www.paymentssource.com Open in urlscan Pro
13.224.95.71  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

• https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
• https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 44

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1113916&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&time=1591036378363 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1113916%26url%3Dhttps%253A%252F%252Fwww.paymentssource.com%252Fcoronavirus%253Futm_source%253Dresearch%2526utm_medium%253Demail%2526utm_campaign%253DPSO_Sentiment_Survey%2526bt_ee%253DoVPoh%25252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%25252FvMCGWUPzDxlamk1LW2w5LjUi%25252BacQvdC6JveF%25252BkevVIzw%25253D%25253D%2526bt_ts%253D1591034881989%26time%3D1591036378363%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1113916&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&time=1591036378363&liSync=true

Request Chain 47

• https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&gjid=528135622&_gid=1177742437.1591036378&_u=aGBAgEAL~&z=983760048 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&_v=j82&z=983760048 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&_v=j82&z=983760048&slf_rd=1&random=411429151

Request Chain 58

• https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D48414%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.paymentssource.com%252Fcoronavirus%253Futm_source%253Dresearch%2526utm_medium%253Demail%2526utm_campaign%253DPSO_Sentiment_Survey%2526bt_ee%253DoVPoh%25252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%25252FvMCGWUPzDxlamk1LW2w5LjUi%25252BacQvdC6JveF%25252BkevVIzw%25253D%25253D%2526bt_ts%253D1591034881989&_=1591036378493 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D48414%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.paymentssource.com%25252Fcoronavirus%25253Futm_source%25253Dresearch%252526utm_medium%25253Demail%252526utm_campaign%25253DPSO_Sentiment_Survey%252526bt_ee%25253DoVPoh%2525252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2525252FvMCGWUPzDxlamk1LW2w5LjUi%2525252BacQvdC6JveF%2525252BkevVIzw%2525253D%2525253D%252526bt_ts%25253D1591034881989%26_%3D1591036378493 HTTP 302
• https://a.dpmsrv.com/dpmpxl/index.php?id=1162883685009468026&q=xImp&v=1.x&cl=342&pixelIndex=0&r=48414&tzOffset=-120&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&_=1591036378493

Request Chain 59

• https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3610690416145334325&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3610690416145334325&redir=

Request Chain 60

• https://idsync.rlcdn.com/395886.gif?partner_uid=3610690416145334325 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMDY5MDQxNjE0NTMzNDMyNRAAGg0I2pPV9gUSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=820cc553e53568f773d68ef8566116f395c2bfad53e3471a2dccbaa6b8ab3e3bf4cb09cee1a4f8eb&person_id=3610690416145334325&eid=50082

Request Chain 61

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://ml314.com/utsync.ashx?eid=53819&et=0&fp=fbe6166c-9aca-49ec-9d98-a3bc438ffc59 HTTP 302
• https://ml314.com/csync.ashx?fp=fbe6166c-9aca-49ec-9d98-a3bc438ffc59&person_id=3610690416145334325&eid=53819

Request Chain 62

• https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610690416145334325 HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610690416145334325 HTTP 302
• https://ml314.com/csync.ashx?fp=3090e7a6b79465c4b61fc3678f4deec9&eid=50146&person_id=3610690416145334325

Request Chain 73

• https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1162883685009468026&pixelIndex=0&_=1591036378494 HTTP 302
• https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1162883685009468026&pixelIndex=0&_=1591036378494&google_gid=CAESEIVxzU-q0GVwVXiVdEOsGOU&google_cver=1

Request Chain 126

• https://ib.adnxs.com/seg?member=827&add=7568712,6451507,6745346 HTTP 307
• https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D7568712%2C6451507%2C6745346

Request Chain 127

• https://secure.adnxs.com/px?id=803560&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D803560%26t%3D2

