surviveinsight.com Open in urlscan Pro
74.124.27.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.reachclear.com/aff_c?offer_id=12223&aff_id=1498&source=defensepromos&aff_sub=2/19/24)It%E2%80%99s
Effective URL:
https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&ti...
Submission: On June 13 via api (June 13th 2024, 5:43:45 am UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 40 domains to perform 83 HTTP transactions. The main IP is 74.124.27.101, located in United States and belongs to HDCS, US. The main domain is surviveinsight.com.
TLS certificate: Issued by R3 on April 24th 2024. Valid for: 3 months.

This is the only time surviveinsight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	3.248.18.157 3.248.18.157	16509 (AMAZON-02) (AMAZON-02)
1 1	63.33.132.65 63.33.132.65	16509 (AMAZON-02) (AMAZON-02)
22	74.124.27.101 74.124.27.101	26405 (HDCS) (HDCS)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	74.124.27.105 74.124.27.105	26405 (HDCS) (HDCS)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	66.45.234.162 66.45.234.162	19318 (IS-AS-1) (IS-AS-1)
1	13.32.27.86 13.32.27.86	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
5	52.1.119.38 52.1.119.38	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
17 22	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:fa00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:34c8:729f:c57a:a456	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.127.112.86 3.127.112.86	16509 (AMAZON-02) (AMAZON-02)
1 1	3.64.19.180 3.64.19.180	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	5.135.209.105 5.135.209.105	16276 (OVH) (OVH)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.54.132.127 52.54.132.127	14618 (AMAZON-AES) (AMAZON-AES)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.17.55.191 52.17.55.191	16509 (AMAZON-02) (AMAZON-02)
1	18.202.254.222 18.202.254.222	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
83	38

2 3.248.18.157 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-18-157.eu-west-1.compute.amazonaws.com

www.reachclear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.132.65 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-132-65.eu-west-1.compute.amazonaws.com

links.uss-labs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 74.124.27.101 (United States)

ASN26405 (HDCS, US)
PTR: cust-74-124-27-101.dllstx01.corexchange.com

surviveinsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
funnels.mycrisisgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.124.27.105 (United States)

ASN26405 (HDCS, US)
PTR: cust-74-124-27-105.dllstx01.corexchange.com

cdn.usscompaniescrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usscompaniescrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.45.234.162 (United States)

ASN19318 (IS-AS-1, US)
PTR: reynolds.onbudgetservices.com

tags.fullforceads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-86.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.1.119.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-119-38.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.91.62.186 (Groningen, Netherlands) 17 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:fa00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:34c8:729f:c57a:a456 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.112.86 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-112-86.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.19.180 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-19-180.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.135.209.105 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip105.ip-5-135-209.eu

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.132.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-132-127.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.55.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-55-191.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.254.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-254-222.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 5197 i.simpli.fi — Cisco Umbrella Rank: 4602 um.simpli.fi — Cisco Umbrella Rank: 940	11 KB
18	surviveinsight.com surviveinsight.com	280 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 ajax.googleapis.com — Cisco Umbrella Rank: 457	39 KB
6	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2689 heapanalytics.com — Cisco Umbrella Rank: 2178	39 KB
6	usscompaniescrm.com cdn.usscompaniescrm.com usscompaniescrm.com	16 KB
4	mycrisisgear.com funnels.mycrisisgear.com	548 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 132 googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 cm.g.doubleclick.net — Cisco Umbrella Rank: 276	783 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 283	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2328	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1512	401 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2814	938 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 563 d.agkn.com — Cisco Umbrella Rank: 780	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 515	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 523	712 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	gstatic.com fonts.gstatic.com	97 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1344	65 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	74 KB
2	reachclear.com 2 redirects www.reachclear.com — Cisco Umbrella Rank: 992868	2 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 556	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 425	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 8196	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	24 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 135	23 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 491	99 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 970	224 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1067	267 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1013	481 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1740	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7334	176 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 446	141 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1287	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 699	238 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3420	233 B
1	fullforceads.com tags.fullforceads.com — Cisco Umbrella Rank: 637366	246 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	98 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1267	7 KB
1	uss-labs.com 1 redirects links.uss-labs.com — Cisco Umbrella Rank: 259277	2 KB
0	intentiq.com Failed sync.intentiq.com Failed
83	40

	Domain	Requested by
22	um.simpli.fi	17 redirects
18	surviveinsight.com	surviveinsight.com
6	fonts.googleapis.com	surviveinsight.com
5	heapanalytics.com	surviveinsight.com
4	funnels.mycrisisgear.com	surviveinsight.com
4	cdn.usscompaniescrm.com	surviveinsight.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	sync.smartadserver.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	www.facebook.com	surviveinsight.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	surviveinsight.com www.google-analytics.com
2	usscompaniescrm.com	surviveinsight.com
2	connect.facebook.net	surviveinsight.com connect.facebook.net
2	www.reachclear.com	2 redirects
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	tag.simpli.fi	tags.fullforceads.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vc.hotjar.io	script.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	cdn.heapanalytics.com	surviveinsight.com
1	tags.fullforceads.com	surviveinsight.com
1	ajax.googleapis.com	surviveinsight.com
1	static.hotjar.com	surviveinsight.com
1	www.googletagmanager.com	surviveinsight.com
1	maxcdn.bootstrapcdn.com	surviveinsight.com
1	links.uss-labs.com	1 redirects
0	sync.intentiq.com Failed
83	50

This site contains links to these domains. Also see Links.

Domain
mcgtactical.com

Subject Issuer	Validity	Valid
surviveinsight.com R3	`2024-04-24` - `2024-07-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cdn.usscompaniescrm.com R3	`2024-04-24` - `2024-07-23`	3 months	crt.sh
funnels.mycrisisgear.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
usscompaniescrm.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
tags.fullforceads.com R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Frame ID: B316ADC91A5E66A21571111858DFC8BD
Requests: 82 HTTP requests in this frame

Frame: https://usscompaniescrm.com/pixelframe.php?did=44&ptype=t&otype=&oid=&amnt=&cid=&tid=
Frame ID: 1184100BA5395600D5D0D0C69F6FDB6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Page URL History Show full URLs

https://www.reachclear.com/aff_c?offer_id=12223&aff_id=1498&source=defensepromos&aff_sub=2/19/24)It%E2%... HTTP 302
https://www.reachclear.com/aff_r?offer_id=12223&aff_id=1498&url=https%3A%2F%2Flinks.uss-labs.com%2Faff_... HTTP 302
https://links.uss-labs.com/aff_c?offer_id=34&aff_id=1145&aff_sub=1498&aff_sub2=102e6626a8f38a095f28d558... HTTP 302
https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

