surveymixer.com Open in urlscan Pro
2606:4700:e2::ac40:8810  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request wucss5r36u6qmt912mt6ek5c Show response surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/	67 KB 19 KB	321ms 283ms	Document text/html	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce0bf0eb8343e4f5d8935e7274597b98a74328ff815b65a26e695fb28d72a587 Request headers :method GET :authority surveymixer.com :scheme https :path /fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 18 Aug 2020 13:13:41 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d399e3a292495e071cccd3bd5f960cc911597756420; expires=Thu, 17-Sep-20 13:13:40 GMT; path=/; domain=.surveymixer.com; HttpOnly; SameSite=Lax PHPSESSID=g4lql5bmgrpvhh5he59cdve860; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 04a34d4a96000005f5b62b9200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5c4be4bdbce705f5-FRA content-encoding br
GET H2	200	bootstrap.min.css surveymixer.com/assets/bootstrap/dist/css/	118 KB 18 KB	19ms 19ms	Stylesheet text/css	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://surveymixer.com/assets/bootstrap/dist/css/bootstrap.min.css Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT content-encoding br cf-cache-status HIT last-modified Tue, 16 May 2017 22:43:10 GMT server cloudflare age 2378 etag W/"1d9ac-54fabe5629b80-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5c4be4bf8b7205f5-FRA cf-request-id 04a34d4bb9000005f5b62d1200000001
GET H2	200	ipad.png surveymixer.com/images/	23 KB 23 KB	18ms 18ms	Image image/png	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/images/ipad.png Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e87b95d23998a3fcf71b26abdea393644e5fceaee4cb2c796aaee90a3bbfe61 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Sun, 13 Oct 2019 07:24:53 GMT server cloudflare age 2378 etag "5a51-594c5a5bbff73" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4bf9b7905f5-FRA content-length 23121 cf-request-id 04a34d4bbb000005f5b62d2200000001
GET H2	200	5.jpg surveymixer.com/people/	1 KB 1 KB	14ms 11ms	Image image/jpeg	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/people/5.jpg Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 856a3e25e403c4f577c63b78a2ee734deedeb7b77fdb25a600b2a5dded64f722 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Wed, 17 May 2017 05:41:00 GMT server cloudflare age 2378 etag "4e2-54fb1bbac7300" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4bfcc4205f5-FRA content-length 1250 cf-request-id 04a34d4bd9000005f5b62db200000001
GET H2	200	3.jpg surveymixer.com/people/	936 B 1 KB	22ms 19ms	Image image/jpeg	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/people/3.jpg Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7532d53e07de8cd28c1a4d98e284df714255ec21c86d6756fe9261ec30691cf Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Wed, 17 May 2017 05:41:00 GMT server cloudflare age 2378 etag "3a8-54fb1bbac7300" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4bfcc4505f5-FRA content-length 936 cf-request-id 04a34d4bd9000005f5b62dc200000001
GET H2	200	4.jpg surveymixer.com/people/	1005 B 1 KB	22ms 19ms	Image image/jpeg	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/people/4.jpg Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4475cabe931a1f71deea2db0509054d4261af226673c9450f0085b82d6d123f Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Wed, 17 May 2017 05:41:00 GMT server cloudflare age 2378 etag "3ed-54fb1bbac7300" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4bfcc4805f5-FRA content-length 1005 cf-request-id 04a34d4bd9000005f5b62dd200000001
GET H2	200	2.jpg surveymixer.com/people/	1 KB 1 KB	15ms 12ms	Image image/jpeg	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/people/2.jpg Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ac98de861aae4984b0d4a2eaaf03525b8a230f6645598d7951ad970eb35193a Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Wed, 17 May 2017 05:41:00 GMT server cloudflare age 2378 etag "4bc-54fb1bbac7300" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4bfcc4a05f5-FRA content-length 1212 cf-request-id 04a34d4bd9000005f5b62de200000001