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set coronavirus Show response www.paymentssource.com/	114 KB 26 KB	557ms 374ms	Document text/html	13.224.95.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-71.zrh50.r.cloudfront.net Software Apache-Coyote/1.1 / Brightspot Resource Hash 88d4490bcb33747d9ca93593a3a48143bcf1b14cf42aac775d0ba5774f283f10 Request headers Host www.paymentssource.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html;charset=UTF-8 Content-Length 25877 Connection keep-alive Cache-Control max-age=120 Content-Encoding gzip Date Mon, 01 Jun 2020 18:32:57 GMT Server Apache-Coyote/1.1 Set-Cookie JSESSIONID=D17586BAA8C7AF389471E317AC88D12B; Path=/; HttpOnly X-Powered-By Brightspot Vary Accept-Encoding X-Cache Miss from cloudfront Via 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront) X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id rjDXmhh6IxIR09vKleN-Qf-aqROcDldGDgWFoSsbdEYHqhr4URbwIg==
GET H/1.1	200 OK	All.min.689f5c408ccbc53e6cc86d5b6c3fb447.gz.css arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/	429 KB 61 KB	142ms 29ms	Stylesheet text/css	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/All.min.689f5c408ccbc53e6cc86d5b6c3fb447.gz.css Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 85098ad80546742ce7debe21bbac266761786dfe2aefa884795fca70e06a7d1f Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 26 May 2020 18:10:33 GMT Content-Encoding gzip Connection keep-alive Last-Modified Tue, 26 May 2020 17:30:15 GMT Server AmazonS3 Age 519745 ETag "1e0e52450bdc742132fc63af9fc65188" X-Cache Hit from cloudfront Content-Type text/css Via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes Content-Length 61889 X-Amz-Cf-Id j4okedlQStfY3HsC7UTYqvkutaWJbwAeL7koG6to8byU-amTGdVEeQ==
GET H/1.1	200 OK	All.min.7954c70281fa2cf695530d77028293ae.gz.js Show response arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/	1 MB 287 KB	175ms 42ms	Script text/javascript	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/All.min.7954c70281fa2cf695530d77028293ae.gz.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash e1ec9491a194423a9a5080f592576b584dea10a0ccabcbb01ec05016339f12d4 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 26 May 2020 18:10:34 GMT Content-Encoding gzip Connection keep-alive Last-Modified Tue, 26 May 2020 17:30:16 GMT Server AmazonS3 Age 519744 ETag "6281a6fe81a655a98c45787b248e5988" X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes Content-Length 293717 X-Amz-Cf-Id kFHInSm8RR-kQxFQ2CBt0qCfjC-7CWYECVWW0ChEpXcoiXjPwfx9Yw==
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	45 KB 15 KB	18ms 16ms	Script text/javascript	2a00:1450:4001:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e50b553bd3497da68d8b773ca113808d323308e32e64400495a8cc3686a5ec6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:57 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "531 / 809 of 1000 / last-modified: 1591027710" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 15100 x-xss-protection 0 expires Mon, 01 Jun 2020 18:32:57 GMT
GET H/1.1	200 OK	iasPET.1.js Show response cdn.adsafeprotected.com/	22 KB 6 KB	159ms 40ms	Script application/javascript	13.224.95.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.adsafeprotected.com/iasPET.1.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.41 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-41.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash aea6a1cba8f14ad8d11b44f1ab102831768abefa9f33e8dbb496450df730537a Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 00:48:16 GMT Content-Encoding gzip Connection keep-alive Last-Modified Mon, 30 Mar 2020 14:33:25 GMT Server AmazonS3 Age 63882 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront) Cache-Control max-age=604800 Transfer-Encoding chunked X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id 0r0kZl9ThQBNXm7ppBKaU8nJq7Q-DgvtPCw15d6loTmRIv7fwBSvFw==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/	86 KB 30 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 May 2020 11:31:38 GMT content-encoding gzip x-content-type-options nosniff age 457279 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 27 May 2021 11:31:38 GMT
GET H/1.1	200 OK	paymentsource-ko.svg arizent.brightspotcdn.com/f9/a7/8ea4bfc0484eb1a4707362dfdcc0/	10 KB 10 KB	33ms 29ms	Image image/svg+xml	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/f9/a7/8ea4bfc0484eb1a4707362dfdcc0/paymentsource-ko.svg Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash a9239255e4f5245f5b934e97cc03170bc4df9df2490a04863de66cbe51e838a8 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 25 May 2020 23:02:22 GMT Via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) Connection keep-alive Last-Modified Thu, 29 Aug 2019 17:28:49 GMT Server AmazonS3 Age 588636 ETag "326df1fd52b979752cada469e415e7ac" X-Cache Hit from cloudfront Content-Type image/svg+xml Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes Content-Length 9875 X-Amz-Cf-Id Sa8mPysvRS83CmpmjKzveAKOMxkng8EO4HI0FEWi8KrDSoR8KLIWcg==
GET H/1.1	200 OK	coronavirus-impact.svg arizent.brightspotcdn.com/d6/08/1ee0e3f343c1adc0de21ed345ad1/	540 B 1 KB	64ms 30ms	Image image/svg+xml	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/d6/08/1ee0e3f343c1adc0de21ed345ad1/coronavirus-impact.svg Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 66f68b587bc030500b04f4753de31e8f69ba9f2e9bed42a85bc770b18d398b43 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:30:26 GMT Via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) Connection keep-alive Last-Modified Mon, 09 Mar 2020 20:51:01 GMT Server AmazonS3 Age 152 ETag "45c1cba96b84df651424cffd46f67217" X-Cache Hit from cloudfront Content-Type image/svg+xml Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes Content-Length 540 X-Amz-Cf-Id HsHGsAfM7s0zeyP529SspeJsK4LuDnG_m3UzK-bevle27yA7ykI8ow==
GET H/1.1	200 OK	/ arizent.brightspotcdn.com/dims4/default/f5a8047/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/	12 KB 13 KB	98ms 36ms	Image image/png	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/dims4/default/f5a8047/2147483647/strip/true/crop/1000x165+0+0/resize/727x120!/quality/90/?url=https%3A%2F%2Farizent.brightspotcdn.com%2F01%2F05%2F6f8ad49b408398d634628e2d653f%2Farizent-logo.png Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software Apache / Resource Hash c0bf2ffd17947ef568c786a47a930113f516a10a09b72485363621d110ff207b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 13 Feb 2020 14:35:40 GMT Via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) Connection keep-alive Server Apache Age 9431837 ETag ed6f6db23c7ed960c562b040a3d50984 X-Cache Hit from cloudfront Content-Type image/png Edge-Control downstream-ttl=31536000 Cache-Control max-age=31536000, public X-Amz-Cf-Pop ZRH50-C1 Content-Length 12422 X-Amz-Cf-Id AqC-L7fbQwys839veP8k2sqSkUGNWoV2AsoCZoPyP6XNseFcYMOSeg== Expires Fri, 12 Feb 2021 14:35:40 GMT
GET H/1.1	200 OK	bsp-analytics.min.6d69b9c92fae206d4b74ad35e7b2122d.gz.js Show response arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/_resource/analytics/	9 KB 3 KB	29ms 29ms	Script text/javascript	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/_resource/analytics/bsp-analytics.min.6d69b9c92fae206d4b74ad35e7b2122d.gz.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 19ad4857414cba9b85e8b21cc3ede7426f03d341837d0c6535b6750644371053 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 19 Feb 2020 23:16:43 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 23 May 2019 20:54:42 GMT Server AmazonS3 Age 8882175 ETag "8e517a0316c98f5cb9eb788fea1149a1" X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes Content-Length 2859 X-Amz-Cf-Id XSdMx8PnnGjQbpH3PJ-9IURXIvNdayG3bymVCMeGjWAuuzHbHZH6yg==
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	7ms 5ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2bf8c84efd49b27e419546c348ca150147b628a8a9653e591b0270cf97301668 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 RUn2LnQYsNbO9tNnahhlrQ== status 200 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=3600 content-length 1781 etag "5f250a7e644042b30379e4c12e20c930" x-fb-debug zd5PXJcxPdFnyV0leO2tPUwervGroHxLHuof9jJa8Dt1xkeFVpLLxukA+35kuWqJyaBvbaVWBGXSausIOtLKug== x-fb-trip-id 664085054 x-fb-content-md5 eaa6b43602fafac4e0359f079b282d2a x-frame-options DENY date Mon, 01 Jun 2020 18:32:57 GMT, Mon, 01 Jun 2020 18:32:57 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * expires Mon, 01 Jun 2020 18:42:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	269 KB 60 KB	20ms 18ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ddc3f4ad0c18c4b0c4b20ccd78b71c254dc4bd87634ce6b3d4076eb4cdf7387c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:57 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61495 x-xss-protection 0 last-modified Mon, 01 Jun 2020 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 01 Jun 2020 18:32:57 GMT
GET H2	200	advertising.js Show response www.npttech.com/	7 KB 3 KB	119ms 50ms	Script application/javascript	2606:4700:e2::ac40:8c07 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.npttech.com/advertising.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c07 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:57 GMT content-encoding br cf-cache-status HIT age 5727 status 200 x-amz-request-id 2F019AAC25A8CEA8 x-amz-id-2 nY3Hx29aKBdeKNA1fZ/bXvJAoY/pUOgFH0xoBhlQkCZrOqDQphq3HBpLw8YYRqJ8QX9Z875bJWM= last-modified Wed, 19 Jun 2019 08:25:01 GMT server cloudflare etag W/"3d6f80c860866175f58a84bbbc9217c6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=28800 x-amz-version-id hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w cf-request-id 0312c193470000976061b3a200000001 cf-ray 59cb05320fc29760-FRA
GET H/1.1	200 OK	p13n.min.js Show response cdn.boomtrain.com/p13n/sourcemedia-prod/	75 KB 24 KB	159ms 39ms	Script application/javascript	13.224.95.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.29 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-29.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 0a54a02304d97c93a02fc57c3c3ac177a5372cee4d6d8d09d7de220cf213837b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 17:59:34 GMT Content-Encoding gzip Connection keep-alive Last-Modified Mon, 01 Jun 2020 00:26:10 GMT Server AmazonS3 Age 2004 x-amz-server-side-encryption AES256 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront) Cache-Control public, max-age=3600 Transfer-Encoding chunked X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id Ox8-XV0diPevPG979t8ST97kZeuYEE2M8vY01id48MuOURCU26P3PA==
GET H2	200	css fonts.googleapis.com/	19 KB 2 KB	38ms 17ms	Stylesheet text/css	2a00:1450:4001:815::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i,900,900i Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ea6a239915448fba6f09bdfa8a534e815cb97210b53b5ed1b01502a76a632f7c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Origin https://www.paymentssource.com Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 01 Jun 2020 18:32:57 GMT server ESF date Mon, 01 Jun 2020 18:32:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 01 Jun 2020 18:32:57 GMT
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	averta-bold.ab17900f2b0d6cd4ad90a346b574317d.woff2 arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/fonts/	27 KB 27 KB	133ms 41ms	Font application/octet-stream	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/fonts/averta-bold.ab17900f2b0d6cd4ad90a346b574317d.woff2 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 143e907d6ff03d4ad9e0b3a11db300b8fcf9bcbfc1d2dab2446e995a4f0fe8a7 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/All.min.689f5c408ccbc53e6cc86d5b6c3fb447.gz.css Origin https://www.paymentssource.com Response headers Date Mon, 01 Jun 2020 07:34:28 GMT Via 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront) Vary Origin Age 39510 X-Cache Hit from cloudfront Connection keep-alive Content-Length 27228 Last-Modified Wed, 18 Mar 2020 18:44:18 GMT Server AmazonS3 ETag "3acfe992142dc5dca71d6c282fe9cf61" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes X-Amz-Cf-Id 0x1R_fluZTiD9xrXJonLC1snLR-GzQy3henaiOBbIG77TjZtaA5i-g==
GET H/1.1	200 OK	averta-extrabold.f1009471e4104584b864fc068ed98d62.woff2 arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/fonts/	27 KB 27 KB	164ms 42ms	Font application/octet-stream	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/fonts/averta-extrabold.f1009471e4104584b864fc068ed98d62.woff2 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash a73d582f12071c02136914b4bb051ca5fcea5a9359fb55e729b7e8c5278713b5 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/All.min.689f5c408ccbc53e6cc86d5b6c3fb447.gz.css Origin https://www.paymentssource.com Response headers Date Mon, 01 Jun 2020 07:34:28 GMT Via 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront) Vary Origin Age 39510 X-Cache Hit from cloudfront Connection keep-alive Content-Length 27212 Last-Modified Wed, 18 Mar 2020 18:44:18 GMT Server AmazonS3 ETag "7073ca0e415eef20b049073a6c890ac6" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes X-Amz-Cf-Id 7XnQz2eUGgvB73a3kSOvPWXcYmcIAZjLp1NNsfRJBT7JmLxeu_D2WQ==
GET H/1.1	200 OK	averta-light.3858ba85fa70b680dd5cdecb3f4c8c1b.woff2 arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/fonts/	26 KB 27 KB	177ms 47ms	Font application/octet-stream	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/fonts/averta-light.3858ba85fa70b680dd5cdecb3f4c8c1b.woff2 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 99e7f158567a43b467f749598cd9427c691ad8500ee70a7a3a69ace28b88382a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/All.min.689f5c408ccbc53e6cc86d5b6c3fb447.gz.css Origin https://www.paymentssource.com Response headers Date Mon, 01 Jun 2020 07:34:28 GMT Via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) Vary Origin Age 39511 X-Cache Hit from cloudfront Connection keep-alive Content-Length 26772 Last-Modified Wed, 18 Mar 2020 18:44:19 GMT Server AmazonS3 ETag "7addc2b5b835786c4fae219977766d6b" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes X-Amz-Cf-Id 1lkqZTFuq_wqT28aDWoeEBXsT62w6oMwPwMCImP38znvKlgLeWo9cw==
GET H2	200	load Show response experience.tinypass.com/xbuilder/experience/	4 KB 2 KB	57ms 33ms	Script application/javascript	2606:4700::6811:b7b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://experience.tinypass.com/xbuilder/experience/load?aid=Uts8LRqUWE Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee57e9cd41920f3f5075275930ca8b71ac439b9aee4974f945ac9c3fcfc25e6f Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT content-encoding br cf-cache-status HIT age 1272 p3p CP="NON DSP COR OUR IND" status 200 x-forwarded-https on cf-request-id 0312c193910000c2c2a581a200000001 x-request-id Cmje9bqIzOz wn prod-exp-10-0-91-85 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary accept-encoding content-type application/javascript;charset=utf-8 cache-control public, max-age=1800 cf-ray 59cb05328aadc2c2-FRA expires Mon, 01 Jun 2020 19:02:58 GMT
POST H/1.1	204 No Content	_track Show response www.paymentssource.com/	0 312 B	375ms 375ms	XHR text/plain	13.224.95.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.paymentssource.com/_track Requested by Host: arizent.brightspotcdn.com URL: https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/_resource/analytics/bsp-analytics.min.6d69b9c92fae206d4b74ad35e7b2122d.gz.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-71.zrh50.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 01 Jun 2020 18:32:57 GMT Via 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Connection keep-alive X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id ZkPXpDFpPPtsV5TyBKxz_8g4cWDma0G0_sBQY-yzfIj0k_wbZ-GK6A== X-Cache Miss from cloudfront