77 %
HTTPS

27 %
IPv6

40
Domains

50
Subdomains

38
IPs

8
Countries

1298 kB
Transfer

2407 kB
Size

37
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://mcgtactical.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://mcgtactical.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://mcgtactical.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://mcgtactical.com/contact/
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.reachclear.com/aff_c?offer_id=12223&aff_id=1498&source=defensepromos&aff_sub=2/19/24)It%E2%80%99s HTTP 302
https://www.reachclear.com/aff_r?offer_id=12223&aff_id=1498&url=https%3A%2F%2Flinks.uss-labs.com%2Faff_c%3Foffer_id%3D34%26aff_id%3D1145%26aff_sub%3D1498%26aff_sub2%3D102e6626a8f38a095f28d558f7c05b&urlauth=693458584159421585870159230874 HTTP 302
https://links.uss-labs.com/aff_c?offer_id=34&aff_id=1145&aff_sub=1498&aff_sub2=102e6626a8f38a095f28d558f7c05b HTTP 302
https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DE255A65E52A41368B298D8793A8136C

Request Chain 60

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/DE255A65E52A41368B298D8793A8136C HTTP 302
https://sync.1rx.io/usersync/simplifi/DE255A65E52A41368B298D8793A8136C?zcc=1&cb=1718257422511 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-87513e5d-fe07-4f12-8256-76a9950165b4-003

Request Chain 61

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=DE255A65E52A41368B298D8793A8136C&dongle=yf3

Request Chain 62

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=DE255A65E52A41368B298D8793A8136C

Request Chain 63

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=DE255A65E52A41368B298D8793A8136C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DE255A65E52A41368B298D8793A8136C

Request Chain 64

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=DE255A65E52A41368B298D8793A8136C HTTP 302
https://d.agkn.com/pixel/10751/?che=1718257422496&ip=217.114.218.20&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217013104912000458159 HTTP 302
https://um.simpli.fi/aa_px?sk=217013104912000458159 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 65

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DE255A65E52A41368B298D8793A8136C

Request Chain 68

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=DE255A65E52A41368B298D8793A8136C;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=DE255A65E52A41368B298D8793A8136C;mimetype=img;sr HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

Request Chain 69

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=DE255A65E52A41368B298D8793A8136C&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=DE255A65E52A41368B298D8793A8136C&j=0&xl8blockcheck=1

Request Chain 71

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=DE255A65E52A41368B298D8793A8136C

Request Chain 72

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=DE255A65E52A41368B298D8793A8136C

Request Chain 73

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DE255A65E52A41368B298D8793A8136C

Request Chain 74

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=DE255A65E52A41368B298D8793A8136C

Request Chain 75

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=DE255A65E52A41368B298D8793A8136C

Request Chain 76

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1718257422062&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIqNud2u_XhgMVZo-DBx2qexNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vc3Vydml2ZWluc2lnaHQuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIqNud2u_XhgMVZo-DBx2qexNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vc3Vydml2ZWluc2lnaHQuY29tLw&is_vtc=1&cid=CAQSGwDaQooLrfHvnFgy6WD053BOgmofKGS8qNVU-w&random=849381188 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIqNud2u_XhgMVZo-DBx2qexNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vc3Vydml2ZWluc2lnaHQuY29tLw&is_vtc=1&cid=CAQSGwDaQooLrfHvnFgy6WD053BOgmofKGS8qNVU-w&random=849381188&ipr=y

Request Chain 78

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=DE255A65E52A41368B298D8793A8136C HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DDE255A65E52A41368B298D8793A8136C

Request Chain 79

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DE255A65E52A41368B298D8793A8136C&expires=365

Request Chain 80

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=DE255A65E52A41368B298D8793A8136C

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
surviveinsight.com/gear/1167/barracuda/
Redirect Chain

https://www.reachclear.com/aff_c?offer_id=12223&aff_id=1498&source=defensepromos&aff_sub=2/19/24)It%E2%80%99s
https://www.reachclear.com/aff_r?offer_id=12223&aff_id=1498&url=https%3A%2F%2Flinks.uss-labs.com%2Faff_c%3Foffer_id%3D34%26aff_id%3D1145%26aff_sub%3D1498%26aff_sub2%3D102e6626a8f38a095f28d558f7c05b...
https://links.uss-labs.com/aff_c?offer_id=34&aff_id=1145&aff_sub=1498&aff_sub2=102e6626a8f38a095f28d558f7c05b
https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

36 KB
12 KB

953ms
434ms

Document
text/html

74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 92e14835c8da97b3398109a643a69858c8c88312bc996477e04f0910a69b7a7b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 11937
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 Jun 2024 05:43:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 325
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 13 Jun 2024 05:43:38 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 10272cd837bdcdf80fa5517ff49562
X-Request-Id: 69eff8458f84e4bbce2e38c8ec339aa2
X-Robots-Tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 41 KB
2 KB 117ms
53ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo:400,400i,500,500i,700,700i|Open+Sans:400,400i,700,700i|Fira+Sans+Extra+Condensed:400,400i,700,700i,800

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f480a819c08a5b7099b9d9c72b12df04fb358f597e365a12783c4bcb369617b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 05:43:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:43:39 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 68ms
35ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1047
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7899756
cdn-cachedat: 10/31/2023 18:58:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9bd489b3b47817325036093612d128df
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 892fc3aa2de69a1d-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 831 B
489 B 113ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Shadows+Into+Light+Two

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac79edb4cb21484bbea4f30cc81f75718e69de145f628cb761acff31120c777b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 05:43:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:43:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 96ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,300,500,700

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55371ec8c0e2fe23fcd61a0cc9084cf9387f39e593f775e03279654c7e041861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 05:34:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:43:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
942 B 115ms
52ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900,100

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 05:43:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:43:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
712 B 115ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic|PT+Sans:400,700

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1f62f2b1786971828ded79d7184fbdbe508c76a7a9353eefb268b0bfd2ec866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 05:43:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:43:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 717 B
444 B 114ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Coda

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9534b0af4c2ca05fec98aafefde4403da69fd75fd998624139e538574928d198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 05:42:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:43:39 GMT

GET
H/1.1 200
OK app.css
surviveinsight.com/flashlight_tf/css/ 65 KB
13 KB 289ms
161ms Stylesheet
text/css 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/flashlight_tf/css/app.css
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: b20fc57778fe15d442a7e71a27fee3f670005aacfbbe5c4f46ab9e2d832ca315

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 18:04:11 GMT
Server: Apache
ETag: "10438-5eada3847b189-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 12562

GET
H/1.1 200
OK bootstrap-theme.min.css
surviveinsight.com/themes/tf1000/css/ 13 KB
2 KB 455ms
165ms Stylesheet
text/css 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/themes/tf1000/css/bootstrap-theme.min.css
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: ea105bfad47b31338aa2c9039fe93aaeb762b24d074590e3742015275a2a6bf7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:58 GMT
Server: Apache
ETag: "3429-5e9c1330f32e2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 1753