GET H2	200	1.jpg surveymixer.com/people/	2 KB 2 KB	16ms 13ms	Image image/jpeg	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/people/1.jpg Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 957fa9d8e22009502c40c12d830e48a28de8cfdcec5926bfb27830ef3b460611 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Wed, 17 May 2017 05:41:00 GMT server cloudflare age 2377 etag "78d-54fb1bbac7300" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4bfcc4b05f5-FRA content-length 1933 cf-request-id 04a34d4bdb000005f5b62df200000001
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.2/	94 KB 33 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:819::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 12 Aug 2020 23:15:31 GMT content-encoding gzip x-content-type-options nosniff age 482290 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33495 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Aug 2021 23:15:31 GMT
GET H2	200	bootstrap.min.js Show response surveymixer.com/assets/bootstrap/dist/js/	36 KB 9 KB	13ms 13ms	Script application/javascript	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://surveymixer.com/assets/bootstrap/dist/js/bootstrap.min.js Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT content-encoding br cf-cache-status HIT last-modified Tue, 16 May 2017 22:43:14 GMT server cloudflare age 2378 etag W/"9004-54fabe59fa480-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c4be4bfbbfd05f5-FRA cf-request-id 04a34d4bd0000005f5b62d7200000001
GET H2	200	scripts-w14.js Show response surveymixer.com/assets/js/	14 KB 3 KB	16ms 13ms	Script application/javascript	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://surveymixer.com/assets/js/scripts-w14.js?v=2&cc=us Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f43c0c642d19183971b6cf5ff374374456ef4281b2691bd28a6fb3b251b03fc4 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT content-encoding br cf-cache-status HIT last-modified Wed, 22 Apr 2020 13:07:35 GMT server cloudflare age 2378 etag W/"3763-5a3e0d0dc2ef8-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c4be4bfcc3f05f5-FRA cf-request-id 04a34d4bd9000005f5b62da200000001
GET H2	200	css fonts.googleapis.com/	5 KB 675 B	17ms 14ms	Stylesheet text/css	2a00:1450:4001:825::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,400italic,700,700italic,900,900italic Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cc70a177f8fc0cae26b10387ba3d758417d8025a24775b7b9ab4c5ec820e81d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 18 Aug 2020 13:13:41 GMT server ESF date Tue, 18 Aug 2020 13:13:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 18 Aug 2020 13:13:41 GMT
GET H2	200	walgreens.jpg surveymixer.com/assets/images/	115 KB 115 KB	14ms 13ms	Image image/jpeg	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/assets/images/walgreens.jpg Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3ae57cdeed9077dc089c1a0a23a7b945dd84f730332ceaac0109ce811bc8b74 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Fri, 27 Sep 2019 23:13:24 GMT server cloudflare age 6591 etag "1cc05-5939108664891" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4bfcc4e05f5-FRA content-length 117765 cf-request-id 04a34d4bdb000005f5b62e0200000001
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d43c47d081ccec81e0af4c139eb7ad18c06fd84cd5aafe96fbcb55bd4e29efb5 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	fingerprint2.min.js Show response surveymixer.com/js/fingerprintjs2/1.5.0/	34 KB 10 KB	55ms 53ms	Script application/javascript	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://surveymixer.com/js/fingerprintjs2/1.5.0/fingerprint2.min.js Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13774735c1ed030c52d47a268b2a2d1bc16be14cc433c61fcfc6ee1f81a4e96e Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT content-encoding br cf-cache-status HIT last-modified Thu, 17 May 2018 09:19:51 GMT server cloudflare age 2378 etag W/"870d-56c63566b7bc0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c4be4c04e1b05f5-FRA cf-request-id 04a34d4c2b000005f5b62e8200000001