POST H/1.1	204 No Content	_track Show response www.paymentssource.com/	0 312 B	303ms 231ms	XHR text/plain	13.224.95.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.paymentssource.com/_track Requested by Host: arizent.brightspotcdn.com URL: https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/_resource/analytics/bsp-analytics.min.6d69b9c92fae206d4b74ad35e7b2122d.gz.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-71.zrh50.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 01 Jun 2020 18:32:58 GMT Via 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Connection keep-alive X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id KmYS78Gor8RxjQXYNOoCglrGPOibZAo8-7-Ih-L9T4BJSmI-lS-diw== X-Cache Miss from cloudfront
POST H/1.1	204 No Content	_track Show response www.paymentssource.com/	0 312 B	321ms 243ms	XHR text/plain	13.224.95.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.paymentssource.com/_track Requested by Host: arizent.brightspotcdn.com URL: https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/_resource/analytics/bsp-analytics.min.6d69b9c92fae206d4b74ad35e7b2122d.gz.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-71.zrh50.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 01 Jun 2020 18:32:57 GMT Via 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Connection keep-alive X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id QJ2mM5R9MWQ9_os0Y7_ZepogHWOdEGtGYEBe9ftVPmO-ycmavz-9kg== X-Cache Miss from cloudfront
POST H/1.1	204 No Content	_track Show response www.paymentssource.com/	0 312 B	373ms 292ms	XHR text/plain	13.224.95.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.paymentssource.com/_track Requested by Host: arizent.brightspotcdn.com URL: https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/_resource/analytics/bsp-analytics.min.6d69b9c92fae206d4b74ad35e7b2122d.gz.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-71.zrh50.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 01 Jun 2020 18:32:57 GMT Via 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Connection keep-alive X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id 1FldoBtrbDIa7OJaIk-JfOvsNUFyqUeyNompPJ38fen_JoHdzL30Xw== X-Cache Miss from cloudfront
GET BLOB	200 OK	35e3de01-3a7c-43ba-93f4-4a8cf9df1846 https://www.paymentssource.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.paymentssource.com/35e3de01-3a7c-43ba-93f4-4a8cf9df1846 Requested by Host: arizent.brightspotcdn.com URL: https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/styleguide/All.min.7954c70281fa2cf695530d77028293ae.gz.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	197 KB 60 KB	6ms 5ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=0773115dd828f7007cc8627d81ef7972&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d00b51654124fcce4a86661dacc9d60a19826d565c4fc5dc0b63fc1433f513b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Origin https://www.paymentssource.com Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 oxmFyZM5gYtML139OIgVhw== status 200 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=3600 content-length 60885 etag "142d1a39502d471c62775ef13ed4d676" x-fb-debug 06mFQewrPCm8K36MyeLVKwPpopJ0l2mpZU8i1qw94xKX5nFqyNx0XUPq/5yRMQ+k+V21v2QTdhFO8XeSuUMNGw== x-fb-trip-id 664085054 x-fb-content-md5 5e99104926d2c280b0eda2320f2020e1 x-frame-options DENY date Mon, 01 Jun 2020 18:32:58 GMT, Mon, 01 Jun 2020 18:32:58 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * expires Tue, 01 Jun 2021 18:07:23 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 168 B	15ms 15ms	Script application/javascript	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.paymentssource.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 246 B	15ms 14ms	Script application/javascript	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.paymentssource.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020052102.js Show response securepubads.g.doubleclick.net/gpt/	252 KB 90 KB	76ms 28ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software sffe / Resource Hash 4440e52bab275865e0255306073c3a6ee82d52ee200bf47f3a219ca38fbdbdb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 21 May 2020 16:29:37 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91780 x-xss-protection 0 expires Mon, 01 Jun 2020 18:32:58 GMT
GET H/1.1	200 OK	/ arizent.brightspotcdn.com/dims4/default/b1499ed/2147483647/strip/true/crop/3024x1698+0+1/resize/527x296!/quality/90/	55 KB 56 KB	48ms 47ms	Image image/jpeg	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/dims4/default/b1499ed/2147483647/strip/true/crop/3024x1698+0+1/resize/527x296!/quality/90/?url=https%3A%2F%2Farizent.brightspotcdn.com%2F30%2F58%2Feb9e0b76437e8e448d20c1c45878%2Fcropped-anniebaldwinone.jpg Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software Apache / Resource Hash 07139ca7df1cceddecee395a3d3c589e2c9106848b849250acee291f1081d837 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:30:25 GMT Via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) Connection keep-alive Server Apache Age 153 ETag e23a15fab382778f4ba4528cc750ac01 X-Cache Hit from cloudfront Content-Type image/jpeg Edge-Control downstream-ttl=31536000 Cache-Control max-age=31536000, public X-Amz-Cf-Pop ZRH50-C1 Content-Length 56815 X-Amz-Cf-Id s4LTYkJvUQzYIcCubYsB4KGGQ8F9X4EDabT7oCB8cWZbN-BO8PbKWg== Expires Tue, 01 Jun 2021 18:30:25 GMT
GET H/1.1	200 OK	/ arizent.brightspotcdn.com/dims4/default/5ae0d8f/2147483647/strip/true/crop/4000x2252+0+207/resize/460x259!/quality/90/	23 KB 24 KB	36ms 35ms	Image image/jpeg	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/dims4/default/5ae0d8f/2147483647/strip/true/crop/4000x2252+0+207/resize/460x259!/quality/90/?url=https%3A%2F%2Farizent.brightspotcdn.com%2Fc8%2F23%2F2414b82d49378969f89315abdef6%2F361398882.jpg Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software Apache / Resource Hash 86d5be1c90aa276166a3ab5492477546ce3717d0a259f181f63fd35bcad0707d Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 18 May 2020 13:50:28 GMT Via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) Connection keep-alive Server Apache Age 1226550 ETag cc7d70a6ab7389c145826ef612e292f1 X-Cache Hit from cloudfront Content-Type image/jpeg Edge-Control downstream-ttl=31536000 Cache-Control max-age=31536000, public X-Amz-Cf-Pop ZRH50-C1 Content-Length 23896 X-Amz-Cf-Id h265PGMbJm87yYI3qKe8NIx7h_Okc81r5NCfFs4C0pkku8nKuqI_Pg== Expires Tue, 18 May 2021 13:50:28 GMT
GET H/1.1	200 OK	/ arizent.brightspotcdn.com/dims4/default/5902a84/2147483647/strip/true/crop/3998x2251+0+208/resize/460x259!/quality/90/	21 KB 21 KB	35ms 35ms	Image image/jpeg	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/dims4/default/5902a84/2147483647/strip/true/crop/3998x2251+0+208/resize/460x259!/quality/90/?url=https%3A%2F%2Farizent.brightspotcdn.com%2F52%2Fba%2F16dcd9374537b95ed41f282c9887%2F361955146.jpg Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software Apache / Resource Hash 101dda04448ab22c8a78564f171754cdf6a713e1b1a1228b93509134fad01771 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 15 May 2020 16:02:32 GMT Via 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront) Connection keep-alive Server Apache Age 1477825 ETag a1f248562ffe46b4517a0ceae84a4e84 X-Cache Hit from cloudfront Content-Type image/jpeg Edge-Control downstream-ttl=31536000 Cache-Control max-age=31536000, public X-Amz-Cf-Pop ZRH50-C1 Content-Length 21349 X-Amz-Cf-Id EsV8GXLV-IA_vn_xJiQyIxMs_bOF-4QggMufJC5OG9PLTe0glBSy6A== Expires Sat, 15 May 2021 16:02:33 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	28 KB 11 KB	38ms 38ms	Script text/javascript	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software cafe / Resource Hash 65a1850028118c64febbde9b109da293910bfff6ee261caf0087d3d3364359ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 10877 x-xss-protection 0 server cafe etag 12200185889747903800 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 01 Jun 2020 18:32:58 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	3 KB 2 KB	29ms 9ms	Script application/x-javascript	2a02:26f0:10c:39e::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:58 GMT Content-Encoding gzip Last-Modified Mon, 07 Oct 2019 16:41:31 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=10226 Connection keep-alive Accept-Ranges bytes Content-Length 1576
GET H2	200	trackpoint-async.js Show response s2.adform.net/banners/scripts/st/ Redirect Chain https://a2.adform.net/serving/scripts/trackpoint/async/ https://s2.adform.net/banners/scripts/st/trackpoint-async.js	76 KB 27 KB	92ms 27ms	Script application/x-javascript	37.157.2.248 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s2.adform.net/banners/scripts/st/trackpoint-async.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 226d9ba030e45b8453842ba2f3e01656da9b9c27cf5825ca85abbbedef0bd13e Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip last-modified Tue, 05 May 2020 08:42:35 GMT server nginx etag W/"5eb126fb-12ecb" x-cache-status HIT status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type application/x-javascript Redirect headers status 301 date Mon, 01 Jun 2020 18:32:58 GMT server nginx location https://s2.adform.net/banners/scripts/st/trackpoint-async.js strict-transport-security max-age=31536000; includeSubDomains content-type text/html
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	131 KB 31 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 content-length 31766 x-xss-protection 0 pragma public x-fb-debug rFWOIZ5VwScYhQ6W6DSMHGRjcBxBD46PvC4phxm0apzrnugbO1wO0u+mghHC8iLX1WWho0xdu+a04vuk5z3rIg== x-fb-trip-id 664085054 x-frame-options DENY date Mon, 01 Jun 2020 18:32:58 GMT, Mon, 01 Jun 2020 18:32:58 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js Show response s.dpmsrv.com/	112 KB 38 KB	155ms 29ms	Script application/x-javascript	13.224.95.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.106 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-106.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash d5e1876373576f4110b6ad82c25041aa2e9762cc4a417939eeb20e654818a818 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 31 May 2020 21:32:04 GMT Content-Encoding gzip Last-Modified Thu, 28 May 2020 20:46:58 GMT Server AmazonS3 Age 75656 ETag "b10698ccacbd3420aaa5389feaa6b0f5" X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront) Connection keep-alive X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes Content-Length 38693 X-Amz-Cf-Id JhG5v2Gxh__aO4uVHQsNFrnHWuUNyXicSROdGk8QTCiulmea67oXRA==
GET H2	200	w.js Show response d10lpsik1i8c69.cloudfront.net/	5 KB 3 KB	131ms 41ms	Script application/javascript	13.224.89.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d10lpsik1i8c69.cloudfront.net/w.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.89.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-82.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash bc04c5986b5fb2fff7b25b9e9a399249b7b1c10aa008e2258c4329b0effa9369 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:12:23 GMT content-encoding gzip last-modified Fri, 08 May 2020 15:07:07 GMT server AmazonS3 age 1236 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=3600 x-amz-cf-pop ZRH50-C1 x-amz-cf-id 6xNJ7YhjwN7XtpjjTjlOcqKIf0C3Jx_J44WCKVaDsQTxXEX1It4LJA== via 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DXTZXR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 21:54:13 GMT server Golfe2 age 6863 date Mon, 01 Jun 2020 16:38:35 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18433 expires Mon, 01 Jun 2020 18:38:35 GMT
GET H/1.1	200 OK	tag.aspx Show response ml314.com/	26 KB 12 KB	129ms 33ms	Script application/javascript	34.253.133.202 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?15 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-133-202.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:57 GMT Content-Encoding gzip Last-Modified Mon, 01 Jun 2020 16:36:41 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=79422 Connection keep-alive Content-Length 11932 Expires Tue, 02 Jun 2020 16:36:41 GMT
GET H/1.1	200 OK	p.js Show response d1z2jf7jlzjs58.cloudfront.net/	930 B 1 KB	174ms 44ms	Script application/x-javascript	13.224.89.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1z2jf7jlzjs58.cloudfront.net/p.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.89.108 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-108.zrh50.r.cloudfront.net Software nginx / Resource Hash 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 08:16:24 GMT Via 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront) Age 62621 X-Cache Hit from cloudfront Connection keep-alive Content-Length 930 Pragma public Last-Modified Wed, 06 May 2020 20:19:48 GMT Server nginx ETag "5eb31be4-3a2" Content-Type application/x-javascript Cache-Control max-age=86400, public X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes X-Amz-Cf-Id -du5hfBhnDGs9_Ta6KdASqL9UfghlbFv0Q3UH9QiGu-Al1pHaCk6-w== Expires Tue, 02 Jun 2020 01:09:09 GMT
GET H/1.1	200 OK	resolve Show response people.api.boomtrain.com/identify/	395 B 710 B	395ms 104ms	XHR application/json	52.72.191.53 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6eyJlZSI6Im9WUG9oL1E3NEVGcHFBM0R5WThQMmpkWFNKeDBBOEZhUzJlbHJucEgyL3ZNQ0dXVVB6RHhsYW1rMUxXMnc1TGpVaSthY1F2ZEM2SnZlRitrZXZWSXp3PT0ifX0%3D&site_id=sourcemedia-prod Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.191.53 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-191-53.compute-1.amazonaws.com Software nginx / Resource Hash d5a0c7f20295add1b27977413848bc2305eee42c78c070361994dc85eb4c6d76 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:58 GMT Server nginx Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,x-app-id Content-Length 395
GET H2	200	tinypass.min.js Show response cdn.tinypass.com/api/	378 KB 120 KB	23ms 21ms	Script application/javascript	2606:4700::6811:b7b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tinypass.com/api/tinypass.min.js Requested by Host: experience.tinypass.com URL: https://experience.tinypass.com/xbuilder/experience/load?aid=Uts8LRqUWE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c8891667543072f72e9db5c9eef7eedb0e9d51be664b5d47effb8f3c06ea64a Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT content-encoding br cf-cache-status HIT age 26 p3p CP="NON DSP COR OUR IND" status 200 x-forwarded-https on cf-request-id 0312c194c90000c2c2a5836200000001 wn prod-dash-10-0-131-38 last-modified Mon, 01 Jun 2020 09:35:04 GMT server cloudflare etag W/"387400-1591004104000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript server-time 0.000 cache-control public, max-age=300 cf-ray 59cb05347ef8c2c2-FRA expires Mon, 01 Jun 2020 18:37:58 GMT
GET H2	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 17:45:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 2862 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1306 x-xss-protection 0 expires Mon, 01 Jun 2020 18:45:16 GMT