GET
H/1.1 200
OK funnel.css
surviveinsight.com/themes/tf1000/css/ 12 KB
3 KB 496ms
161ms Stylesheet
text/css 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/themes/tf1000/css/funnel.css
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: f5f27e25621a9150fc6a233efe9168d8d384845c5b5dfbe01e270ba3eb33e60b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:40 GMT
Server: Apache
ETag: "309d-5e9c131fd4d41-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2874

GET
H/1.1 200
OK theme.css
surviveinsight.com/themes/tf1000/css/ 25 KB
6 KB 494ms
160ms Stylesheet
text/css 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/themes/tf1000/css/theme.css
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: ee70a091af7d247435baaada5bde1057e140cd470e9dd3fd12a11199d987bbbb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:40 GMT
Server: Apache
ETag: "626c-5e9c131fd5ce2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5894

GET
H/1.1 200
OK style.css
surviveinsight.com/themes/tf1000/css/ 16 KB
4 KB 497ms
162ms Stylesheet
text/css 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/themes/tf1000/css/style.css
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 1a677ffa608881e69783e0ef0cd017ce15075ca43df01a401405b87f65c41f14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:58 GMT
Server: Apache
ETag: "4183-5e9c1330f4282-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 3706

GET
H/1.1 200
OK custom.css
surviveinsight.com/themes/tf1000/css/ 9 KB
3 KB 511ms
169ms Stylesheet
text/css 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/themes/tf1000/css/custom.css
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: f85f4883d53d0f3dfb252d418e5862b714446bf419198b244a85ff766a1ee05e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:58 GMT
Server: Apache
ETag: "2482-5e9c1330f32e2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2531

GET
H/1.1 200
OK jquery.js Show response
surviveinsight.com/themes/tf1000/js/ 92 KB
33 KB 630ms
174ms Script
application/javascript 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/themes/tf1000/js/jquery.js
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:40 GMT
Server: Apache
ETag: "16eab-5e9c131fd5ce2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 33132

GET
H/1.1 200
OK primal-health-crm-bc.js Show response
surviveinsight.com/themes/tf1000/js/ 30 KB
7 KB 660ms
161ms Script
application/javascript 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/themes/tf1000/js/primal-health-crm-bc.js
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: df0b300163483c06fde9ad0577c76b4f44d4d272750ca2447b3b9de65d0693be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:58 GMT
Server: Apache
ETag: "785b-5e9c1330f5222-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 6982

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
98 KB 104ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R9PZVQTH9Q

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

612fd1c6c0dd1e75c10bdc4b445e534902d796e028ad4b5cf0229a34a585d5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:43:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100034
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jun 2024 05:43:40 GMT

GET
H/1.1 200
OK btn-close.png
cdn.usscompaniescrm.com/images/ 2 KB
3 KB 598ms
176ms Image
image/png 74.124.27.105
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.usscompaniescrm.com/images/btn-close.png
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.105 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-105.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 813efd0d540cbe0243e5a53ddfe8f1665c47131cf5b1ee3bd8e24e74ed52765e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2022 18:40:05 GMT
Server: Apache
ETag: "9a8-5dbd874fb3a3f-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 2212
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK ajax-loader-3.gif
cdn.usscompaniescrm.com/images/ 4 KB
4 KB 765ms
166ms Image
image/gif 74.124.27.105
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.usscompaniescrm.com/images/ajax-loader-3.gif
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.105 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-105.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 53a18dc992f7a6437606f70183c88e1280dc81999c040c63cf8a45dca3934ff3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2022 18:39:51 GMT
Server: Apache
ETag: "f6f-5dbd8742a4ca9-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 3453
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK MCG_trans_blk300.png
surviveinsight.com/images/ 15 KB
15 KB 168ms
168ms Image
image/png 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://surviveinsight.com/images/MCG_trans_blk300.png
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: e5d24290bdac2a3991280aaeb4f7083774fbe298392791905bc4525d24558977

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Oct 2022 21:26:47 GMT
Server: Apache
ETag: "3b6e-5ea6459c4b3b4-gzip"
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 14918

GET
H/1.1 200
OK hero.png
funnels.mycrisisgear.com/flashlight_tf/img/fig/ 171 KB
170 KB 526ms
162ms Image
image/png 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funnels.mycrisisgear.com/flashlight_tf/img/fig/hero.png
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 2520b8af6eb3eb8c3c80cdeb0f5ff9709a51591710079010543c4e991dd6b772

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:41 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 17:10:03 GMT
Server: Apache
ETag: "2ad24-5da1ca27bc020-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK s02-hero.jpg
surviveinsight.com/flashlight_tf/img/fig/ 33 KB
29 KB 160ms
158ms Image
image/jpeg 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://surviveinsight.com/flashlight_tf/img/fig/s02-hero.jpg
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: f895f8c3d6c26bc3408febd6e0ea0a1fc3b69c7953c5451b6c6cbd6a3fede753

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 18:04:16 GMT
Server: Apache
ETag: "830e-5eada388c26d5-gzip"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 29728

GET
H/1.1 200
OK features-zoom.jpg
surviveinsight.com/flashlight_tf/img/fig/ 16 KB
15 KB 158ms
157ms Image
image/jpeg 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://surviveinsight.com/flashlight_tf/img/fig/features-zoom.jpg
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 16d07f40f24b08df5d29432650085ac1e2fafd005b3796f9fbfc1e0e875b64e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 18:04:11 GMT
Server: Apache
ETag: "41e0-5eada3847f009-gzip"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 14652

GET
H/1.1 200
OK features-glass.jpg
surviveinsight.com/flashlight_tf/img/fig/ 16 KB
15 KB 156ms
155ms Image
image/jpeg 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://surviveinsight.com/flashlight_tf/img/fig/features-glass.jpg
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: affcf2876900c5b2658bcc08183a60389bec005a6377682eb45c45703f448e67

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 18:04:11 GMT
Server: Apache
ETag: "3e5e-5eada3847d0c9-gzip"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 14561

GET
H/1.1 200
OK barra2.jpg
surviveinsight.com/tf1000/ 46 KB
47 KB 199ms
164ms Image
image/jpeg 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://surviveinsight.com/tf1000/barra2.jpg
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 27e389e9319494ca6b59dedaddaf1182b01cad2a6fea5a6861fd5510d9e0f535

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 17:50:37 GMT
Server: Apache
ETag: "b9bf-5eada07be71e2-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK barra1.jpg
surviveinsight.com/tf1000/ 44 KB
44 KB 171ms
168ms Image
image/jpeg 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://surviveinsight.com/tf1000/barra1.jpg
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 6309e76ef65c0f361a66e42a09fbd730761d481a9be463f3aad41b48ae2a0d08

