Submitted URL: https://user.idrapoll.com/
Effective URL: https://user.idrapoll.com/login_required.php?r=4
Submission: On August 19 via automatic, source certstream-suspicious

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 39 HTTP transactions. The main IP is 52.49.233.77, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is user.idrapoll.com.
TLS certificate: Issued by R3 on August 19th 2021. Valid for: 3 months.
This is the only time user.idrapoll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
11 user.idrapoll.com 1 redirects user.idrapoll.com
9 www.gstatic.com www.google.com
www.gstatic.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
5 www.google.com user.idrapoll.com
www.gstatic.com
www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com user.idrapoll.com
2 maxcdn.bootstrapcdn.com user.idrapoll.com
1 stats.g.doubleclick.net www.google-analytics.com
1 npmcdn.com user.idrapoll.com
1 www.googletagmanager.com user.idrapoll.com
39 10

This site contains no links.

Subject Issuer Validity Valid
user.idrapoll.com
R3
2021-08-19 -
2021-11-17
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-01 -
2022-02-28
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh

This page contains 3 frames:

Primary Page: https://user.idrapoll.com/login_required.php?r=4
Frame ID: 2A310E6897815FAE9C30A3A889A3B13F
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
Frame ID: 18F815C6767BB69B8D7DFAB89C07DACD
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
Frame ID: 105C799B4B1F5ADB5B994F3FEA076A2E
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

IdraPoll - Shpërblehu për opinionin tënd!

Page URL History Show full URLs

  1. https://user.idrapoll.com/ HTTP 302
    https://user.idrapoll.com/login_required.php?r=4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+sweet-alert(?:\.min)?\.css/i
  • script /sweet-alert(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

39
Requests

100 %
HTTPS

92 %
IPv6

9
Domains

10
Subdomains

13
IPs

4
Countries

754 kB
Transfer

1860 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://user.idrapoll.com/ HTTP 302
    https://user.idrapoll.com/login_required.php?r=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login_required.php
user.idrapoll.com/
Redirect Chain
  • https://user.idrapoll.com/
  • https://user.idrapoll.com/login_required.php?r=4
9 KB
3 KB
Document
General
Full URL
https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
261607d297e1f97458bf73d238806633e8e2790e98275a926ab390b0ce0ff331

Request headers

Host
user.idrapoll.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Server
Apache/2.4.18 (Ubuntu)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3212
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
login_required.php?r=4
Content-Length
3822
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/
147 KB
21 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://user.idrapoll.com
Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
2338341
cdn-cachedat
2021-06-08 21:13:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:02 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a2938eb03516b41beea1c6522449b9cf
cf-ray
6813b3b78a6b4ec8-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
sweet-alert.css
user.idrapoll.com/assets/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://user.idrapoll.com/assets/css/sweet-alert.css
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c2b86d0da0d0048e58482507b735a6f8626a98fe604751a3711dd5ab5322821c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 09:05:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2df7-567e87e2d4005-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2428
style.css
user.idrapoll.com/assets/css/
29 KB
5 KB
Stylesheet
General
Full URL
https://user.idrapoll.com/assets/css/style.css?v=20210819152424
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aae3a648a80f8c3d3d20cf94bf3894f16b8b06af4aa9aeb3ec26eb726432fd3f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 09:28:47 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"75f0-599f7125fe22c-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4407
js
www.googletagmanager.com/gtag/
101 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131272963-1
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27edf5f27fc170955def3b8a36c8b3ec1a97f2fbe79abc5062c4fa030bf069bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:24:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41015
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Aug 2021 13:24:25 GMT
font-awesome.css
user.idrapoll.com/polladmin/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://user.idrapoll.com/polladmin/css/font-awesome.css
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 09:05:31 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"626d-567e87e36e4bd-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4983
css
fonts.googleapis.com/
1 KB
548 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Quicksand
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f631b7f7428056e6244917bca72f7e2c3a9d90063810a86f3a3d3b9497c9b77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 12:48:20 GMT
server
ESF
date
Thu, 19 Aug 2021 13:24:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Aug 2021 13:24:24 GMT
jquery.min.js
user.idrapoll.com/bower_components/jquery/dist/
82 KB
29 KB
Script
General
Full URL
https://user.idrapoll.com/bower_components/jquery/dist/jquery.min.js
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ac1b82725819fba761d03c03a208214a9157bb026cc5e843d43105970407603a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 09:05:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1493c-567e87e324141-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29529
tether.min.js
npmcdn.com/tether@1.2.4/dist/js/
23 KB
8 KB
Script
General
Full URL
https://npmcdn.com/tether@1.2.4/dist/js/tether.min.js
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a208a14587694c3607e6a9421063aec6495232c103d872a1d3e750379d83c28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12932451
vary
Accept-Encoding
last-modified
Wed, 20 Apr 2016 14:30:18 GMT
server
cloudflare
etag
W/"5b57-YU4/LM87aoEbNVZlg/GdUADKGmk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl8AxiNwuQcyKC7CDw1UavAnDU%2FDuAdHeIsvWEHFyXmnojYz2iW6FJdxRnNPEb5xO3TCTUawSYnj6RN3DWf6Immjiu7qaXRpqmCjlsJbtxA0Lz1CouFXe9dW6rkSztXdMF7yL6O0krw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
fe07e7ae8369cf30b07dbbab2b86c26e
cache-control
public, max-age=31536000
cf-ray
6813b3b7ab59e007-FRA
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/
46 KB
12 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://user.idrapoll.com
Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
435798
cdn-cachedat
2021-06-08 21:12:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:02 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bd596394eaa9bc82cd1e59eb870e4814
cf-ray
6813b3b78a6d4ec8-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
sweet-alert.min.js
user.idrapoll.com/assets/js/
11 KB
4 KB
Script
General
Full URL
https://user.idrapoll.com/assets/js/sweet-alert.min.js
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4f49337261042b5d30d6069f00e25a8ae189f812fdf61a0efdd2dc69fdd52f48