GET H2	200	1867959253484823 Show response connect.facebook.net/signals/config/	517 KB 129 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1867959253484823?v=2.9.18&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e67df61e925f2a3377fcb1d0b6850c1589c37463463627c7d9bebceda155a717 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=3600 content-length 131911 x-xss-protection 0 pragma public x-fb-debug tUl1QQNc9rJRy3IUNihKKSbvUwuFZDZNQYdYoZDouyCNQ0fUY0KbtWDcwK7otwnM7ht/JbfMcFKWZfsLYaaT7Q== x-fb-trip-id 664085054 x-frame-options DENY date Mon, 01 Jun 2020 18:32:58 GMT, Mon, 01 Jun 2020 18:32:58 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1113916&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1113916%26url%3Dhttps%253A%252F%252Fwww.paymentssource.com%252Fcoronavirus%253Fut... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1113916&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%...	0 58 B	167ms 167ms	Image application/javascript	2a05:f500:11:101::b93f:9005 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1113916&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&time=1591036378363&liSync=true Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT server Play linkedin-action 1 x-li-fabric prod-lor1 status 200 x-li-proto http/2 x-li-pop prod-tln1 content-type application/javascript content-length 0 x-li-uuid uUpgJyh/FBbwDhVE6SoAAA== Redirect headers strict-transport-security max-age=2592000 x-content-type-options nosniff linkedin-action 1 status 302 content-length 0 x-li-uuid CtAwHSh/FBZAYA5DaSsAAA== pragma no-cache x-li-pop afd-prod-lva1 x-msedge-ref Ref A: C5CBBDDA90B740FAB89090275CFB9BD5 Ref B: FRAEDGE0820 Ref C: 2020-06-01T18:32:58Z date Mon, 01 Jun 2020 18:32:58 GMT expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" x-frame-options sameorigin x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1113916&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&time=1591036378363&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store content-security-policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/	3 KB 1 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011464113/?random=1591036378368&cv=9&fst=1591036378368&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&tiba=Coronavirus%20Impact%20%7C%20PaymentsSource&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bdc7940f836b81237206c0c777a9f22768da963c107b35f0c4003b154cf4084b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1169 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 96 B	6ms 5ms	Image image/gif	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j82&a=1339309181&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&dp=%2Fcoronavirus&ul=en-us&de=UTF-8&dt=Coronavirus%20Impact%20%7C%20PaymentsSource&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAL~&jid=2112906818&gjid=528135622&cid=926158062.1591036378&tid=UA-219761-52&_gid=1177742437.1591036378&gtm=2wg5k15DXTZXR&cd2=Amazon%20CloudFront&cd8=14&cd9=20200310&cd15=HomePage&cd17=&z=611434353 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 May 2020 07:33:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 1076391 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&gjid=528135622&_gid=1177742437.1591036378&_u=aGBAgEAL~&z=983760048 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&_v=j82&z=983760048 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&_v=j82&z=983760048&slf_rd=1&random=411429151	42 B 106 B	19ms 18ms	Image image/gif	2a00:1450:4001:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&_v=j82&z=983760048&slf_rd=1&random=411429151 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-219761-52&cid=926158062.1591036378&jid=2112906818&_v=j82&z=983760048&slf_rd=1&random=411429151 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 258 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1867959253484823&ev=PageView&dl=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&rl=&if=false&ts=1591036378449&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22275361993348259%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22720368751764258%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1591036378448.1831364792&it=1591036378348&coo=false&rqm=GET Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT, Mon, 01 Jun 2020 18:32:58 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-27=":443"; ma=3600 content-length 44 expires Mon, 01 Jun 2020 18:32:58 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 212 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?ev=1867959253484823&dl=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&rl=&if=false&ts=1591036378450&sw=1600&sh=1200&v=2.9.18&r=stable&o=28&it=1591036378348&rqm=GET Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT, Mon, 01 Jun 2020 18:32:58 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-27=":443"; ma=3600 content-length 44 expires Mon, 01 Jun 2020 18:32:58 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/1011464113/	42 B 108 B	23ms 22ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1011464113/?random=1591036378368&cv=9&fst=1591034400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&tiba=Coronavirus%20Impact%20%7C%20PaymentsSource&async=1&fmt=3&is_vtc=1&random=1367313278&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/1011464113/	42 B 107 B	21ms 21ms	Image image/gif	2a00:1450:4001:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1011464113/?random=1591036378368&cv=9&fst=1591034400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&tiba=Coronavirus%20Impact%20%7C%20PaymentsSource&async=1&fmt=3&is_vtc=1&random=1367313278&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ arizent.brightspotcdn.com/dims4/default/2f4fca4/2147483647/strip/true/crop/3333x3333+0+834/resize/90x90!/quality/90/	3 KB 3 KB	33ms 33ms	Image image/jpeg	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/dims4/default/2f4fca4/2147483647/strip/true/crop/3333x3333+0+834/resize/90x90!/quality/90/?url=https%3A%2F%2Farizent.brightspotcdn.com%2Fbb%2F41%2F9b37797241f78c8839022f2931e8%2Fgolinejs-jev-datingcom-opinion-pso.jpg Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software Apache / Resource Hash 5c6bbb3a20429308a75e1761b02d17d410dbd6b7c05656bcdfad4113d54fab94 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 29 May 2020 06:38:03 GMT Via 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront) Connection keep-alive Server Apache Age 302094 ETag 46249ad6c0a5029ef989879d98711934 X-Cache Hit from cloudfront Content-Type image/jpeg Edge-Control downstream-ttl=31536000 Cache-Control max-age=31536000, public X-Amz-Cf-Pop ZRH50-C1 Content-Length 3002 X-Amz-Cf-Id wSEnVnlUGjg3ALZLWoRw7SKtuB0wKzIanX67v8xnIe8AHWpZtb5JgQ== Expires Sat, 29 May 2021 06:38:04 GMT
GET H/1.1	200 OK	/ arizent.brightspotcdn.com/dims4/default/77e35d5/2147483647/strip/true/crop/4795x2700+2+0/resize/460x259!/quality/90/	31 KB 31 KB	37ms 37ms	Image image/png	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/dims4/default/77e35d5/2147483647/strip/true/crop/4795x2700+2+0/resize/460x259!/quality/90/?url=https%3A%2F%2Farizent.brightspotcdn.com%2Fe2%2Fe2%2Fef65f4a64c78a35616e53b62bd7c%2Fpso.05222020.MAR1.png Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software Apache / Resource Hash 59b5ef650d97674e0ad0cea1e13a9b4483654e098c3088edcafc34ded9f2ece7 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 28 May 2020 18:50:06 GMT Via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) Connection keep-alive Server Apache Age 344572 ETag 3f612b7f1faea4b4117365020a2c3176 X-Cache Hit from cloudfront Content-Type image/png Edge-Control downstream-ttl=31536000 Cache-Control max-age=31536000, public X-Amz-Cf-Pop ZRH50-C1 Content-Length 31555 X-Amz-Cf-Id aS-WdKepmS2iEyA6UG4-Ey73dSsTTMDAhoSglKVSfl90PAqmi4f-qA== Expires Fri, 28 May 2021 18:50:06 GMT
GET H2	200	/ Show response settings.luckyorange.net/	2 KB 1 KB	2062ms 2005ms	Fetch application/json	104.26.10.16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&s=80019 Requested by Host: d10lpsik1i8c69.cloudfront.net URL: https://d10lpsik1i8c69.cloudfront.net/w.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25187bce4b7b2907b6d40a31f004ac402927178a2de34b7bcd50956d36fa1b20 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:33:00 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.paymentssource.com access-control-allow-credentials true cf-ray 59cb0535ffe669f3-LHR access-control-allow-headers Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since cf-request-id 0312c195b6000069f3498d1200000001
GET H/1.1	200 OK	utsync.ashx Show response ml314.com/	644 B 2 KB	34ms 34ms	Script application/javascript	34.253.133.202 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50113&ct=js&pi=&fp=undefined&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&pv=1591036378480_k9rl9ynqw&bl=en-us&cb=6222800&return=&ht=&d=&dc=&si=1591036378480_k9rl9ynqw&cid=&s=1600x1200&rp= Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?15 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-133-202.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5417d6a8729b64295c81e98b9da7dfef7499078aa8b5915602e34e7e92344a11 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:57 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 468 Expires 0
GET H2	200	verify Show response id.tinypass.com/id/api/v1/identity/token/	165 B 716 B	163ms 161ms	Script application/javascript	2606:4700::6811:b7b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery11240009309207006720888_1591036378398&client_id=Uts8LRqUWE&token=&site=https%3A%2F%2Fwww.paymentssource.com&_=1591036378399 Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2557c3ea5f562d8f648835df7d9be2f92ce04837a105ba621d209d00f2cf5cd8 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:58 GMT content-encoding br cf-cache-status DYNAMIC p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND" status 200 x-xss-protection 1; mode=block x-request-id Cyif9bqbUEx pragma no-cache referrer-policy no-referrer wn prod-id-10-0-121-68 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-request-id 0312c1957a0000c2c2a584d200000001 cf-ray 59cb0535992bc2c2-FRA access-control-allow-headers origin, content-type, accept, authorization expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	p.js Show response cdn.parsely.com/keys/paymentssource.com/	63 KB 23 KB	119ms 42ms	Script application/x-javascript	13.224.96.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/paymentssource.com/p.js Requested by Host: d1z2jf7jlzjs58.cloudfront.net URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.96.38 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-38.zrh50.r.cloudfront.net Software nginx / Resource Hash 5418a23e92fded0a6c4617901709840d2ce9bdac0f8ff69e61192094242ec5e1 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Mon, 01 Jun 2020 15:05:46 GMT content-encoding gzip last-modified Thu, 02 Apr 2020 00:33:28 GMT server nginx age 12424 etag "5e8532d8-fb32" x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=86400, public x-amz-cf-pop ZRH50-C1 x-amz-cf-id Jz9fw6ruNZVS2ESQPU2Ay4aOCY8pERy9VZNhww0AEz_R_aN_lNtYXQ== via 1.1 03b8fedec120c9a0833a57a86eae03af.cloudfront.net (CloudFront) expires Tue, 02 Jun 2020 15:05:46 GMT
GET H/1.1	200 OK	index.php Show response a.dpmsrv.com/dpmpxl/ Redirect Chain https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D342%26pixelIndex%3D0%26r%3D48414%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.paymentssource... https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D342%2526pixelIndex%253D0%2526r%253D48414%2526tzOffset%253... https://a.dpmsrv.com/dpmpxl/index.php?id=1162883685009468026&q=xImp&v=1.x&cl=342&pixelIndex=0&r=48414&tzOffset=-120&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26...	242 B 995 B	432ms 100ms	Script text/javascript	34.192.142.95 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.dpmsrv.com/dpmpxl/index.php?id=1162883685009468026&q=xImp&v=1.x&cl=342&pixelIndex=0&r=48414&tzOffset=-120&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&_=1591036378493 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-142-95.compute-1.amazonaws.com Software / Resource Hash baf2ca16fc3f1494d83bb18574385c3d499465c1d69807508d983b300748afab Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache content-encoding gzip Access-Control-Max-Age 10 Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/javascript Access-Control-Allow-Headers content-type, accept Content-Length 216 Expires 0 Redirect headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80 AN-X-Request-Uuid 40bbfd3f-8b09-444d-af6c-f89ef838b73e Server nginx/1.13.4 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://a.dpmsrv.com/dpmpxl/index.php?id=1162883685009468026&q=xImp&v=1.x&cl=342&pixelIndex=0&r=48414&tzOffset=-120&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&_=1591036378493 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Redirect Chain https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3610690416145334325&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3610690416145334325&redir=	42 B 915 B	33ms 33ms	Image image/gif	52.211.89.62 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3610690416145334325&redir= Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.89.62 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-89-62.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers DCS dcs-prod-irl1-v069-0bf2110e6.edge-irl1.demdex.com 5.71.1.20200513095924 0ms (+1ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-TID v8kA6Zq0ToI= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID kZhY9XzoRjw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3610690416145334325&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://idsync.rlcdn.com/395886.gif?partner_uid=3610690416145334325 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMDY5MDQxNjE0NTMzNDMyNRAAGg0I2pPV9gUSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=820cc553e53568f773d68ef8566116f395c2bfad53e3471a2dccbaa6b8ab3e3bf4cb09cee1a4f8eb&person_id=3610690416145334325&eid=50082	43 B 312 B	33ms 32ms	Image image/gif	34.253.133.202 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=820cc553e53568f773d68ef8566116f395c2bfad53e3471a2dccbaa6b8ab3e3bf4cb09cee1a4f8eb&person_id=3610690416145334325&eid=50082 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-133-202.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:58 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Tue, 02 Jun 2020 14:32:58 GMT Redirect headers date Mon, 01 Jun 2020 18:32:58 GMT via 1.1 google status 307 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=820cc553e53568f773d68ef8566116f395c2bfad53e3471a2dccbaa6b8ab3e3bf4cb09cee1a4f8eb&person_id=3610690416145334325&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://ml314.com/utsync.ashx?eid=53819&et=0&fp=fbe6166c-9aca-49ec-9d98-a3bc438ffc59 https://ml314.com/csync.ashx?fp=fbe6166c-9aca-49ec-9d98-a3bc438ffc59&person_id=3610690416145334325&eid=53819	43 B 312 B	32ms 31ms	Image image/gif	34.253.133.202 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=fbe6166c-9aca-49ec-9d98-a3bc438ffc59&person_id=3610690416145334325&eid=53819 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-133-202.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:57 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Tue, 02 Jun 2020 14:32:58 GMT Redirect headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:57 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Location https://ml314.com/csync.ashx?fp=fbe6166c-9aca-49ec-9d98-a3bc438ffc59&person_id=3610690416145334325&eid=53819 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Tue, 02 Jun 2020 14:32:58 GMT
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610690416145334325 https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610690416145334325 https://ml314.com/csync.ashx?fp=3090e7a6b79465c4b61fc3678f4deec9&eid=50146&person_id=3610690416145334325	43 B 312 B	32ms 31ms	Image image/gif	34.253.133.202 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=3090e7a6b79465c4b61fc3678f4deec9&eid=50146&person_id=3610690416145334325 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.133.202 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-133-202.eu-west-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:58 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Tue, 02 Jun 2020 14:32:58 GMT Redirect headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT status 302 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://ml314.com/csync.ashx?fp=3090e7a6b79465c4b61fc3678f4deec9&eid=50146&person_id=3610690416145334325 cache-control no-cache x-server 10.45.7.220 content-length 0 expires 0
GET H/1.1	200 OK	pixel ps.eyeota.net/	0 344 B	386ms 322ms	Image text/plain	18.184.216.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-216-10.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:58 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200 OK	/ srv-2020-06-01-18.pixel.parsely.com/plogger/	43 B 229 B	394ms 100ms	Image image/gif	3.212.75.248 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://srv-2020-06-01-18.pixel.parsely.com/plogger/?rand=1591036378630&plid=91283340&idsite=paymentssource.com&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22undefined%22%7D&sid=1&surl=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&sref=&sts=1591036378624&slts=0&title=Coronavirus+Impact+%7C+PaymentsSource&date=Mon+Jun+01+2020+20%3A32%3A58+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=43901792&u=pid%3D1b1c2928dcd9291577d2f154dcf662cc Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.212.75.248 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-75-248.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:58 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