GET H2	200	mobile-detect.min.js Show response surveymixer.com/assets/js/mobile-detect.js-master/	37 KB 15 KB	16ms 15ms	Script application/javascript	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://surveymixer.com/assets/js/mobile-detect.js-master/mobile-detect.min.js Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cdfa9a147ae8d8357855515bab5291b8c9342eeed9d638b47103c19d9d9aaf36 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT content-encoding br cf-cache-status HIT last-modified Tue, 16 May 2017 22:45:14 GMT server cloudflare age 2378 etag W/"92a8-54fabecc6b280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c4be4c04e1e05f5-FRA cf-request-id 04a34d4c2b000005f5b62e9200000001
GET H2	200	banner-bf.js Show response surveymixer.com/utils/banners/	747 B 491 B	14ms 13ms	Script application/javascript	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://surveymixer.com/utils/banners/banner-bf.js?v=1.03 Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cb733787aea9bc0e425240b2c5eac93936f98808cd1f72d60954ab6623809b6 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT content-encoding br cf-cache-status HIT server cloudflare age 2378 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 status 200 cache-control max-age=14400 cf-ray 5c4be4c04e2205f5-FRA access-control-allow-origin * cf-request-id 04a34d4c2b000005f5b62ea200000001
GET H2	200	2020-8.png surveymixer.com/utils/banners/images/2020-months/	16 KB 16 KB	12ms 12ms	Image image/png	2606:4700:e2::ac40:8810 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://surveymixer.com/utils/banners/images/2020-months/2020-8.png Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8810 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e48fb4d6d29c136e4508b8977378675092a2839034e029ff33209add0b743a4 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT cf-cache-status HIT last-modified Fri, 03 Jan 2020 23:34:42 GMT server cloudflare age 2377 etag "3f82-59b44c10914f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c4be4c0e85305f5-FRA content-length 16258 cf-request-id 04a34d4c8e000005f5b62f8200000001
GET H2	200	trackpush-v2-cm.js Show response pushrev.neptuneadspush.com/javascripts/	29 KB 8 KB	86ms 32ms	Script application/javascript	2606:4700:3031::ac43:8b21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pushrev.neptuneadspush.com/javascripts/trackpush-v2-cm.js Requested by Host: surveymixer.com URL: https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8b21 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be4653df522b239477dd263fe3cf12f15ad504013bc28637d6b94baa9f08b4b6 Request headers Referer https://surveymixer.com/fly/w14/cc/us/c/%7C435/id/wucss5r36u6qmt912mt6ek5c/trk/secondpromo.com/k/walgreens/lpc/1597756377356/wid/opn1/src/75_pa/clickid/wucss5r36u6qmt912mt6ek5c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Aug 2020 13:13:41 GMT content-encoding br cf-cache-status HIT server cloudflare age 2160 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 status 200 cache-control max-age=2678400 cf-ray 5c4be4c28f8fd467-HAM access-control-allow-origin * cf-request-id 04a34d4d960000d467da8bb200000001