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 17:50:23 GMT
Server: Apache
ETag: "af7c-5eada06ec556c-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 68ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jun 2024 05:43:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1297, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: XCSyX8GjwvpKJRGwcR42K0JpRss65fREwnShNolcjseRA89oEevG+ucg0F/fc7q/3Kr00+RTS4n46Todx7oZJQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-158498.js Show response
static.hotjar.com/c/ 54 KB
9 KB 78ms
23ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-158498.js?sv=6

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

4baa12ac551956d4ba1e8bd819296032f2bf5aa2c20dd91931d9387a92fc161f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 21
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/e29583aa014fc74993e94ba783286cec
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: 70_et2cVbWe7Jp8n038OMOJUibzIz3DU7d16GbGciBGAGXLKm5BG3Q==

GET
H/1.1 200
OK guarantee.png
surviveinsight.com/glaser/img/fig/ 21 KB
21 KB 160ms
160ms Image
image/png 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://surviveinsight.com/glaser/img/fig/guarantee.png
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: b44241d581cc9b985f00da16755f79791ce15b3a14c4de2b0ee50bcf3b734652

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 18:47:57 GMT
Server: Apache
ETag: "5512-5e9c13302ceee-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 04:52:36 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
surviveinsight.com/flashlight_tf/js/ 5 KB
2 KB 158ms
156ms Script
application/javascript 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/flashlight_tf/js/lazyload.min.js
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 55dd9fc39774af68d4ed30d6b668427f3b1ab86db5dff36cdf179573140f4b5a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 18:04:16 GMT
Server: Apache
ETag: "140f-5eada388c3675-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 1816

GET
H/1.1 200
OK bootstrap.min.js Show response
cdn.usscompaniescrm.com/js/ 28 KB
8 KB 170ms
169ms Script
application/javascript 74.124.27.105
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usscompaniescrm.com/js/bootstrap.min.js
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.105 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-105.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2022 18:39:45 GMT
Server: Apache
ETag: "71ed-5dbd873c1222d-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 7619
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK ie10-viewport-bug-workaround.js Show response
cdn.usscompaniescrm.com/js/ 640 B
930 B 191ms
153ms Script
application/javascript 74.124.27.105
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usscompaniescrm.com/js/ie10-viewport-bug-workaround.js
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.105 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-105.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 9da76a4acc9d2aa9459fb9680e63c605c54ff3536cb72cabf13bd9467efdf0ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2022 18:39:45 GMT
Server: Apache
ETag: "280-5dbd873c102ed-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 423
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK visits_pixel.php
usscompaniescrm.com/IPN2/ 695 B
968 B 509ms
172ms Image
image/jpeg 74.124.27.105
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usscompaniescrm.com/IPN2/visits_pixel.php?tid=moda&cid=&ip=168430334&domain=24
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.105 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-105.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 9f5b10d5a8f1bd171859b855eab37ee7ea89f5dac01b6f77ea5f859bd3654a85

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:41 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 527

GET
H2 200 ffa-tag-ae033df2-f81d-42d9-b522-adbe9f9ad03b.tag Show response
tags.fullforceads.com/ 293 B
246 B 320ms
108ms Script
text/html 66.45.234.162
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullforceads.com/ffa-tag-ae033df2-f81d-42d9-b522-adbe9f9ad03b.tag
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.45.234.162 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: reynolds.onbudgetservices.com
Software: Apache /
Resource Hash: 820424dde609855f15b0a59b905624ac1e49eec9f9c0e0048718201103ed4c23

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:43:41 GMT
content-encoding: br
server: Apache
content-length: 149
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 heap-1821211314.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 87ms
26ms Script
application/javascript 13.32.27.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1821211314.js

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-86.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

9be9de2e5fa10d9cb07ff04b308f45b8d7aab81a933713876beeb25751763d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:42:51 GMT
content-encoding: br
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
age: 49
x-powered-by: Express
etag: W/"1d22f-9TSt6vg69+oitHj/2kA3qu8dxBQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hmltiIzl_jsciWGt2I6wbVN9yDx8XE3giu5wLJCUOmlSfqe1eBLxNQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
20ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 05:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 157
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 13 Jun 2024 07:41:03 GMT

GET
H/1.1 200
OK s01.jpg
funnels.mycrisisgear.com/flashlight_tf/img/bg/ 368 KB
365 KB 496ms
162ms Image
image/jpeg 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funnels.mycrisisgear.com/flashlight_tf/img/bg/s01.jpg
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/flashlight_tf/css/app.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 0d0cc65eca7594895e53e1f3d0fa6d0675b7f385edc981de104d8f33767999db

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:41 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 17:10:03 GMT
Server: Apache
ETag: "5c06b-5da1ca27b81a0-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK red-top-bar.png
funnels.mycrisisgear.com/flashlight_tf/img/bg/ 12 KB
10 KB 484ms
167ms Image
image/png 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funnels.mycrisisgear.com/flashlight_tf/img/bg/red-top-bar.png
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/flashlight_tf/css/app.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 42a6257c0b891197dfb7ecada96fe2868c7d8f58d9b7d517b075ccbacb71d779

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:41 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 17:10:12 GMT
Server: Apache
ETag: "2fec-5da1ca304f289-gzip"
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 10209

GET first-card-bg.jpg
funnels.mycrisisgear.com/flashlight_tf/bg/ 0
0

GET
H/1.1 200
OK red-bottom.png
funnels.mycrisisgear.com/flashlight_tf/img/special/ 3 KB
2 KB 362ms
157ms Image
image/png 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://funnels.mycrisisgear.com/flashlight_tf/img/special/red-bottom.png
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/flashlight_tf/css/app.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: b386ffe029cee9c3ae5b1064c6c242b1baa695fec220e90855d140f5e15dc39a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:41 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 17:10:12 GMT
Server: Apache
ETag: "a17-5da1ca305cd4a-gzip"
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2179

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 94ms
42ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo:400,400i,500,500i,700,700i|Open+Sans:400,400i,700,700i|Fira+Sans+Extra+Condensed:400,400i,700,700i,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://surviveinsight.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 23:37:47 GMT
x-content-type-options: nosniff
age: 194753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Jun 2025 23:37:47 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
50 KB 72ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo:400,400i,500,500i,700,700i|Open+Sans:400,400i,700,700i|Fira+Sans+Extra+Condensed:400,400i,700,700i,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://surviveinsight.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 02:33:32 GMT
x-content-type-options: nosniff
age: 184208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 02:33:32 GMT

GET
H2 200 modules.db8890ba82a7e392473f.js Show response
script.hotjar.com/ 223 KB
55 KB 93ms
24ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.db8890ba82a7e392473f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-158498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

89a2840e72b9ea060982f79dd7c1ac1cc747617f2bd9790b79ac09497d97fe8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 143374
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56164
last-modified: Tue, 11 Jun 2024 13:53:21 GMT
etag: "e6623694317786c0abed295167d203ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 9vY-xcmIwYl4iLnRCr8RokoGQUhud_g13hD_HvWxCOzgFOPAguWJvQ==