POST H2	200	execute Show response experience.tinypass.com/xbuilder/experience/	19 KB 7 KB	166ms 166ms	XHR application/json	2606:4700::6811:b7b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://experience.tinypass.com/xbuilder/experience/execute?aid=Uts8LRqUWE Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60b9418d235211dec6a05540736ffee789f2b92d4d869701218f008476d33556 Request headers Accept */* Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Mon, 01 Jun 2020 18:32:58 GMT content-encoding br cf-cache-status DYNAMIC p3p CP="NON DSP COR OUR IND" status 200 x-forwarded-https on cf-request-id 0312c1962d0000c2c2a5868200000001 x-request-id Cyif9bqhxPV pragma no-cache wn prod-exp-10-0-117-141 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary accept-encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://www.paymentssource.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 59cb0536abb8c2c2-FRA expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ Show response a2.adform.net/Serving/TrackPoint/	19 KB 9 KB	91ms 91ms	Script text/javascript	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a2.adform.net/Serving/TrackPoint/?pm=1662401&ADFPageName=Payments_Source%20Universal%20Tag&ADFdivider=%7C&ord=615160653602&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&loc=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Se Requested by Host: s2.adform.net URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash f88cb8d64799a9f68da9949ccaf21bffd41c0bb19a8c6f6ff8e71e5922a15572 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip server nginx status 200 vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 9006 expires -1
GET H/1.1	200 OK	segments Show response api.zetaglobal.net/people/HdsAaBL5WSl7k%2FBNfxA1J0XT1TYs2O14UvJTSeAsq1wmmmMHSrsi4dbbT4FNLiVVLO4EvWqwiRlAiC4IsUPF0Q%3D%3D/	31 B 968 B	350ms 125ms	XHR application/json	100.25.127.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.zetaglobal.net/people/HdsAaBL5WSl7k%2FBNfxA1J0XT1TYs2O14UvJTSeAsq1wmmmMHSrsi4dbbT4FNLiVVLO4EvWqwiRlAiC4IsUPF0Q%3D%3D/segments?site_id=sourcemedia-prod Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 100.25.127.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-25-127-168.compute-1.amazonaws.com Software nginx/1.15.5 / Resource Hash f07a169ab2563e5a3909bd383faf80feb4abb84eb852687320d4ebd991c1456b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Jun 2020 18:32:59 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-XSS-Protection 1; mode=block X-Request-Id f4a77163-fd0f-496d-8dcc-c93f6088d4b3 X-Runtime 0.020180 Referrer-Policy strict-origin-when-cross-origin Server nginx/1.15.5 ETag W/"dcec1be398151a4be132a460099d2956" X-Download-Options noopen X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=0, private, must-revalidate Access-Control-Request-Methods GET Access-Control-Allow-Headers origin, x-requested-with, content-type, accept, authorization, x-prototype-version
POST H2	200	track Show response events.api.boomtrain.com/event/	2 B 247 B	332ms 118ms	XHR text/plain	3.208.205.155 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.api.boomtrain.com/event/track Requested by Host: cdn.boomtrain.com URL: https://cdn.boomtrain.com/p13n/sourcemedia-prod/p13n.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.208.205.155 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-208-205-155.compute-1.amazonaws.com Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Mon, 01 Jun 2020 18:32:58 GMT server nginx status 200 allow GET, HEAD, OPTIONS, POST access-control-allow-methods GET, PUT, POST, DELETE content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, Authorization, x-app-id content-length 2
GET H2	200	/ Show response a2.adform.net/wpf/v2/Vta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwX...	851 B 1 KB	93ms 93ms	Script text/javascript	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a2.adform.net/wpf/v2/Vta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY1vSiwuBbrKnjVOOldQeRneNufuyPBDjaY2ftckuyPBB2SCX0iakJrNg9F8_umxZrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiZCw.5B0KB.D9Re4JDvyfzcUauyxYMJ5tFFg4K1kl1BNlY6Rc0Y5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ.c4elF1VLf4.ATjV.4Zj/serving/trackpoint/?pm=1662401&ADFPageName=Payments_Source+Universal+Tag&ADFdivider=%7c&ord=615160653602&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&loc=https%3a%2f%2fwww.paymentssource.com%2fcoronavirus%3futm_source%3dresearch%26utm_medium%3demail%26utm_campaign%3dPSO_Se&catdt=0 Requested by Host: s2.adform.net URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 02283471e2e85c993680bf0fc7c97892c36607dd290b3873d7b121d7e19f181b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT content-encoding gzip server nginx status 200 vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 775 expires -1
GET H2	200	show buy.tinypass.com/checkout/template/ Frame F343	0 0	142ms 140ms	Document text/html	2606:4700::6811:b7b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buy.tinypass.com/checkout/template/show?displayMode=modal&templateId=OT0IFA08J9VS&offerId=fakeOfferId&showCloseButton=false&experienceId=EXRD2R8VB978&iframeId=offer-0-9FkYY&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&preload=1&aid=Uts8LRqUWE&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=14123d789a Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers :method GET :authority buy.tinypass.com :scheme https :path /checkout/template/show?displayMode=modal&templateId=OT0IFA08J9VS&offerId=fakeOfferId&showCloseButton=false&experienceId=EXRD2R8VB978&iframeId=offer-0-9FkYY&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&preload=1&aid=Uts8LRqUWE&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=1600&_qh=14123d789a pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 accept-encoding gzip, deflate, br accept-language en-US cookie JSESSIONID=E7F20EB191285ADF300D45BA82CAF8FB; __bid=%7Bjcx%7DH4sIAAAAAAAAAFOKyipzT_FM8i_N9i4w8g1ycw2v8jSu8Av0SUnyDA2ONIwyd8_OyIsojcysCjf1NXQ0s3QJLE8ztXRKSo5UAgAPuzZMPgAAAA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Response headers status 200 date Mon, 01 Jun 2020 18:32:58 GMT content-type text/html;charset=UTF-8 access-control-allow-methods * access-control-allow-origin http://dashboard.tinypass.com cache-control no-cache, no-store, must-revalidate expires Thu, 01 Jan 1970 00:00:00 GMT p3p CP="NON DSP COR OUR IND" pragma no-cache server-time 0.006 set-cookie LANG=en_US;Version=1;Domain=piano-tomcat;Path=/;Max-Age=2592000;Secure;SameSite=None vary accept-encoding wn prod-dash-10-0-80-86 x-forwarded-https on x-request-id Cyif9bq2stE x-xss-protection 0 cf-cache-status DYNAMIC cf-request-id 0312c196e60000c2c2a5874200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 59cb0537de31c2c2-FRA content-encoding br
GET H2	200	/ a2.adform.net/serving/container/ Frame 9B95	0 0	92ms 91ms	Document text/html	185.167.164.43 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a2.adform.net/serving/container/?pm=1662401&lid=56732081&ctype=0&media=0&PageName=Payments_Source+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&rnd=1606008916&cpref=&loc=https%3a%2f%2fwww.paymentssource.com%2fcoronavirus%3futm_source%3dresearch%26utm_medium%3demail%26utm_campaign%3dPSO_Sentiment_Survey%26bt_ee%3doVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3d1591034881989 Requested by Host: s2.adform.net URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.167.164.43 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority a2.adform.net :scheme https :path /serving/container/?pm=1662401&lid=56732081&ctype=0&media=0&PageName=Payments_Source+Universal+Tag&orderid=UNIQUE_ORDER_ID&sysvars=%7corderid%3dUNIQUE_ORDER_ID%7c%7c%7c%40%40%7cpid%3dOFFER_ID%7cpnm%3dProductRatePlanName%7c&itm=eyJzbCI6IlJFVkVOVUUiLCJpZCI6IlVOSVFVRV9PUkRFUl9JRCIsIml0bXMiOlt7InBpZCI6Ik9GRkVSX0lEIiwicG5tIjoiUHJvZHVjdFJhdGVQbGFuTmFtZSJ9XX0&rnd=1606008916&cpref=&loc=https%3a%2f%2fwww.paymentssource.com%2fcoronavirus%3futm_source%3dresearch%26utm_medium%3demail%26utm_campaign%3dPSO_Sentiment_Survey%26bt_ee%3doVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3d1591034881989 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 accept-encoding gzip, deflate, br accept-language en-US cookie uid=-2159573593896595566 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Response headers status 200 server nginx date Mon, 01 Jun 2020 18:32:58 GMT content-type text/html; charset=utf-8 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache content-encoding gzip expires -1 vary Accept-Encoding access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
POST H2	200	/ www.facebook.com/tr/	0 88 B	6ms 6ms	Other text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryTjNp7jAu2U2TZidG Response headers strict-transport-security max-age=31536000; includeSubDomains server proxygen-bolt date Mon, 01 Jun 2020 18:32:58 GMT status 200 content-type text/plain access-control-allow-origin https://www.paymentssource.com access-control-allow-credentials true alt-svc h3-27=":443"; ma=3600 content-length 0
GET H/1.1	200 OK	index.php Show response a.dpmsrv.com/dpmpxl/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1162883685009468026&pixelIndex=0&_=1591036378494 https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1162883685009468026&pixelIndex=0&_=1591036378494&google_gid=CAESEIVxzU-q0GVwVXiVdEOsGOU&google_cver=1	0 598 B	100ms 100ms	Script text/javascript	34.192.142.95 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1162883685009468026&pixelIndex=0&_=1591036378494&google_gid=CAESEIVxzU-q0GVwVXiVdEOsGOU&google_cver=1 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-142-95.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Access-Control-Max-Age 10 Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/javascript Access-Control-Allow-Headers content-type, accept Content-Length 0 Expires 0 Redirect headers pragma no-cache date Mon, 01 Jun 2020 18:32:58 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1162883685009468026&pixelIndex=0&_=1591036378494&google_gid=CAESEIVxzU-q0GVwVXiVdEOsGOU&google_cver=1 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 368 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	423396.gif idsync.rlcdn.com/	0 37 B	122ms 122ms	Image text/plain	35.241.8.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/423396.gif?partner_uid=1162883685009468026 Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.8.149 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 149.8.241.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 204 date Mon, 01 Jun 2020 18:32:59 GMT via 1.1 google alt-svc clear
GET H2	200	pub Show response pixel.adsafeprotected.com/services/	305 B 543 B	102ms 39ms	XHR application/json	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAde9a7f981-e5d0-4b46-9be6-c6d152891a42,ss:%5B970.91,970.90,970.250,728.90,320.50,300.250%5D,p:/16059533/PaymentsSource/Index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=16ff4a58-3cd4-1cff-2fbf-12496e55e988&url=https%253A%252F%252Fwww.paymentssource.com%252Fcoronavirus%253Futm_source%253Dresearch%2526utm_medium%253Demail%2526utm_campaign%253DPSO_Sentiment_Survey%2526bt_ee%253DoVPoh%25252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%25252FvMCGWUPzDxlamk1LW2w5LjUi%25252BacQvdC6JveF%25252BkevVIzw%25253D%25253D%2526bt_ts%253D1591034881989 Requested by Host: cdn.adsafeprotected.com URL: https://cdn.adsafeprotected.com/iasPET.1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 0bee08f6aed5ab525aa73b0003e80a746046d59150f435b7514bda5e160c6028 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT x-server-name app17.ie.303net.net status 200 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.paymentssource.com access-control-expose-headers X-Server-Name access-control-allow-credentials true timing-allow-origin * server nginx
GET H2	200	pub Show response pixel.adsafeprotected.com/services/	305 B 542 B	102ms 40ms	XHR application/json	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAdf80051d2-9e75-43d8-97ff-4de8173d3585,ss:%5B1.1%5D,p:/16059533/PaymentsSource/Index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=16ff4a58-3cd4-1cff-2fbf-12496e55e988&url=https%253A%252F%252Fwww.paymentssource.com%252Fcoronavirus%253Futm_source%253Dresearch%2526utm_medium%253Demail%2526utm_campaign%253DPSO_Sentiment_Survey%2526bt_ee%253DoVPoh%25252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%25252FvMCGWUPzDxlamk1LW2w5LjUi%25252BacQvdC6JveF%25252BkevVIzw%25253D%25253D%2526bt_ts%253D1591034881989 Requested by Host: cdn.adsafeprotected.com URL: https://cdn.adsafeprotected.com/iasPET.1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash f4b371e2eefdce3c78f04531381a0e967964bbda9e6f49a60b4ece94cbc0fd74 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT x-server-name app01.ie.303net.net status 200 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.paymentssource.com access-control-expose-headers X-Server-Name access-control-allow-credentials true timing-allow-origin * server nginx
GET H2	200	pub Show response pixel.adsafeprotected.com/services/	305 B 543 B	100ms 38ms	XHR application/json	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAd145155c2-65f7-4039-b80b-e1a884b9d17c,ss:%5B1.1%5D,p:/16059533/PaymentsSource/Index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=16ff4a58-3cd4-1cff-2fbf-12496e55e988&url=https%253A%252F%252Fwww.paymentssource.com%252Fcoronavirus%253Futm_source%253Dresearch%2526utm_medium%253Demail%2526utm_campaign%253DPSO_Sentiment_Survey%2526bt_ee%253DoVPoh%25252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%25252FvMCGWUPzDxlamk1LW2w5LjUi%25252BacQvdC6JveF%25252BkevVIzw%25253D%25253D%2526bt_ts%253D1591034881989 Requested by Host: cdn.adsafeprotected.com URL: https://cdn.adsafeprotected.com/iasPET.1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash ecb17265eae41246a9e3a180160f45a90e52f3fac04d1dcb2ff6ab56bda17d3c Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT x-server-name app13.ie.303net.net status 200 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.paymentssource.com access-control-expose-headers X-Server-Name access-control-allow-credentials true timing-allow-origin * server nginx
