2eeec1a53ad4aa2ae2385af32754a057c2d9073c402eefba5d25e1e04ba1a7e5
3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
348c9a988159748af9b0bb20bdc700ed67ca6afc2fba8af29401d9ce333d5b92
3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e59273841201a5c259d7e3830fcca70cf197f97777bdd466c51726b9f7e9c19
4123a0b824634537d4a2a4bb289aadb7c98752c6c2af82ea3d9f0d109cc2272d
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
4462d8aa96e24d561ecea68e7b5eea32869c92505955a0efb7b4321386acbae3
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44ca3c927d8c2fea44e2732cb6e1621b1d5314d2ac1ff6c19cc2a0e94dd1a466
4b3d5b1db4356aae7e5116c691fb90da522c78ef8bff00e410e4cff222467250
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0432153c7216a0bb2cd676fbfd088b6aeb9d3947c3d518a441c35f8afd96ab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4e0c316b560a99d47e0ee5915f36ac050ebef8ab6182ff67cfa8491fcfbc21e0
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
4ffcb784731a65dabd45daaa3efea8f831943811cbc51c510180fff417d49811
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57816f53bd297e04d4a9a30d1571068bef957813fa5d5837c7438fb7bca05e06
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5e0569e3424af4aa952dedfe18ddd693bdba3fad3c6bb8fe52c7371cd41931a7
60bfbd3aca5d6f46af4c08025dab146fccc7d2c82562ec6b2235cdd8b00d01e7
691ad184665a01498912564332853d2358739673b393bc210004d1650253428d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d99aa9343abfa4c05392d9c701602ab4e1380636449e1f31eeb45202ce15cd9
6da937314be25a21b68defa3ccbf0fe5b2e0488e4a881133f770bd7ba9eda153
7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98
73f08eba3ff8c10c27438693bf9a70841a02d93aa586233cbaf6750d647bfb82
7457432b9163f08039bd9d9ab92f789aaf8e4653b6037b546df3fa86eb8d1f40
80648219fd9b3c98e9fb470ffae56d55070727d13f4e528e59e34f65baca7245
87672b4e9c7575be50a314adabdcfbbb19c685b3408847889638044806f93fc8
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c09f40aa9ac3105f86ea363d58ad2a81f5d5741b810786a1a6291e7dd9d43ad
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92aa9fb6a9dfe41d683a05e2ce2394ca5f4dda56bfccb5c89e78c57520a0b9d8
933516be9efec38ebef7bbdd6a5652b3db83132c7475cf1c3d54fb60d2e69f2a
934ecb719a9eb78212ebfa8985f42d4242769b9b650622a1d6e16184378d8eb4
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9aada19a9155dfac40975d64d86a6d2d5e8886b4845deaacca1b2c610cb5df2b
9feed56aca6e347ff77eb155e84598071c8ce7584e3f6fdd3305a7a9e70d91d6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc
a21a0a8bbed971496d6c3065f21c9b99a5e67e6127f374583da1b0ec05546765
a9cce1a141278768a45b1a8f35cfbd242afbd251efe1756f416e31915fc1ac88
aaa80de38d05ad615adc4442383ab2ce0c59a1297529da4d323c3508a88a5f35
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24350de2c0eae68926a92eeeea3252e410dcf6da3728f6d833606579bf05792
b481d065fdb7959a361b75bc25f8f53b0c17248ac3e53c887bd98ca6cb1ff811
b4c6c296770c36226db63a4c7c38d8f02812670ed000abb992e6f722c14b56e0
b9a6fca766ed9a201b3658950e9692b259d61f22b13e27b76cbc58d8fb5a4d86
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
c17b1a7e002c083947f21ffac64eb85fc76f5e94c2460fb64876f56f6a37fdd3
c28f1e3b4878242b98d4a383fefcbd0cac9e9486fce02f5f73caedc6e8d692e3
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c871a837a5b4f74ae8eec2034164fac3e7e8eaf1d3e365770c6f6b7c294f4bcc
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0
ceab624ef9baab7850062c9a6929b3bdcfe87e027bc39245384292a04b2ce666
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
d9ac6b477f704750e98d15c64f1bb3ad02bfd3bff81f0c9deb01fac8bc16dbdb
dea79c69319ee16958528ec501ed43f83223fcd2a22760b506a6df2dea506be2
e0e8d88f037e62776e9355c3264513f9dd9136a0c05a60a6f8b10df944166882
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e87f4f93a379f05269bddd3acd54a253a3e50a48efb9127d9cb94cf3970333
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ecbb653b2009cb651efad253e604aae188b622ffe9f8a9abd81118d2efa7d007
ecd52673e207772acc0e67d469cbc4cfd89f8b6214db8799b353e0f88548624a
edb8324c433c41250990c592405c9ed264ed1eab169687a8cc5d69f77585f38d
f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9
f2c809f77b19df64ec8270272ac29ce3d84d242a663e589825a9e4f57b8a5461
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326
ff0bea54acd2b8d1f87f68be0caf302b025aad0cc80e0edd158a372f30460bb2