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| r object| wall_json object| mydate number| year number| day number| month number| daym object| dayarray object| montharray function| $ function| jQuery object| jQuery111209808626617830121 function| findGetParameter number| offer_tick undefined| zz function| buildOfferHtml function| getRandomInt string| ss string| ex_id function| Fingerprint2 function| MobileDetect object| postData function| _pushNotificationsReady function| _pushNotificationsPermissionDenied function| _TRKPushPermissionDenied function| _pushNotificationsPermissionGranted function| _TRKPushPermissionGranted object| _at object| comp object| fpinfo string| css object| head object| style object| img function| logClick object| $questionsForm object| $activeQuestion object| $nextQuestion function| _TRKPushDeferred function| getUrlVars function| urlBase64ToUint8Array function| _TRKPushGetDeviceType function| _TRKPushGetPageDetails function| _TRKPushGetReferrer function| _TRKPushGetLanguage function| _TRKPushGetResolution function| _TRKPushGetBrowserInfo function| _TRKPushGetSystemInfo function| _TRKPushInitialize function| _TRKPushGetSiteConfig function| _TRKPushLoadPrompt function| _TRKPushPromptApprove function| _TRKPushPromptDeny function| _TRKPushPromptCancel function| _TRKPushRemovePoweredBy function| _TRKPushShowPoweredBy function| _TRKPushGetSubscriberID function| _TRKPushSendTrackData function| _TRKPushGetSubscriberIDFromToken function| _TRKPushGenerateID function| _TRKPushGetCookie function| _TRKPushSetCookie function| _TRKPushDeleteCookie function| _TRKPushTrackAttributes function| _TRKPushOptInResponse function| _TRKPushPrompt function| _TRKPushTrackEvent function| _TRKPushAbandonedCart function| _TRKPushGetPushToken function| _TRKPushSupportsPush function| _TRKPushCheckHTTPS function| _TRKPushCheckPermissions function| _TRKPushRunNative function| _TRKPushSafariRun function| _TRKPushChromeRun function| _TRKPushSubscribe function| _TRKPushExtractSubscriptionId function| _TRKPushSendSubscriptionToServer function| _TRKPushRegisterWorker function| _TRKPushFetchSubscriberIDFromWorker function| _TRKPushConsoleOutput function| _TRKPushSendWorkerMessage function| _TRKPushLoad string| domain string| owner string| idSite boolean| showDebug boolean| subscriberID_existed undefined| _TRKPushPushToken undefined| _TRKPushSubscriberID undefined| _TRKPushCallResponse undefined| trackData string| currentPage string| _TRKPushAPI boolean| _TRKPushRanScript undefined| webURL undefined| logid

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			surveymixer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: g4lql5bmgrpvhh5he59cdve860
			.surveymixer.com/	1970-01-19 12:32:28	Name: __cfduid Value: d399e3a292495e071cccd3bd5f960cc911597756420

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://pushrev.neptuneadspush.com/javascripts/trackpush-v2-cm.js(Line 451) Message: Push notifications powered by TRKPush
console-api	warning	URL: https://pushrev.neptuneadspush.com/javascripts/trackpush-v2-cm.js(Line 475) Message: [PUSHNOTIFICATIONS] - Browser does not support push

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
pushrev.neptuneadspush.com
surveymixer.com
2606:4700:3031::ac43:8b21
2606:4700:e2::ac40:8810
2a00:1450:4001:819::200a
2a00:1450:4001:825::200a
13774735c1ed030c52d47a268b2a2d1bc16be14cc433c61fcfc6ee1f81a4e96e
1e48fb4d6d29c136e4508b8977378675092a2839034e029ff33209add0b743a4
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2ac98de861aae4984b0d4a2eaaf03525b8a230f6645598d7951ad970eb35193a
2cb733787aea9bc0e425240b2c5eac93936f98808cd1f72d60954ab6623809b6
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
7e87b95d23998a3fcf71b26abdea393644e5fceaee4cb2c796aaee90a3bbfe61
856a3e25e403c4f577c63b78a2ee734deedeb7b77fdb25a600b2a5dded64f722
957fa9d8e22009502c40c12d830e48a28de8cfdcec5926bfb27830ef3b460611
a3ae57cdeed9077dc089c1a0a23a7b945dd84f730332ceaac0109ce811bc8b74
be4653df522b239477dd263fe3cf12f15ad504013bc28637d6b94baa9f08b4b6
cc70a177f8fc0cae26b10387ba3d758417d8025a24775b7b9ab4c5ec820e81d4
cdfa9a147ae8d8357855515bab5291b8c9342eeed9d638b47103c19d9d9aaf36
ce0bf0eb8343e4f5d8935e7274597b98a74328ff815b65a26e695fb28d72a587
d43c47d081ccec81e0af4c139eb7ad18c06fd84cd5aafe96fbcb55bd4e29efb5
d7532d53e07de8cd28c1a4d98e284df714255ec21c86d6756fe9261ec30691cf
e4475cabe931a1f71deea2db0509054d4261af226673c9450f0085b82d6d123f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f43c0c642d19183971b6cf5ff374374456ef4281b2691bd28a6fb3b251b03fc4