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 09:05:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2d1e-567e87e2e49a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4039
jquery.paginate.css
user.idrapoll.com/assets/pagination/src/
788 B
672 B
Stylesheet
General
Full URL
https://user.idrapoll.com/assets/pagination/src/jquery.paginate.css
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e0e7357f466bf5a0d2c56ff6ba83dbd8c0d2fad5e2d60622c7b1cb08fc2d1eb5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 09:05:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"314-567e87e2e5944-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
336
jquery.paginate.js
user.idrapoll.com/assets/pagination/src/
7 KB
2 KB
Script
General
Full URL
https://user.idrapoll.com/assets/pagination/src/jquery.paginate.js
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
21523a8b3ae4d3ccc8f1e64ead5efb2c36db7f43ea2b124ea3d475e4fcb9db81

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 09:05:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1db9-567e87e2e5944-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1821
api.js
www.google.com/recaptcha/
850 B
643 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d6ffde0bc44344c9007373cfd28cad502d8ab3dffb0f7c02fd72f68d309386b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:24:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Thu, 19 Aug 2021 13:24:25 GMT
en.svg
user.idrapoll.com/assets/flags/
2 KB
2 KB
Image
General
Full URL
https://user.idrapoll.com/assets/flags/en.svg
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
057b0b788a6f7bd96da31db20e2abeade3df4ed9c51fdf268316b9f7725097e9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:25 GMT
Last-Modified
Wed, 21 Mar 2018 09:05:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"750-567e87e2d4005"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1872
sq.svg
user.idrapoll.com/assets/flags/
5 KB
5 KB
Image
General
Full URL
https://user.idrapoll.com/assets/flags/sq.svg
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/login_required.php?r=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.233.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-233-77.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6334d7430e87dfb2de78edace1bb930ab117b6a7ebc4d01781defbff2249f0f8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
user.idrapoll.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://user.idrapoll.com/login_required.php?r=4
Cookie
PHPSESSID=2sgkmhoenvdo3i0nblrsjp0mh3
Connection
keep-alive
Referer
https://user.idrapoll.com/login_required.php?r=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 13:24:25 GMT
Last-Modified
Wed, 21 Mar 2018 09:05:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1384-567e87e2d4005"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4996
css
fonts.googleapis.com/
3 KB
463 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Quicksand:400,500,700
Requested by
Host: user.idrapoll.com
URL: https://user.idrapoll.com/assets/css/style.css?v=20210819152424
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b04f6703b32ea5c59ecd88ec8028c039a004b0feb7a57356ca03d63ba201b2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 13:03:06 GMT
server
ESF
date
Thu, 19 Aug 2021 13:24:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Aug 2021 13:24:24 GMT
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v24/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v24/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://user.idrapoll.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 18:55:15 GMT
x-content-type-options
nosniff
age
239350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 18:33:23 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 18:55:15 GMT
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v24/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v24/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://user.idrapoll.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 18:59:44 GMT
x-content-type-options
nosniff
age
239081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 18:17:05 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 18:59:44 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/
340 KB
132 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://user.idrapoll.com
Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 12:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135293
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 12:07:15 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131272963-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6471
date
Thu, 19 Aug 2021 11:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 19 Aug 2021 13:36:34 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1411032174&t=pageview&_s=1&dl=https%3A%2F%2Fuser.idrapoll.com%2Flogin_required.php%3Fr%3D4&ul=en-us&de=UTF-8&dt=IdraPoll%20-%20Shp%C3%ABrblehu%20p%C3%ABr%20opinionin%20t%C3%ABnd!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1024926887&gjid=2045846049&cid=1562859136.1629379465&tid=UA-131272963-1&_gid=1040464143.1629379465&_r=1&gtm=2ou8g0&z=1697556851
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Aug 2021 13:24:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://user.idrapoll.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 18F8
40 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6acf1186a4b4ae91f5b6183b89ffce183281f57811867d4c7d86711bdea01bfb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IQQEV8VBSLh4dmJ9ddWJVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user.idrapoll.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user.idrapoll.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 19 Aug 2021 13:24:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-IQQEV8VBSLh4dmJ9ddWJVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20658
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/
1 B
86 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-131272963-1&cid=1562859136.1629379465&jid=1024926887&gjid=2045846049&_gid=1040464143.1629379465&_u=YEBAAUAAAAAAAC~&z=167703706
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://user.idrapoll.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 19 Aug 2021 13:24:25 GMT
content-type
text/plain
access-control-allow-origin
https://user.idrapoll.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 18F8
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 11:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 11:41:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 18F8
340 KB
132 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 11:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135293
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 11:32:35 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 18F8
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 23:34:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
222620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 23 Aug 2021 23:34:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 18F8
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options
nosniff
age
230224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 18F8
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 14:26:18 GMT
x-content-type-options
nosniff
age
169087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 14:26:18 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 18F8
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&co=aHR0cHM6Ly91c2VyLmlkcmFwb2xsLmNvbTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=s02kpvwkc9d4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:24:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 19 Aug 2021 13:24:25 GMT
bframe
www.google.com/recaptcha/api2/ Frame 105C
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4ecabc4db860eb08b04ae62b807cd886e4dd719726f3cb6969d51cb765432d9a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8/eMYrUnwV/YJxcOlmGKLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user.idrapoll.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user.idrapoll.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 19 Aug 2021 13:24:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-8/eMYrUnwV/YJxcOlmGKLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1111
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 105C
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 11:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 11:41:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 105C
340 KB
132 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 11:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135293
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Aug 2022 11:32:35 GMT
reload
www.google.com/recaptcha/api2/ Frame 105C
34 KB
20 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b6464b169be6f69cb316cf800c65f74fda55efee156e6165eba1b58fb2202272
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 19 Aug 2021 13:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20481
x-xss-protection
1; mode=block
expires
Thu, 19 Aug 2021 13:24:26 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 105C
600 B
622 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:57:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
188793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
expires
Tue, 24 Aug 2021 08:57:53 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 105C
530 B
553 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 04:57:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
462423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
expires
Sat, 21 Aug 2021 04:57:23 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 105C
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:00:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
210241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
expires
Tue, 24 Aug 2021 03:00:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 105C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options
nosniff
age
230225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 105C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LfT-zwUAAAAAPm_ESNh56V3hDU8NAkXfULy1TDc&cb=95pxyvz9lrhs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 14:26:18 GMT
x-content-type-options
nosniff
age
169088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 14:26:18 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer function| $ function| jQuery function| Tether function| swal function| sweetAlert function| onSubmit function| getCookie function| setCookie function| changeLanguage object| google_tag_manager object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_554823