GET
H2 200 1660032127574389 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 26ms
26ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1660032127574389?v=2.9.158&r=stable&domain=surviveinsight.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ce53557a15776d8914772778ce121d6352175a65e3784be1671e93daf4deb9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jun 2024 05:43:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14124
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=63, mss=1297, tbw=63524, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: uJ4DzYYSukX7IhuFJUZgX9rWhH77TpCGU/Zuvo2EXV1HSgmbR271Th0kuoLbIO2XpquWODDlWCI5wecDlrhXEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixelframe.php
usscompaniescrm.com/ Frame 1184 0
0 453ms
153ms Document
text/html 74.124.27.105
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://usscompaniescrm.com/pixelframe.php?did=44&ptype=t&otype=&oid=&amnt=&cid=&tid=
Requested by: Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.105 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-105.dllstx01.corexchange.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 Jun 2024 05:43:41 GMT
Keep-Alive: timeout=15, max=100
Server: Apache

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 81ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R9PZVQTH9Q&gtm=45je46c0v888467190za200&_p=1718257420619&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1192646566.1718257421&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718257420&sct=1&seg=0&dl=https%3A%2F%2Fsurviveinsight.com%2Fgear%2F1167%2Fbarracuda%2F%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&dt=%2Fgear%2F1167%2Fbarracuda%2F%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2309
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9PZVQTH9Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surviveinsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 66ms
20ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D1660032127574389%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fsurviveinsight.com%252Fgear%252F1167%252Fbarracuda%252F%253Ftune_id%253D10272cd837bdcdf80fa5517ff49562%2526tune_offer_id%253D34%2526tune_aff_id%253D1145%2526tid%253Dmoda%26rl%3D%26if%3Dfalse%26ts%3D1718257420816%26sw%3D1600%26sh%3D1200%26v%3D2.9.158%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1718257420815.113704447328340026%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1718257420760%26coo%3Dfalse%26exp%3Df1&rqm=GET

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jun 2024 05:43:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 221ms
187ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1660032127574389&ev=PageView&dl=https%3A%2F%2Fsurviveinsight.com%2Fgear%2F1167%2Fbarracuda%2F%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&rl=&if=false&ts=1718257420816&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718257420815.113704447328340026&cs_est=true&ler=empty&cdl=API_unavailable&it=1718257420760&coo=false&exp=f1&rqm=FGET

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x6ddb7a3f72c6994f","source_keys":["1","2"]},{"key_piece":"0xcbcc3a267c7f8cb9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 13 Jun 2024 05:43:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7379859426451582553", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1297, tbw=3097, tp=-1, tpl=-1, uplat=166, ullat=0
pragma: no-cache
x-fb-debug: hb7DXfcFhrn740EDOb3T9IlmlpbgYznc7aO3buU0IKnjdyzRMwohrwGY2FFG/KCU8RviQRYJLyEyBSL1PGGFtw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7379859426451582553"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 158498 Show response
vc.hotjar.io/sessions/ 0
233 B 120ms
48ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/158498?s=0.25&r=0.20362628711355923
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.db8890ba82a7e392473f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 13 Jun 2024 05:43:40 GMT
cache-control: no-store
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: VwTabbcnxQNZNUmPpTlKeSx2OR1eulhTtNyyaMIW7U_fZ9JxWKmbJw==
x-cache: Miss from cloudfront

GET
H2 200 telemetry
heapanalytics.com/api/ 32 B
235 B 355ms
115ms Image
image/gif 52.1.119.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1821211314&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1718257420921&hv=4.23.0

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.119.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-38.compute-1.amazonaws.com

Software

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 32
content-type: image/gif

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
261 B 356ms
116ms Image
image/gif 52.1.119.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=1821211314&u=304828521458010&v=3767747890496250&s=8684579913739305&b=web&tv=4.0&_IP=217.114.218.20&st=1718257420926

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.119.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
261 B 307ms
117ms Image
image/gif 52.1.119.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=1821211314&u=304828521458010&v=3767747890496250&s=8684579913739305&b=web&tv=4.0&_TID=moda&st=1718257420926

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.119.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
261 B 221ms
118ms Image
image/gif 52.1.119.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=1821211314&u=304828521458010&v=3767747890496250&s=8684579913739305&b=web&tv=4.0&_CID=tune%7C10272cd837bdcdf80fa5517ff49562%7C34&st=1718257420926

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.119.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 28ms
27ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1977115401&t=pageview&_s=1&dl=https%3A%2F%2Fsurviveinsight.com%2Fgear%2F1167%2Fbarracuda%2F%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&dp=%2Fgear%2F1167%2Fbarracuda%2F%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&ul=de-de&de=UTF-8&dt=%2Fgear%2F1167%2Fbarracuda%2F%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACACI~&jid=1577344456&gjid=1920561389&cid=1192646566.1718257421&tid=UA-173241369-1&_gid=1189363408.1718257421&_slc=1&cd1=1167&cd3=217.114.218.20&cd4=moda&cd5=tune%7C10272cd837bdcdf80fa5517ff49562%7C34&z=2086124486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surviveinsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 93ms
31ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-173241369-1&cid=1192646566.1718257421&jid=1577344456&gjid=1920561389&_gid=1189363408.1718257421&_u=YCDAiEABBAAAAGACIAC~&z=1446732276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jun 2024 05:43:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surviveinsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 296ms
229ms Image
image/gif 52.1.119.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1821211314&u=304828521458010&v=3767747890496250&s=8684579913739305&b=web&tv=4.0&z=0&h=%2Fgear%2F1167%2Fbarracuda%2F&q=%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&d=surviveinsight.com&t=%2Fgear%2F1167%2Fbarracuda%2F%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda&k=FID&k=1167&ts=1718257420926&ubv=126.0.6478.55&upv=10.0.0&sch=1200&scw=1600&st=1718257420932

Requested by

Host: surviveinsight.com
URL: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.119.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 ae033df2-f81d-42d9-b522-adbe9f9ad03b Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 97ms
32ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ae033df2-f81d-42d9-b522-adbe9f9ad03b?
Requested by: Host: tags.fullforceads.com
URL: https://tags.fullforceads.com/ffa-tag-ae033df2-f81d-42d9-b522-adbe9f9ad03b.tag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 40527f9aa28f6003ba45f2825305f5bf2e4bb5d9388f2595f70b1473eeee206c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F9h6BVkR2rViNyBERdgC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 809 B
773 B 37ms
29ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=479262&cb=sifi_att_2930496537758968._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ae033df2-f81d-42d9-b522-adbe9f9ad03b?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: df222d7c16cf302132ea0171b70ed66e913a2210ca737384b30103abc5d49546

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK favicon.ico
surviveinsight.com/ 15 KB
10 KB 170ms
169ms Other
image/vnd.microsoft.icon 74.124.27.101
HDCS