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	7 KB 4 KB	75ms 74ms	XHR text/plain	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=637783577357624&correlator=2987450051603541&output=ldjh&impl=fif&adsid=NT&eid=21066243%2C21065975&vrg=2020052102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200601&iu_parts=16059533%2CPaymentsSource%2CIndex&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=pos%3Dnative-in-latest1%26id%3D518b159a-a436-11ea-8a70-062810ec67f6%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%2C80&eri=1&cust_params=storyID%3D00000170-c47e-d58e-af78-dd7ebd830022%26PID%3Dnull%26ZetaSegments%3D67270%252C44109%252C66564%252C63115%252C60018%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie_enabled=1&bc=31&abxe=1&lmt=1591036379&dt=1591036379176&dlt=1591036377634&idt=720&frm=20&biw=1600&bih=1200&oid=3&adxs=614&adys=1666&adks=182517450&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&dssz=59&icsg=571115520&std=9&vis=1&dmc=8&scr_x=0&scr_y=0&psz=868x22&msz=868x1&ga_vid=926158062.1591036378&ga_sid=1591036379&ga_hid=1339309181&fws=4&ohw=1600&btvi=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash 94dd2dd2a3bcacae5e565a819c4fcde7203508f41893d27a8fe0daade59e29a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3486 x-xss-protection 0 google-lineitem-id 4695651796 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138238907521 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.paymentssource.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 99cee07018fcd088473b42dd6e703cbe.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	49ms 14ms	Other text/html	2a00:1450:4001:81b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://99cee07018fcd088473b42dd6e703cbe.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	25ms 6ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	426 B 320 B	138ms 137ms	XHR text/plain	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=637783577357624&correlator=2987450051603541&output=ldjh&impl=fif&adsid=NT&eid=21066243%2C21065975&vrg=2020052102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200601&iu_parts=16059533%2CPaymentsSource%2CIndex&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x91&prev_scp=pos%3Dcollapsed_header1%26id%3D518a7885-a436-11ea-8ff5-0289e6fd96ae%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%2C80&eri=1&cust_params=storyID%3D00000170-c47e-d58e-af78-dd7ebd830022%26PID%3Dnull%26ZetaSegments%3D67270%252C44109%252C66564%252C63115%252C60018%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie_enabled=1&bc=31&abxe=1&lmt=1591036379&dt=1591036379191&dlt=1591036377634&idt=720&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=80&adks=2676822526&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&dssz=59&icsg=571115520&std=9&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x130&msz=728x130&ga_vid=926158062.1591036378&ga_sid=1591036379&ga_hid=1339309181&fws=4&ohw=1600&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash a3712686bf1d955f5bcbcb4f8a73cecb3f00dce9bde0fd4c6f3fd95459b0a6ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 237 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.paymentssource.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	7 KB 3 KB	140ms 140ms	XHR text/plain	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=637783577357624&correlator=2987450051603541&output=ldjh&impl=fif&adsid=NT&eid=21066243%2C21065975&vrg=2020052102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200601&iu_parts=16059533%2CPaymentsSource%2CIndex&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=pos%3Dnative-in-brief1%26id%3D518b63d7-a436-11ea-8163-06d8cca89c2a%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%2C80&eri=1&cust_params=storyID%3D00000170-c47e-d58e-af78-dd7ebd830022%26PID%3Dnull%26ZetaSegments%3D67270%252C44109%252C66564%252C63115%252C60018%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie_enabled=1&bc=31&abxe=1&lmt=1591036379&dt=1591036379198&dlt=1591036377634&idt=720&frm=20&biw=1600&bih=1200&oid=3&adxs=319&adys=919&adks=3813766203&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&dssz=59&icsg=571115520&std=9&vis=1&dmc=8&scr_x=0&scr_y=0&psz=278x293&msz=278x1&ga_vid=926158062.1591036378&ga_sid=1591036379&ga_hid=1339309181&fws=4&ohw=1600&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash eb8cb7c01459ff708c3c8ebe417ffb547f61e6ba0c5908c7c016eb35a81173a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3497 x-xss-protection 0 google-lineitem-id 4695651796 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138297123118 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.paymentssource.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pub Show response pixel.adsafeprotected.com/services/	305 B 542 B	37ms 37ms	XHR application/json	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/services/pub?anId=11046&slot=%7Bid:googleAd0d8e777f-9a2e-445d-b00e-109edbe1519c,ss:%5B300.250,300.600%5D,p:/16059533/PaymentsSource/Index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=16ff4a58-3cd4-1cff-2fbf-12496e55e988&url=https%253A%252F%252Fwww.paymentssource.com%252Fcoronavirus%253Futm_source%253Dresearch%2526utm_medium%253Demail%2526utm_campaign%253DPSO_Sentiment_Survey%2526bt_ee%253DoVPoh%25252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%25252FvMCGWUPzDxlamk1LW2w5LjUi%25252BacQvdC6JveF%25252BkevVIzw%25253D%25253D%2526bt_ts%253D1591034881989 Requested by Host: cdn.adsafeprotected.com URL: https://cdn.adsafeprotected.com/iasPET.1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 3f993d79fe4e0be8189c6728075c9d2d056a90b1893498dd0e3da29ea5bf9422 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT x-server-name app02.ie.303net.net status 200 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.paymentssource.com access-control-expose-headers X-Server-Name access-control-allow-credentials true timing-allow-origin * server nginx
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	427 B 313 B	162ms 162ms	XHR text/plain	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=637783577357624&correlator=2987450051603541&output=ldjh&impl=fif&adsid=NT&eid=21066243%2C21065975&vrg=2020052102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200601&iu_parts=16059533%2CPaymentsSource%2CIndex&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dbigbox1%26id%3D519722d5-a436-11ea-8829-02c790015d1e%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%2C80&eri=1&cust_params=storyID%3D00000170-c47e-d58e-af78-dd7ebd830022%26PID%3Dnull%26ZetaSegments%3D67270%252C44109%252C66564%252C63115%252C60018%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&cookie_enabled=1&bc=31&abxe=1&lmt=1591036379&dt=1591036379247&dlt=1591036377634&idt=720&frm=20&biw=1600&bih=1200&oid=3&adxs=1105&adys=337&adks=3376976211&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&dssz=60&icsg=571115520&std=9&vis=1&dmc=8&scr_x=0&scr_y=0&psz=371x885&msz=330x250&ga_vid=926158062.1591036378&ga_sid=1591036379&ga_hid=1339309181&fws=4&ohw=1600&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash af9dfa2a5b12db927ff3bd1019cacde559af9d96c2ca9020f21624dab6fefa2a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 238 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.paymentssource.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 166B	0 0	54ms 53ms	Fetch image/gif	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGdT6X46OaAvI3HKRHoa80GwUIcARLvwQGJXaYHIKtM2juFiRp_v7yybSdl3JdxkjSySFdRxNcTbueKvZ2aSrKKQTd5lW-WyzUHXbdbEpQprOIumufOqOfvRFW7AObJN-E75-QvvhVy89JyRbmbo4yonggEgMbqWyPdOyO238edxNONosLXIDYNEUpI7kRKBaKT4NzZtbSiEHMJtPi4JPU1Rg0vtzxiqhHX-rRbcEcYoj5QvXRclF2u6xvpPIVt5EfNgLdg6X36jHqww4St3Pru9kSlA&sig=Cg0ArKJSzIdPQ4vTy3QKEAE&urlfix=1&adurl= Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Mon, 01 Jun 2020 18:32:59 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	creative.js Show response static.polarcdn.com/creative/ Frame 166B	330 KB 124 KB	40ms 20ms	Script application/javascript	2606:4700::6813:f87e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.polarcdn.com/creative/creative.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:f87e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d74cf653c628e279cc03f3f224d8ec9b81af50d207777034826815a0a540ccf Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip cf-cache-status HIT age 8163 cf-ray 59cb053a9ceed6e9-FRA status 200 content-type application/javascript content-length 126619 cf-request-id 0312c198a00000d6e9511e6200000001 access-control-allow-origin * last-modified Fri, 22 May 2020 01:15:29 GMT server cloudflare cache-control max-age=10800 etag W/"5ec727b1-52963" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS x-varnish 1260979802 1260941994 via 1.1 varnish access-control-expose-headers CF-IPCountry cf-ipcountry DE access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Mon, 01 Jun 2020 16:19:05 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 166B	74 KB 28 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae3fdc83c19d35b0a67bb7b64572d88acddd6aa85badf0124b88d7c658f6851e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1590752365362815" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28291 x-xss-protection 0 expires Mon, 01 Jun 2020 18:32:59 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1590752365362815" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27673 x-xss-protection 0 expires Mon, 01 Jun 2020 18:32:59 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	37ms 18ms	XHR application/json	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020052102&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b524b74e805da1f97e828e68314af047b2f2f78c2ee0eb5e163047297687f22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5538 x-xss-protection 0
GET H/1.1	200 OK	/ arizent.brightspotcdn.com/dims4/default/3c5b8bb/2147483647/strip/true/crop/4795x2700+2+0/resize/460x259!/quality/90/	26 KB 27 KB	38ms 38ms	Image image/png	13.224.95.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://arizent.brightspotcdn.com/dims4/default/3c5b8bb/2147483647/strip/true/crop/4795x2700+2+0/resize/460x259!/quality/90/?url=https%3A%2F%2Farizent.brightspotcdn.com%2F0e%2Fe7%2Ffeddf65a4db991233564404d6897%2Fpso.05282020.MAS1.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.59 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-59.zrh50.r.cloudfront.net Software Apache / Resource Hash 7aa652f9fa5fef8d956f333c4a7366a642392cbfa410bd2b87621487cdb0fff7 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 28 May 2020 18:50:06 GMT Via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) Connection keep-alive Server Apache Age 344573 ETag a47a1c43f081c8b5c80eeb4692063926 X-Cache Hit from cloudfront Content-Type image/png Edge-Control downstream-ttl=31536000 Cache-Control max-age=31536000, public X-Amz-Cf-Pop ZRH50-C1 Content-Length 26689 X-Amz-Cf-Id 0tsp2urJ8UnUhq31eXGAjdLbk-U3cyCbdDNOFUK8z7O0t0znzh-d3g== Expires Fri, 28 May 2021 18:50:06 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 5 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1582746470043195" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5456 x-xss-protection 0 expires Mon, 01 Jun 2020 18:32:59 GMT
GET H2	200	wt Show response polarcdn-pentos.com/ Frame 166B	3 B 646 B	64ms 23ms	XHR application/octet-stream	104.17.192.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-pentos.com/wt?e=1&n=3&p=UNKNOWN&s=1&u=3ee8dea3-0a2d-48a3-a0a2-cfd8bb13078c&v=1%2Fffd7b27&w=1.191.0&y=w&z=v1.7.3&pas=asa-web&pag2=%2F16059533%2FPaymentsSource%2FIndex&pai=8c2e4&d=www.paymentssource.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&cu=4deb21aabda4ca0529fc74f89a39cb6f&t=arx&parcid=570ac&parid=850bf&parin=1&partm=1&par=s&maxts=0.015&pvhref=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&_=1591036379342 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.192.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7 Request headers Accept text/plain, */*; q=0.01 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 419904 cf-ray 59cb053b5cd30b63-AMS status 200 content-length 3 x-amz-id-2 M/+/LVkcyNiTl8bAFLPzt5/M3gX6rwfHTGSz8jD03spE+4+8QofYWJiYSkc3Cl+KXe6bvpwirqg= last-modified Mon, 09 Jul 2018 17:31:51 GMT server cloudflare etag "28e4477bb454eb35226fe56082545e13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 access-control-allow-methods GET x-amz-request-id F24ABB30F47D9897 access-control-allow-origin * cache-control public, max-age=604800 cf-request-id 0312c1991a00000b639314b200000001 accept-ranges bytes content-type application/octet-stream
GET H2	200	b9e3500c5885468db66bd01beacfca11 Show response polarcdn-terrax.com/nativeads/v1.4.0/json/creative/hostname/www.paymentssource.com/promofeed/ Frame 166B	67 KB 8 KB	52ms 26ms	XHR application/json	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-terrax.com/nativeads/v1.4.0/json/creative/hostname/www.paymentssource.com/promofeed/b9e3500c5885468db66bd01beacfca11?fragment=0 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7d64567a64df089cac86b17e6c6a119ff5e86397d3c6a3168cfa0b46512a5d6 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip server cloudflare status 200 etag W/"2f7f1b122295954b343ea0f58cfcae58" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Country, CF-Ray cache-control max-age=900 x-country DE cf-ray 59cb053b3c8b97d8-FRA cf-request-id 0312c19907000097d8803fd200000001
GET DATA	200 OK	truncated / Frame 166B	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fff5a3b869c0926601ad2850fc97bfe43bf9555999de05b6d3bf7f97da26dad3 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame 126B	45 KB 13 KB	108ms 47ms	Script application/javascript	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=11046&campId=1x1&pubId=4577422251&chanId=138622813&placementId=4695651796&pubCreative=138238907521&pubOrder=2323998910&cb=417746187&custom=native-in-latest1&adsafe_par&impId=518b159a-a436-11ea-8a70-062810ec67f6&custom2=PSO_Sentiment_Survey&custom3=research_email Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 5205d063f2f4d21af5f418b410db6c43371942acc097cb407be195687e0ac21f Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip x-server-name app19.ie.303net.net status 200 content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 8A2B	0 0	54ms 54ms	Fetch image/gif	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz8fCXI74-QzGMREDrWB6F27srxq2tNOiNsyXPSrp12fUKd67CKR0l6XK2LRzC7GIFNIsdFHkiHn5aXPmlvfQg1RvJf0r_prmjERAaENrCOK0933BGt6HjF3gW-hhfxHy0QQFBQc-lulzumWlHSoJYuQkYV70JUigoJmAYPudvET6NFadAwoo06Du6I1f8S1MXFXifg_gfARareD4x-DaYFjEoslRTT26pFOg6PZS-2O5rACc4DYqAqerpqgf4wjep4ElPhZ0AqHZXxaw_CnGAZgL0lw&sig=Cg0ArKJSzP2ED6sctsnrEAE&urlfix=1&adurl= Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Mon, 01 Jun 2020 18:32:59 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	creative.js Show response static.polarcdn.com/creative/ Frame 8A2B	330 KB 124 KB	30ms 30ms	Script application/javascript	2606:4700::6813:f87e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.polarcdn.com/creative/creative.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:f87e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d74cf653c628e279cc03f3f224d8ec9b81af50d207777034826815a0a540ccf Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip cf-cache-status HIT age 8163 cf-ray 59cb053b4f1ed6e9-FRA status 200 content-type application/javascript content-length 126619 cf-request-id 0312c199110000d6e951203200000001 access-control-allow-origin * last-modified Fri, 22 May 2020 01:15:29 GMT server cloudflare cache-control max-age=10800 etag W/"5ec727b1-52963" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS x-varnish 1260979802 1260941994 via 1.1 varnish access-control-expose-headers CF-IPCountry cf-ipcountry DE access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Mon, 01 Jun 2020 16:19:05 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 8A2B	74 KB 28 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020052102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae3fdc83c19d35b0a67bb7b64572d88acddd6aa85badf0124b88d7c658f6851e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1590752365362815" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28291 x-xss-protection 0 expires Mon, 01 Jun 2020 18:32:59 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/209/ Frame CC5F	0 0	6ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/209/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 5727 date Mon, 01 Jun 2020 17:42:09 GMT expires Tue, 01 Jun 2021 17:42:09 GMT last-modified Tue, 25 Feb 2020 17:32:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3050 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/ Frame C8EB	0 0	37ms 21ms	Document text/html	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/ Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority polarcdn-terrax.com :scheme https :path /privacy/v1.0.0/html/optout/readwrite/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 01 Jun 2020 18:32:59 GMT content-type text/html; charset=utf-8 content-length 1291 set-cookie __cfduid=d5b71ac8672af910d5a6c1bc5b00d0e8d1591036379; expires=Wed, 01-Jul-20 18:32:59 GMT; path=/; domain=.polarcdn-terrax.com; HttpOnly; SameSite=Lax vary Accept-Encoding access-control-allow-headers Authorization access-control-expose-headers CF-IPCountry, X-Country, CF-Ray cache-control max-age=900 access-control-allow-origin * access-control-allow-methods GET timing-allow-origin * content-encoding gzip x-varnish 2159259811 2159253307 age 174 via 1.1 varnish cf-cache-status HIT accept-ranges bytes cf-request-id 0312c1993f0000c2f4e604f200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 59cb053b9c3bc2f4-FRA
GET H2	200	wt Show response polarcdn-pentos.com/ Frame 166B	3 B 92 B	22ms 22ms	XHR application/octet-stream	104.17.192.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-pentos.com/wt?e=2&n=3&p=NA-PAYMSOUR-11239213&s=1&u=3ee8dea3-0a2d-48a3-a0a2-cfd8bb13078c&v=1%2Fffd7b27&w=1.191.0&y=w&z=v1.7.3&pas=asa-web&pag2=%2F16059533%2FPaymentsSource%2FIndex&pai=8c2e4&d=www.paymentssource.com&l=+%5BNative+In-Latest+%2F+In-Tag+%2F+In-Collection+-+NEW+CMS%5D&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&pecy=DE&c=908b4f57ae00486f85df79b68e5198f7&pacexp=92d64ff9a5eb42eabc55c2a65b38dbf4&pepf=b9e3500c5885468db66bd01beacfca11&pepfs=43e2c57111ef43e09f1a0c51d658316f&pepfo=r&t=i&pasp=7e1fe053118a473796c3dd0f94db14ee&papss=a&pvhref=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&_=1591036379343 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.192.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7 Request headers Accept text/plain, */*; q=0.01 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 419904 cf-ray 59cb053b9d610b63-AMS status 200 content-length 3 x-amz-id-2 M/+/LVkcyNiTl8bAFLPzt5/M3gX6rwfHTGSz8jD03spE+4+8QofYWJiYSkc3Cl+KXe6bvpwirqg= last-modified Mon, 09 Jul 2018 17:31:51 GMT server cloudflare etag "28e4477bb454eb35226fe56082545e13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 access-control-allow-methods GET x-amz-request-id F24ABB30F47D9897 access-control-allow-origin * cache-control public, max-age=604800 cf-request-id 0312c1993f00000b639314f200000001 accept-ranges bytes content-type application/octet-stream
GET H2	200	moatad.js Show response z.moatads.com/polar822lQSh10/	272 KB 92 KB	60ms 19ms	Script application/x-javascript	23.210.250.213 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/polar822lQSh10/moatad.js?moatClientLevel1=NA-PAYMSOUR-11239213&moatClientLevel2=Paysafe&moatClientLevel3=Single%20Creative&moatClientLevel4=The%20future%20of%20payments%20is%20integrated&moatClientSlicer1=%20%5BNative%20In-Latest%20%2F%20In-Tag%20%2F%20In-Collection%20-%20NEW%20CMS%5D Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-250-213.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 0b16ab8d7ae4523646bda2a721733fbe9811a43ae7994bb067249703918a7e48 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip last-modified Thu, 21 May 2020 17:10:30 GMT server AmazonS3 x-amz-request-id 5D53E406C85313F7 etag "6da80fdaa39e566f0be02133705edd76" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=30378 accept-ranges bytes content-length 94142 x-amz-id-2 Lg+EWU4fTbjl5uZDtkfvyZFEKnHINrHHHVZE8g2e0GZlizK9bw80tEp3jelwVsYsIcxIcsYtrF0=
GET H2	200	5deabfbbfc70759534a9f5f8 polarcdn-terrax.com/image/v1.0.0/bin/	53 KB 54 KB	25ms 24ms	Image image/jpeg	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://polarcdn-terrax.com/image/v1.0.0/bin/5deabfbbfc70759534a9f5f8?v=c21cd&w=2726 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eb4058d8c2e24ebde20b437e6671cd60555db50f4affa24ad318951958d1e87 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT via 1.1 varnish cf-cache-status HIT age 216667 status 200 access-control-max-age 432000 content-type image/jpeg content-length 54590 cf-request-id 0312c199460000c2f4e6050200000001 timing-allow-origin * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET x-varnish 2154217045 2154053115 access-control-allow-origin * cache-control public, max-age=432000 accept-ranges bytes cf-ray 59cb053bac58c2f4-FRA
GET H2	200	wt Show response polarcdn-pentos.com/ Frame 8A2B	3 B 92 B	22ms 22ms	XHR application/octet-stream	104.17.192.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-pentos.com/wt?e=3&n=3&p=UNKNOWN&s=1&u=3ee8dea3-0a2d-48a3-a0a2-cfd8bb13078c&v=1%2Fffd7b27&w=1.191.0&y=w&z=v1.7.3&pas=asa-web&pag2=%2F16059533%2FPaymentsSource%2FIndex&pai=c2484&d=www.paymentssource.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&cu=4deb21aabda4ca0529fc74f89a39cb6f&t=arx&parcid=de221&parid=c6ff9&parin=1&partm=1&par=s&maxts=0.004&pvhref=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&_=1591036379482 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.192.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7 Request headers Accept text/plain, */*; q=0.01 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 419904 cf-ray 59cb053bedea0b63-AMS status 200 content-length 3 x-amz-id-2 M/+/LVkcyNiTl8bAFLPzt5/M3gX6rwfHTGSz8jD03spE+4+8QofYWJiYSkc3Cl+KXe6bvpwirqg= last-modified Mon, 09 Jul 2018 17:31:51 GMT server cloudflare etag "28e4477bb454eb35226fe56082545e13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 access-control-allow-methods GET x-amz-request-id F24ABB30F47D9897 access-control-allow-origin * cache-control public, max-age=604800 cf-request-id 0312c1996c00000b6393150200000001 accept-ranges bytes content-type application/octet-stream
GET H2	200	b9e3500c5885468db66bd01beacfca11 Show response polarcdn-terrax.com/nativeads/v1.4.0/json/creative/hostname/www.paymentssource.com/promofeed/ Frame 8A2B	67 KB 8 KB	160ms 160ms	XHR application/json	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-terrax.com/nativeads/v1.4.0/json/creative/hostname/www.paymentssource.com/promofeed/b9e3500c5885468db66bd01beacfca11?fragment=4 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7d64567a64df089cac86b17e6c6a119ff5e86397d3c6a3168cfa0b46512a5d6 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip server cloudflare status 200 etag W/"2f7f1b122295954b343ea0f58cfcae58" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Country, CF-Ray cache-control max-age=900 x-country DE cf-ray 59cb053bdd1097d8-FRA cf-request-id 0312c19968000097d880005200000001
GET DATA	200 OK	truncated / Frame 8A2B	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 23ed77b72c7f4ee62c9aaf17a91367e23faf0cae97a4c6fbf1d194a830196a18 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame 136B	45 KB 13 KB	34ms 34ms	Script application/javascript	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=11046&campId=1x1&pubId=4577422251&chanId=138622813&placementId=4695651796&pubCreative=138297123118&pubOrder=2323998910&cb=2129655584&custom=native-in-brief1&adsafe_par&impId=518b63d7-a436-11ea-8163-06d8cca89c2a&custom2=PSO_Sentiment_Survey&custom3=research_email Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 1e13206d2028412cb40e7ff82f7fc4b5b376969238727312ee25069e2e0b8233 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip x-server-name app14.ie.303net.net status 200 content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	main.gr.19.8.83.js Show response static.adsafeprotected.com/ Frame 126B	174 KB 56 KB	60ms 16ms	Script application/javascript	2600:9000:2190:5a00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.83.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=1x1&pubId=4577422251&chanId=138622813&placementId=4695651796&pubCreative=138238907521&pubOrder=2323998910&cb=417746187&custom=native-in-latest1&adsafe_par&impId=518b159a-a436-11ea-8a70-062810ec67f6&custom2=PSO_Sentiment_Survey&custom3=research_email Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42bdfdcbc187d7abc4862ea2a859983b99f84708773b487a0185acc4f7b005aa Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 29 May 2020 17:12:05 GMT content-encoding gzip age 264055 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Fri, 29 May 2020 16:56:42 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id q8t_JT4ayhho.9Lki7fuiICVmhCBTrdZ via 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop ZRH50-C1 content-type application/javascript x-amz-cf-id jLFwA5NXJA6OnQkfRWEpVvFbU3Q1aPbf2OWt5FyiYpFJFLPnn4xmkA==
GET H2	200	main.gr.19.8.83.js Show response static.adsafeprotected.com/ Frame 136B	174 KB 56 KB	17ms 16ms	Script application/javascript	2600:9000:2190:5a00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.83.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=11046&campId=1x1&pubId=4577422251&chanId=138622813&placementId=4695651796&pubCreative=138297123118&pubOrder=2323998910&cb=2129655584&custom=native-in-brief1&adsafe_par&impId=518b63d7-a436-11ea-8163-06d8cca89c2a&custom2=PSO_Sentiment_Survey&custom3=research_email Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42bdfdcbc187d7abc4862ea2a859983b99f84708773b487a0185acc4f7b005aa Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 29 May 2020 17:12:05 GMT content-encoding gzip age 264055 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Fri, 29 May 2020 16:56:42 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id q8t_JT4ayhho.9Lki7fuiICVmhCBTrdZ via 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop ZRH50-C1 content-type application/javascript x-amz-cf-id FSG0pU5UesCI0fUVsU35DGwiZDHlGXi_iMWoYMBUPkclxYFLYVUp9w==
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 233 B	14ms 14ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020052102&jk=637783577357624&bg=!HR6lHgZY6sHp6tg9a4cCAAAAVVIAAAANmQF-jmF1tc-46wm8U0mIC4JWm98Ot6haoJwIvLMwJBd4SKn36yoJifCHkZ6CzxKM-Sz38DOTYhvM7BZ8IE-DosalrqA3uDfMSGIye1PbY5HYC6i-Y794DywKTQgAai1wnwgwLMyyVXHPpFVBjrW9h2v0LyqlVL7cdVlp6Jb3Eir417MQ2ckY3ykKQt01gEYgQ_BMLm5TCruFvvqIwsp5DFHjnzMajUTl4Q-PLxAwSSQCLU_IiHk2BUfwyWD19X7-VK1Ai3ghTnzsjJ2ppXpAapJifqRnd3LTMQ6Q5-3bOZdX_VZCipboBixEWNspB2niJTXSBOYbgYNbH4krlTG0KdM8DWOR635ICTbPyCwkNjMlsSo_sp2tmrwMNbNBJyeNtgfB7lZHAcsiHj8N-yUs3Apa_EzTHKe_krOpM9figS-SVKa-mI4rM-x8XeMzTOrMQKXkoR6xycmJm5x8l2ERMV1vZNgJlZByeIwAycj9Q7oUBXgyeoZlgXrQYJrcwCvo7A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame 2493	81 KB 22 KB	14ms 14ms	Script application/javascript	2600:9000:2190:5a00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Feb 2020 01:48:27 GMT content-encoding gzip age 9045873 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Mon, 13 Jan 2020 23:54:54 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z via 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop ZRH50-C1 content-type application/javascript x-amz-cf-id v53Eo_kzUXe-gECR0qqiblZP_AglQO73lPiLAD6yQGgyVA9ptrih6Q==
GET H2	200	mon pixel.adsafeprotected.com/	43 B 216 B	39ms 39ms	Image image/gif	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=11046&campId=1x1&pubId=4577422251&chanId=138622813&placementId=4695651796&pubCreative=138297123118&pubOrder=2323998910&cb=2129655584&custom=native-in-brief1&adsafe_par&impId=518b63d7-a436-11ea-8163-06d8cca89c2a&custom2=PSO_Sentiment_Survey&custom3=research_email&adsafe_url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&adsafe_type=abdfq&adsafe_jsinfo=,id:a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08,c:epxcad,sl:inView,em:true,fr:true,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:319.934.1.1,am:i,cc:319.934.1.1,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:s0GCvnj+111|12|131|1321|14|15*.11046|151,idMap:15*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:97,oid:51c315b2-a436-11ea-8733-02c390e9b11a,v:19.8.83,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:59 GMT x-server-name app03.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" status 200 cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	sca.17.4.114.js Show response static.adsafeprotected.com/ Frame 665F	81 KB 22 KB	13ms 13ms	Script application/javascript	2600:9000:2190:5a00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: www.paymentssource.com URL: https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 18 Feb 2020 01:48:27 GMT content-encoding gzip age 9045873 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED last-modified Mon, 13 Jan 2020 23:54:54 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z via 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop ZRH50-C1 content-type application/javascript x-amz-cf-id 4eP23bgLpMYWU7LGZw6T3ExzX6CYvb9MFFR87AdLA83uyfsDY7riXA==
GET H2	200	mon pixel.adsafeprotected.com/	43 B 215 B	51ms 51ms	Image image/gif	52.213.83.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=11046&campId=1x1&pubId=4577422251&chanId=138622813&placementId=4695651796&pubCreative=138238907521&pubOrder=2323998910&cb=417746187&custom=native-in-latest1&adsafe_par&impId=518b159a-a436-11ea-8a70-062810ec67f6&custom2=PSO_Sentiment_Survey&custom3=research_email&adsafe_url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&adsafe_type=abdfq&adsafe_jsinfo=,id:3c651688-1a08-1140-bf47-96e7e0163fc2,c:epxcbr,sl:inView,em:true,fr:true,mn:app19ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,pl:,rmeas:1,rend:1,renddet:DIV.qs.tn,es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:195,oid:51bbc263-a436-11ea-9603-068792706006,v:19.8.83,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.83.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-83-3.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 01 Jun 2020 18:32:59 GMT x-server-name app21.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" status 200 cache-control no-cache content-type image/gif content-length 43 server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	42ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxcby,pingTime:0,time:179,type:pf,im:{pBlk:108},clog:[{piv:100,vs:i,r:,w:1,h:1,t:96}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:179,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:95,wc:0.0.1600.1200,ac:319.934.1.1,am:i,cc:319.934.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[102~100],as:[102~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:s0GCvnj+111|12|131|1321|14|15*.11046|151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:59 GMT X-Server-Name dt63ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	41ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=3c651688-1a08-1140-bf47-96e7e0163fc2&tv={c:epxcbJ,pingTime:0,time:213,type:pf,im:{pBlk:199},clog:[{piv:100,vs:i,r:,w:1,h:1,t:195}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:214,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:195,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[28~100],as:[28~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.tn}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:59 GMT X-Server-Name dt07ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	40ms 14ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxcbN,pingTime:-2,time:194,type:a,im:{sf:0,pom:1,prf:{beA:40,beZ:61,mfA:114,cmA:115,inA:115,inZ:121,prA:121,prZ:126,si:136,poA:136,bl:148,poZ:148,cmZ:148,mfZ:148,loA:220,loZ:223,ltA:233,ltZ:233}},sca:{dfp:{df:0}},env:{cca:false,gca:false,gca2:false},clog:[{piv:100,vs:i,r:,w:1,h:1,t:96}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:194,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:95,wc:0.0.1600.1200,ac:319.934.1.1,am:i,cc:319.934.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[116~100],as:[116~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:s0GCvmW+111|12|13.11046|131|1321|14|15*.11046|151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,slid:[google_ads_iframe_/16059533/PaymentsSource/Index_1,google_ads_iframe_/16059533/PaymentsSource/Index_1__container__,googleAdf80051d2-9e75-43d8-97ff-4de8173d3585],sinceFw:97,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:59 GMT X-Server-Name dt88ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	/ polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/ Frame 1F1C	0 0	14ms 13ms	Document text/html	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/ Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority polarcdn-terrax.com :scheme https :path /privacy/v1.0.0/html/optout/readwrite/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 01 Jun 2020 18:32:59 GMT content-type text/html; charset=utf-8 content-length 1291 set-cookie __cfduid=d5b71ac8672af910d5a6c1bc5b00d0e8d1591036379; expires=Wed, 01-Jul-20 18:32:59 GMT; path=/; domain=.polarcdn-terrax.com; HttpOnly; SameSite=Lax vary Accept-Encoding access-control-allow-headers Authorization access-control-expose-headers CF-IPCountry, X-Country, CF-Ray cache-control max-age=900 access-control-allow-origin * access-control-allow-methods GET timing-allow-origin * content-encoding gzip x-varnish 2159259811 2159253307 age 174 via 1.1 varnish cf-cache-status HIT accept-ranges bytes cf-request-id 0312c19a600000c2f4e605f200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 59cb053d68dcc2f4-FRA