General

Check archive.org

Show headers Download Go to

Full URL: https://surviveinsight.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.124.27.101 , United States, ASN26405 (HDCS, US),
Reverse DNS: cust-74-124-27-101.dllstx01.corexchange.com
Software: Apache /
Resource Hash: 128781028a0dbd872f1e9719791c7d47059315a5450ff22528cfc6e15806b2ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/gear/1167/barracuda/?tune_id=10272cd837bdcdf80fa5517ff49562&tune_offer_id=34&tune_aff_id=1145&tid=moda
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 05:43:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Apr 2023 16:22:59 GMT
Server: Apache
ETag: "3c2e-5f8fdc9c3e0a8-gzip"
Vary: Accept-Encoding
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 9833

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DE255A65E52A41368B298D8793A8136C

0
238 B

315ms
46ms

Image
text/plain

2600:9000:211e:fa00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DE255A65E52A41368B298D8793A8136C
Protocol: H2
Server: 2600:9000:211e:fa00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
cache-control: no-cache, must-revalidate
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: rRRyKOBaK_OYExqF_FNiiAiMDiSFTSpdjBqf--4E3uy0bdTObn7LoQ==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

200

RX-87513e5d-fe07-4f12-8256-76a9950165b4-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/DE255A65E52A41368B298D8793A8136C
https://sync.1rx.io/usersync/simplifi/DE255A65E52A41368B298D8793A8136C?zcc=1&cb=1718257422511
https://sync.targeting.unrulymedia.com/csync/RX-87513e5d-fe07-4f12-8256-76a9950165b4-003

43 B
378 B

92ms
30ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-87513e5d-fe07-4f12-8256-76a9950165b4-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-87513e5d-fe07-4f12-8256-76a9950165b4-003
pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=DE255A65E52A41368B298D8793A8136C&dongle=yf3

37 B
141 B

315ms
23ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=DE255A65E52A41368B298D8793A8136C&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=DE255A65E52A41368B298D8793A8136C&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=DE255A65E52A41368B298D8793A8136C

43 B
176 B

490ms
111ms

Image
image/gif

2600:1f18:612b:4232:34c8:729f:c57a:a456
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=DE255A65E52A41368B298D8793A8136C
Protocol: H2
Server: 2600:1f18:612b:4232:34c8:729f:c57a:a456 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 13 Jun 2024 05:43:42 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=DE255A65E52A41368B298D8793A8136C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DE255A65E52A41368B298D8793A8136C

95 B
438 B

35ms
35ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DE255A65E52A41368B298D8793A8136C

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=DE255A65E52A41368B298D8793A8136C
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=DE255A65E52A41368B298D8793A8136C
https://d.agkn.com/pixel/10751/?che=1718257422496&ip=217.114.218.20&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217013104912000458159
https://um.simpli.fi/aa_px?sk=217013104912000458159
https://um.simpli.fi/empty.gif

43 B
362 B

27ms
27ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DE255A65E52A41368B298D8793A8136C

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
410 B 36ms
35ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
410 B 37ms
36ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=DE255A65E52A41368B298D8793A8136C;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=DE255A65E52A41368B298D8793A8136C;mimetype=img;sr
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

0
75 B

32ms
31ms

Image
text/plain

5.135.209.105
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 5.135.209.105 , France, ASN16276 (OVH, FR),
Reverse DNS: ip105.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
pragma: no-cache
date: Thu, 13 Jun 2024 05:43:41 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=DE255A65E52A41368B298D8793A8136C&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=DE255A65E52A41368B298D8793A8136C&j=0&xl8blockcheck=1

0
755 B

46ms
45ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=DE255A65E52A41368B298D8793A8136C&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=DE255A65E52A41368B298D8793A8136C&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
410 B 39ms
37ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=DE255A65E52A41368B298D8793A8136C

0
421 B

668ms
114ms

Image
text/plain

52.54.132.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=DE255A65E52A41368B298D8793A8136C
Protocol: HTTP/1.1
Server: 52.54.132.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-132-127.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 13 Jun 2024 05:43:42 GMT

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=DE255A65E52A41368B298D8793A8136C

62 B
481 B

434ms
180ms

Image
image/gif

2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=DE255A65E52A41368B298D8793A8136C
Protocol: H2
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 13 Jun 2024 05:43:42 GMT
content-length: 62
x-request-id: c856b053677256e7f0829807ae6ed16a
content-type: image/gif

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

404

tpid=DE255A65E52A41368B298D8793A8136C
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DE255A65E52A41368B298D8793A8136C

49 B
267 B

335ms
41ms

Image
image/gif

52.17.55.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DE255A65E52A41368B298D8793A8136C
Protocol: H2
Server: 52.17.55.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-55-191.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.28.236
content-length: 49
expires: 0

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=DE255A65E52A41368B298D8793A8136C

0
224 B

341ms
42ms

Image
text/plain

18.202.254.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=DE255A65E52A41368B298D8793A8136C
Protocol: H2
Server: 18.202.254.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-254-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=DE255A65E52A41368B298D8793A8136C

0
99 B

286ms
30ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=DE255A65E52A41368B298D8793A8136C
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:43:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1718257422062&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&...
https://www.google.com/pagead/1p-conversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiww...
https://www.google.de/pagead/1p-conversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwb...

42 B
64 B

68ms
36ms

Image
image/gif

142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIqNud2u_XhgMVZo-DBx2qexNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vc3Vydml2ZWluc2lnaHQuY29tLw&is_vtc=1&cid=CAQSGwDaQooLrfHvnFgy6WD053BOgmofKGS8qNVU-w&random=849381188&ipr=y

Protocol

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=236580141&cv=7&fst=1718257422062&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIqNud2u_XhgMVZo-DBx2qexNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6G2h0dHBzOi8vc3Vydml2ZWluc2lnaHQuY29tLw&is_vtc=1&cid=CAQSGwDaQooLrfHvnFgy6WD053BOgmofKGS8qNVU-w&random=849381188&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
273 B 40ms
39ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=DE255A65E52A41368B298D8793A8136C
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DDE255A65E52A41368B298D8793A8136C

43 B
1 KB

66ms
66ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DDE255A65E52A41368B298D8793A8136C

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
an-x-request-uuid: 19ee21c8-4a96-4e25-9bd8-0a6ef6a4a9cc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
an-x-request-uuid: 5e6c121d-8d85-46a9-9f94-d77ce75229bf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DDE255A65E52A41368B298D8793A8136C
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DE255A65E52A41368B298D8793A8136C&expires=365

0
239 B

299ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DE255A65E52A41368B298D8793A8136C&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=DE255A65E52A41368B298D8793A8136C&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=DE255A65E52A41368B298D8793A8136C

43 B
274 B

284ms
29ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=DE255A65E52A41368B298D8793A8136C
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://surviveinsight.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 13 Jun 2024 05:43:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=DE255A65E52A41368B298D8793A8136C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Jun 2024 05:43:42 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
410 B 108ms
33ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://surviveinsight.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 05:43:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: funnels.mycrisisgear.com
URL: https://funnels.mycrisisgear.com/flashlight_tf/bg/first-card-bg.jpg