GET H2	200	5deabfbbfc70759534a9f5f8 polarcdn-terrax.com/image/v1.0.0/bin/	53 KB 53 KB	20ms 20ms	Image image/jpeg	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://polarcdn-terrax.com/image/v1.0.0/bin/5deabfbbfc70759534a9f5f8?v=c21cd&w=2726 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eb4058d8c2e24ebde20b437e6671cd60555db50f4affa24ad318951958d1e87 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT via 1.1 varnish cf-cache-status HIT age 216667 status 200 access-control-max-age 432000 content-type image/jpeg content-length 54590 cf-request-id 0312c19a630000c2f4e6062200000001 timing-allow-origin * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET x-varnish 2154217045 2154053115 access-control-allow-origin * cache-control public, max-age=432000 accept-ranges bytes cf-ray 59cb053d68fac2f4-FRA
GET H2	200	wt Show response polarcdn-pentos.com/ Frame 8A2B	3 B 92 B	23ms 22ms	XHR application/octet-stream	104.17.192.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-pentos.com/wt?e=4&n=3&p=NA-PAYMSOUR-11239213&s=1&u=3ee8dea3-0a2d-48a3-a0a2-cfd8bb13078c&v=1%2Fffd7b27&w=1.191.0&y=w&z=v1.7.3&pas=asa-web&pag2=%2F16059533%2FPaymentsSource%2FIndex&pai=c2484&d=www.paymentssource.com&l=+%5BNative+In-Brief+%2F+In-Article+-+NEW+CMS%5D&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&pecy=DE&c=908b4f57ae00486f85df79b68e5198f7&pacexp=92d64ff9a5eb42eabc55c2a65b38dbf4&pepf=b9e3500c5885468db66bd01beacfca11&pepfs=43e2c57111ef43e09f1a0c51d658316f&pepfo=r&t=i&pasp=1494467d31cf4c22a47bafb49242c515&papss=a&pvhref=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&_=1591036379483 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.192.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7 Request headers Accept text/plain, */*; q=0.01 Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 419904 cf-ray 59cb053d798e0b63-AMS status 200 content-length 3 x-amz-id-2 M/+/LVkcyNiTl8bAFLPzt5/M3gX6rwfHTGSz8jD03spE+4+8QofYWJiYSkc3Cl+KXe6bvpwirqg= last-modified Mon, 09 Jul 2018 17:31:51 GMT server cloudflare etag "28e4477bb454eb35226fe56082545e13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 access-control-allow-methods GET x-amz-request-id F24ABB30F47D9897 access-control-allow-origin * cache-control public, max-age=604800 cf-request-id 0312c19a6a00000b639318a200000001 accept-ranges bytes content-type application/octet-stream
GET H2	200	moatad.js Show response z.moatads.com/polar822lQSh10/	272 KB 92 KB	22ms 22ms	Script application/x-javascript	23.210.250.213 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/polar822lQSh10/moatad.js?moatClientLevel1=NA-PAYMSOUR-11239213&moatClientLevel2=Paysafe&moatClientLevel3=Single%20Creative&moatClientLevel4=The%20future%20of%20payments%20is%20integrated&moatClientSlicer1=%20%5BNative%20In-Brief%20%2F%20In-Article%20-%20NEW%20CMS%5D Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-250-213.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 0b16ab8d7ae4523646bda2a721733fbe9811a43ae7994bb067249703918a7e48 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Jun 2020 18:32:59 GMT content-encoding gzip last-modified Thu, 21 May 2020 17:10:30 GMT server AmazonS3 x-amz-request-id 5D53E406C85313F7 etag "6da80fdaa39e566f0be02133705edd76" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=30378 accept-ranges bytes content-length 94142 x-amz-id-2 Lg+EWU4fTbjl5uZDtkfvyZFEKnHINrHHHVZE8g2e0GZlizK9bw80tEp3jelwVsYsIcxIcsYtrF0=
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	19ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=3c651688-1a08-1140-bf47-96e7e0163fc2&tv={c:epxcca,pingTime:-2,time:240,type:a,im:{sf:0,pom:1,prf:{beA:129,beZ:131,mfA:314,cmA:314,inA:314,inZ:316,prA:316,prZ:319,si:324,poA:324,bl:328,poZ:328,cmZ:328,mfZ:328,loA:343,loZ:344,ltA:369,ltZ:369}},sca:{dfp:{df:4,sz:100.100,dom:div},ha1:{res1:1,ps:1,ts:1591036379729,psfr:1}},env:{cca:false,gca:false,gca2:false},clog:[{piv:100,vs:i,r:,w:1,h:1,t:195}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:240,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:195,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[54~100],as:[54~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.tn,slid:[google_ads_iframe_/16059533/PaymentsSource/Index_2,google_ads_iframe_/16059533/PaymentsSource/Index_2__container__,googleAd145155c2-65f7-4039-b80b-e1a884b9d17c],sinceFw:45,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:59 GMT X-Server-Name dt63ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	14ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxcdd,time:282,type:e,im:{pWait:7},env:{ar:self.0},es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:283,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:95,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[205~100],as:[205~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:46,fm:s0GCvmW+111|12|13.11046|131|1321|14|15*.11046|151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:59 GMT X-Server-Name dt63ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	15ms 15ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=3c651688-1a08-1140-bf47-96e7e0163fc2&tv={c:epxcde,time:306,type:e,im:{pWait:5},env:{ar:self.0},es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:306,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:195,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[120~100],as:[120~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:24,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.tn}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:32:59 GMT X-Server-Name dt88ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	index.php Show response a.dpmsrv.com/dpmpxl/	5 B 1 KB	102ms 101ms	Script text/javascript	34.192.142.95 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=7568712%2C6451507%2C6745346&cl=342&pixelIndex=0&r=929165&tzOffset=-120&url=https%3A%2F%2Fwww.paymentssource.com%2Fcoronavirus%3Futm_source%3Dresearch%26utm_medium%3Demail%26utm_campaign%3DPSO_Sentiment_Survey%26bt_ee%3DoVPoh%252FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%252FvMCGWUPzDxlamk1LW2w5LjUi%252BacQvdC6JveF%252BkevVIzw%253D%253D%26bt_ts%3D1591034881989&id=1162883685009468026&_=1591036378495 Requested by Host: s.dpmsrv.com URL: https://s.dpmsrv.com/dpm_c415505dca69be631ca5d391b3ccd2b44b52d017.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-192-142-95.compute-1.amazonaws.com Software / Resource Hash fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache content-encoding gzip Access-Control-Max-Age 10 Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/javascript Access-Control-Allow-Headers content-type, accept Content-Length 31 Expires 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain https://ib.adnxs.com/seg?member=827&add=7568712,6451507,6745346 https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D7568712%2C6451507%2C6745346	43 B 1 KB	24ms 24ms	Image image/gif	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D7568712%2C6451507%2C6745346 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:01 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80 AN-X-Request-Uuid f80c62ca-58b9-4882-8ffe-61976518a428 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:01 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.151:80 AN-X-Request-Uuid 1cf83e8c-6281-4382-ba71-18779a9d6b7a Server nginx/1.13.4 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D7568712%2C6451507%2C6745346 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=803560&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D803560%26t%3D2	43 B 1 KB	14ms 14ms	Image image/gif	185.33.220.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D803560%26t%3D2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:01 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.232:80 AN-X-Request-Uuid 25194918-c7f1-4c9f-b118-7c44ff16faee Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:01 GMT X-Proxy-Origin 185.217.171.12; 185.217.171.12; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.122:80 AN-X-Request-Uuid 0383cf5d-bf98-4fff-8fc1-d47d2437e39f Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D803560%26t%3D2 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	14ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxcgW,pingTime:-10,time:513,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220202020222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1591036380048||fcd22a969efc36e9dae6588450f62846||71ff54ebddb1e090fbf173d96e2342c8||3c800599539868da2218527c4e6d438b||9f5d1e84a0193ada2c13162fba67c03f||3d3272a8f2b48c344d6c645381dd9f3e||c5b4e929b2332d16b1ff5257ef872db8||bfb60bf9824b139ca6a4b77ab5b16228||1576000828} Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Server-Name dt88ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	clickstream.js Show response d10lpsik1i8c69.cloudfront.net/js/ Frame F68B	286 KB 92 KB	127ms 49ms	Script application/javascript	13.224.89.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=c1452af Requested by Host: d10lpsik1i8c69.cloudfront.net URL: https://d10lpsik1i8c69.cloudfront.net/w.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.89.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-82.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 475a5cf9c23970be55124922456b1eac48a634d015adbf2fdcc0552be86725c8 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer Origin https://www.paymentssource.com Response headers date Mon, 01 Jun 2020 11:47:07 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 24354 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Fri, 08 May 2020 15:07:06 GMT server AmazonS3 access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 x-amz-cf-id 7JOtFHLlvF55lfsNRtZtfaqqd23prb7RYPIsxYVP-YVCGJcfC_czzg==
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	14ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxcs5,pingTime:1,time:1204,type:p,clog:[{piv:100,vs:i,r:,w:1,h:1,t:96}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1204,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:95,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[1126~100],as:[1126~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:16,fm:s0GCvmW+111|12|13.11046|131|1321|14|15*.11046|151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Server-Name dt88ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	15ms 15ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxcs6,pingTime:1,time:1205,type:c,clog:[{piv:100,vs:i,r:,w:1,h:1,t:96}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1205,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:95,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[1127~100],as:[1127~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:16,fm:s0GCvmW+111|12|13.11046|131|1321|14|15*.11046|151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Server-Name dt63ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	15ms 14ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxcs6,pingTime:1,time:1205,type:c,clog:[{piv:100,vs:i,r:,w:1,h:1,t:96}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1206,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:95,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[1128~100],as:[1128~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:16,fm:s0GCvmW+111|12|13.11046|131|1321|14|15*.11046|151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Server-Name dt07ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	15ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=3c651688-1a08-1140-bf47-96e7e0163fc2&tv={c:epxcs8,pingTime:1,time:1230,type:p,clog:[{piv:100,vs:i,r:,w:1,h:1,t:195}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1230,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:195,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[1044~100],as:[1044~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:17,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.tn}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Server-Name dt73ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	28ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=3c651688-1a08-1140-bf47-96e7e0163fc2&tv={c:epxcs9,pingTime:1,time:1231,type:c,clog:[{piv:100,vs:i,r:,w:1,h:1,t:195}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1231,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:195,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[1045~100],as:[1045~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:17,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.tn,metricId:publ1,cmr:t}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Server-Name dt88ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	29ms 14ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=3c651688-1a08-1140-bf47-96e7e0163fc2&tv={c:epxcsa,pingTime:1,time:1232,type:c,clog:[{piv:100,vs:i,r:,w:1,h:1,t:195}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1232,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:195,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[1046~100],as:[1046~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:17,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.tn,metricId:grpm1,cmr:t}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:00 GMT X-Server-Name dt07ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	14ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=a8a8bc50-b915-c45e-3bf3-10b6a8a4bc08&tv={c:epxdue,pingTime:5,time:5181,type:p,clog:[{piv:100,vs:i,r:,w:1,h:1,t:96}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5181,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:95,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[5103~100],as:[5103~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:23,fm:s0GCvmW+111|12|13.11046|131|1321|14|15*.11046|151,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:04 GMT X-Server-Name dt07ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	14ms 13ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=11046&asId=3c651688-1a08-1140-bf47-96e7e0163fc2&tv={c:epxduo,pingTime:5,time:5214,type:p,clog:[{piv:100,vs:i,r:,w:1,h:1,t:195}],es:0,sc:1,rv:0,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5215,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:195,wc:0.0.1600.1200,ac:0.0.1.1,am:i,cc:0.0.1.1,piv:100,obst:0,th:0,reas:,bkn:{piv:[5029~100],as:[5029~1.1]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:75,fm:s0GCvmW+111|12|13*.11046|131|1321|14|151|152,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.tn}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS amidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 01 Jun 2020 18:33:04 GMT X-Server-Name dt88ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
POST H/1.1	204 No Content	_track Show response www.paymentssource.com/	0 312 B	225ms 225ms	XHR text/plain	13.224.95.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.paymentssource.com/_track Requested by Host: arizent.brightspotcdn.com URL: https://arizent.brightspotcdn.com/resource/0000016a-26be-d776-a36b-27fe4f410000/_resource/analytics/bsp-analytics.min.6d69b9c92fae206d4b74ad35e7b2122d.gz.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.95.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-95-71.zrh50.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.paymentssource.com/coronavirus?utm_source=research&utm_medium=email&utm_campaign=PSO_Sentiment_Survey&bt_ee=oVPoh%2FQ74EFpqA3DyY8P2jdXSJx0A8FaS2elrnpH2%2FvMCGWUPzDxlamk1LW2w5LjUi%2BacQvdC6JveF%2BkevVIzw%3D%3D&bt_ts=1591034881989 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 01 Jun 2020 18:33:07 GMT Via 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront) Server Apache-Coyote/1.1 Connection keep-alive X-Amz-Cf-Pop ZRH50-C1 X-Amz-Cf-Id VYwLAukZaGq7ogswBN6aqixqMib1DSvvt56Y2IJFAsUX_lvJBsZHKQ== X-Cache Miss from cloudfront