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=DE255A65E52A41368B298D8793A8136C

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.reachclear.com/	1970-01-20 22:00:49	Name: enc_aff_session_12223 Value: ENC033c5dc2005023420fa528bdbe47a83b18401c9ed0b874568fa42523da8d94ab488826ca69db810edd636941c653398ba3915b32a809a6d7d6adffae5bf9b0f07ea428b75e85c8824175b77639e183c4a5d54a6763de8d1499622f5480a06c46fd11d60d960cc82c57db78e652b869b4ad31bd45dde57f5256f772c0d4145e7939e1b7f055cb057425d44565dc9bb9b3bbece49aa17b10e9ac18556cf829113ebb2a435f9a
www.reachclear.com/	1970-01-21 06:53:37	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZGUtREUsZGU7cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
links.uss-labs.com/	1970-01-20 22:00:49	Name: enc_aff_session_34 Value: ENC03f2985670112fc220667f322257d11e598e6e0492a4feaf278f39642f1bd15f040480e37b9e8fb97c37e9e56a0670d5ca1264fd0688e8778f787df6f2c46be9bd14e3a0732753cc22e0b2b7442daf5aa15623807ca713a8c4b5f09ea87f346322e07a87749e7648443ae89f233ff0e26c0d83a6326216c5f6715d8395d679004997f261342f97d762b37b8062df349806829c0b3ed8e09b823800085fc3199b2c047a9824
links.uss-labs.com/	1970-01-21 06:53:37	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZGUtREUsZGU7cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
.surviveinsight.com/	1969-12-31 23:59:59	Name: usscompanies Value: 2h778j1b51d4o80p2vtck8s8m0
.surviveinsight.com/	1970-01-21 06:53:37	Name: _ga_R9PZVQTH9Q Value: GS1.1.1718257420.1.0.1718257420.0.0.0
.surviveinsight.com/	1970-01-20 23:27:13	Name: _fbp Value: fb.1.1718257420815.113704447328340026
.surviveinsight.com/	1970-01-21 06:03:13	Name: _hjSessionUser_158498 Value: eyJpZCI6IjY1YjM3NjFmLTBlMmItNTQ1YS1hMmU4LWE2MmU5OTllNzc0MSIsImNyZWF0ZWQiOjE3MTgyNTc0MjA4NjEsImV4aXN0aW5nIjp0cnVlfQ==
.surviveinsight.com/	1970-01-20 21:17:39	Name: _hjSession_158498 Value: eyJpZCI6ImJjMDFlZGRmLTQ3ZGUtNDhmZC05OGZkLTFhZDg5ZTU2MmYwYiIsImMiOjE3MTgyNTc0MjA4NjIsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.surviveinsight.com/	1970-01-21 06:45:35	Name: _hp2_props.1821211314 Value: %7B%22FID%22%3A%221167%22%7D
.surviveinsight.com/	1970-01-21 06:45:35	Name: _hp2_id.1821211314 Value: %7B%22userId%22%3A%22304828521458010%22%2C%22pageviewId%22%3A%223767747890496250%22%2C%22sessionId%22%3A%228684579913739305%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.surviveinsight.com/	1970-01-21 06:53:37	Name: _ga Value: GA1.2.1192646566.1718257421
.surviveinsight.com/	1970-01-20 21:19:03	Name: _gid Value: GA1.2.1189363408.1718257421
.surviveinsight.com/	1970-01-20 21:17:37	Name: _gat Value: 1
.simpli.fi/	1970-01-21 06:04:39	Name: suid Value: DE255A65E52A41368B298D8793A8136C
.surviveinsight.com/	1970-01-20 21:17:39	Name: _hp2_ses_props.1821211314 Value: %7B%22ts%22%3A1718257420926%2C%22d%22%3A%22surviveinsight.com%22%2C%22h%22%3A%22%2Fgear%2F1167%2Fbarracuda%2F%22%2C%22q%22%3A%22%3Ftune_id%3D10272cd837bdcdf80fa5517ff49562%26tune_offer_id%3D34%26tune_aff_id%3D1145%26tid%3Dmoda%22%7D
.simpli.fi/	1970-01-20 21:27:42	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-20 21:17:38	Name: test_cookie Value: CheckForPermission
.tapad.com/	1970-01-20 22:44:01	Name: TapAd_TS Value: 1718257422488
.tapad.com/	1970-01-20 22:44:01	Name: TapAd_DID Value: 5bc363be-ef7f-474e-b298-28eb8889e4fa
.agkn.com/	1970-01-21 06:03:13	Name: ab Value: 0001%3A%2BEjt8UKk%2BX1RLIGEfySKNLjKB5thpmSb
.adnxs.com/	1970-01-20 23:27:13	Name: XANDR_PANID Value: 8Dp2aHp-P2uG8oQypysvu8dyAfJ6iAp2ZrYsaVo0V7SVfzmJYvaO3LNauY9Igweky1pvPLCsGCqlwZYBNmf3wvkEoo-byz5f_nA9M8LhRWk.
.adnxs.com/	1970-01-21 06:53:37	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:27:13	Name: uuid2 Value: 2382938601469132769
.1rx.io/	1970-01-21 06:03:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-87513e5d-fe07-4f12-8256-76a9950165b4-003%22%7D
.tapad.com/	1970-01-20 22:44:01	Name: TapAd_3WAY_SYNCS Value:
.pro-market.net/	1970-01-21 01:36:49	Name: anProfile Value: "-15bbcxqvuwfn9+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60000202403247000000000006+s2=(sf07wu)+vm=24-DE255A65E52A41368B298D8793A8136C"
.pro-market.net/	1970-01-20 22:00:49	Name: anHistory Value: "-15bbcxqvuwfn9+2+!#6wM#p!B&r"
.exelator.com/	1970-01-21 00:10:25	Name: EE Value: "a040cc787cf9975e852040e5fa4e989e"
.adnxs.com/	1970-01-20 23:27:13	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C$MhF[%+!]tbPl1N!7OnM$=BWXyfSNdjglg4rfS1wUk_d7WfS:wIdZIWqi2vG6Cp)l`D)fD.g4dkXstGt!@BEr)J#S?
.agkn.com/	1970-01-21 06:03:13	Name: u Value: C\|0AAAAAAAALf1DjgAAAAAA
.exelator.com/	1970-01-21 00:10:25	Name: ud Value: "eJxrXxzq6XKLQSHRwMQgOdncwjw5zdLS3DTVwtQIKJJqmpZokmppYZm6uCy1aMHS0uLUlKRDSypySnKaVpfFhzrGuzn6evpELnPOKMrPTV0BFgpzDVpsaGS2JL8oM32Ri%252BviopQ0hkUlxaeCT3AIAACXpilf"
.targeting.unrulymedia.com/	1970-01-21 06:03:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-87513e5d-fe07-4f12-8256-76a9950165b4-003%22%7D
.bluekai.com/	1970-01-21 01:41:08	Name: bku Value: blx999bcSZS+0nW4
.bluekai.com/	1970-01-21 01:41:08	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDHa1MDNxERNHED0xExh1pRTxM/8mWxTBpApxEQh1pje9y97Kyre
.bfmio.com/	1970-01-21 06:03:13	Name: __141_cid Value: DE255A65E52A41368B298D8793A8136C
.bfmio.com/	1970-01-21 06:03:13	Name: __io_cid Value: c3ed45f373381b4ffc22a3bc269e365687a8cf7a

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=DE255A65E52A41368B298D8793A8136C Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=DE255A65E52A41368B298D8793A8136C Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ajax.googleapis.com
bcp.crwdcntrl.net
cdn.heapanalytics.com
cdn.usscompaniescrm.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
funnels.mycrisisgear.com
googleads.g.doubleclick.net
heapanalytics.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
links.uss-labs.com
loadm.exelator.com
maxcdn.bootstrapcdn.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
script.hotjar.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
surviveinsight.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tags.fullforceads.com
um.simpli.fi
us-u.openx.net
usscompaniescrm.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.reachclear.com
funnels.mycrisisgear.com
sync.intentiq.com
104.18.10.207
13.248.245.213
13.32.27.54
13.32.27.86
142.250.181.226
142.250.186.130
142.250.186.162
142.250.186.35
142.250.186.36
18.202.254.222
18.66.102.106
18.66.112.19
2.23.197.190
2001:4860:4802:32::36
2001:4860:4802:38::178
2600:1901:0:8eee::
2600:1f18:612b:4232:34c8:729f:c57a:a456
2600:9000:211e:fa00:1b:5138:8a40:93a1
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c0b::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.127.112.86
3.248.18.157
3.64.19.180
34.111.113.62
34.91.62.186
34.98.64.218
35.234.162.151
35.244.174.68
37.252.173.215
46.228.174.117
5.135.209.105
52.1.119.38
52.17.55.191
52.54.132.127
54.78.254.47
63.33.132.65
66.45.234.162
69.173.144.165
74.124.27.101
74.124.27.105
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0cc65eca7594895e53e1f3d0fa6d0675b7f385edc981de104d8f33767999db
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
128781028a0dbd872f1e9719791c7d47059315a5450ff22528cfc6e15806b2ad
16d07f40f24b08df5d29432650085ac1e2fafd005b3796f9fbfc1e0e875b64e9
1a677ffa608881e69783e0ef0cd017ce15075ca43df01a401405b87f65c41f14
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2520b8af6eb3eb8c3c80cdeb0f5ff9709a51591710079010543c4e991dd6b772
27e389e9319494ca6b59dedaddaf1182b01cad2a6fea5a6861fd5510d9e0f535
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40527f9aa28f6003ba45f2825305f5bf2e4bb5d9388f2595f70b1473eeee206c
42a6257c0b891197dfb7ecada96fe2868c7d8f58d9b7d517b075ccbacb71d779
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baa12ac551956d4ba1e8bd819296032f2bf5aa2c20dd91931d9387a92fc161f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53a18dc992f7a6437606f70183c88e1280dc81999c040c63cf8a45dca3934ff3
55371ec8c0e2fe23fcd61a0cc9084cf9387f39e593f775e03279654c7e041861
55dd9fc39774af68d4ed30d6b668427f3b1ab86db5dff36cdf179573140f4b5a
612fd1c6c0dd1e75c10bdc4b445e534902d796e028ad4b5cf0229a34a585d5cb
6309e76ef65c0f361a66e42a09fbd730761d481a9be463f3aad41b48ae2a0d08
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f
813efd0d540cbe0243e5a53ddfe8f1665c47131cf5b1ee3bd8e24e74ed52765e
820424dde609855f15b0a59b905624ac1e49eec9f9c0e0048718201103ed4c23
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
89a2840e72b9ea060982f79dd7c1ac1cc747617f2bd9790b79ac09497d97fe8f
8ce53557a15776d8914772778ce121d6352175a65e3784be1671e93daf4deb9a
92e14835c8da97b3398109a643a69858c8c88312bc996477e04f0910a69b7a7b
9534b0af4c2ca05fec98aafefde4403da69fd75fd998624139e538574928d198
9be9de2e5fa10d9cb07ff04b308f45b8d7aab81a933713876beeb25751763d2c
9da76a4acc9d2aa9459fb9680e63c605c54ff3536cb72cabf13bd9467efdf0ff
9f480a819c08a5b7099b9d9c72b12df04fb358f597e365a12783c4bcb369617b
9f5b10d5a8f1bd171859b855eab37ee7ea89f5dac01b6f77ea5f859bd3654a85
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac79edb4cb21484bbea4f30cc81f75718e69de145f628cb761acff31120c777b
affcf2876900c5b2658bcc08183a60389bec005a6377682eb45c45703f448e67
b20fc57778fe15d442a7e71a27fee3f670005aacfbbe5c4f46ab9e2d832ca315
b386ffe029cee9c3ae5b1064c6c242b1baa695fec220e90855d140f5e15dc39a
b44241d581cc9b985f00da16755f79791ce15b3a14c4de2b0ee50bcf3b734652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0b300163483c06fde9ad0577c76b4f44d4d272750ca2447b3b9de65d0693be
df222d7c16cf302132ea0171b70ed66e913a2210ca737384b30103abc5d49546
e1f62f2b1786971828ded79d7184fbdbe508c76a7a9353eefb268b0bfd2ec866
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d24290bdac2a3991280aaeb4f7083774fbe298392791905bc4525d24558977
ea105bfad47b31338aa2c9039fe93aaeb762b24d074590e3742015275a2a6bf7
ee70a091af7d247435baaada5bde1057e140cd470e9dd3fd12a11199d987bbbb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f27e25621a9150fc6a233efe9168d8d384845c5b5dfbe01e270ba3eb33e60b
f85f4883d53d0f3dfb252d418e5862b714446bf419198b244a85ff766a1ee05e
f895f8c3d6c26bc3408febd6e0ea0a1fc3b69c7953c5451b6c6cbd6a3fede753

surviveinsight.com Open in urlscan Pro 74.124.27.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

77 %HTTPS

27 %IPv6

40 Domains

50 Subdomains

38 IPs

8 Countries

1298 kBTransfer

2407 kBSize

37 Cookies

4 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

surviveinsight.com Open in urlscan Pro
74.124.27.101 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

77 %
HTTPS

27 %
IPv6

40
Domains

50
Subdomains

38
IPs

8
Countries

1298 kB
Transfer

2407 kB
Size

37
Cookies

83 HTTP transactions
0 data transactions