4 Cookies

Domain/Path Name / Value
.idrapoll.com/ Name: _gat_gtag_UA_131272963_1
Value: 1
.idrapoll.com/ Name: _gid
Value: GA1.2.1040464143.1629379465
.idrapoll.com/ Name: _ga
Value: GA1.2.1562859136.1629379465
user.idrapoll.com/ Name: PHPSESSID
Value: 2sgkmhoenvdo3i0nblrsjp0mh3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
npmcdn.com
stats.g.doubleclick.net
user.idrapoll.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2606:4700:20::ac43:4951
2606:4700::6812:bcf
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9c
52.49.233.77
057b0b788a6f7bd96da31db20e2abeade3df4ed9c51fdf268316b9f7725097e9
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21523a8b3ae4d3ccc8f1e64ead5efb2c36db7f43ea2b124ea3d475e4fcb9db81
261607d297e1f97458bf73d238806633e8e2790e98275a926ab390b0ce0ff331
27edf5f27fc170955def3b8a36c8b3ec1a97f2fbe79abc5062c4fa030bf069bb
305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4ecabc4db860eb08b04ae62b807cd886e4dd719726f3cb6969d51cb765432d9a
4f49337261042b5d30d6069f00e25a8ae189f812fdf61a0efdd2dc69fdd52f48
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6334d7430e87dfb2de78edace1bb930ab117b6a7ebc4d01781defbff2249f0f8
6acf1186a4b4ae91f5b6183b89ffce183281f57811867d4c7d86711bdea01bfb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f631b7f7428056e6244917bca72f7e2c3a9d90063810a86f3a3d3b9497c9b77
718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c
7a208a14587694c3607e6a9421063aec6495232c103d872a1d3e750379d83c28
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b04f6703b32ea5c59ecd88ec8028c039a004b0feb7a57356ca03d63ba201b2a
9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9
aae3a648a80f8c3d3d20cf94bf3894f16b8b06af4aa9aeb3ec26eb726432fd3f
ac1b82725819fba761d03c03a208214a9157bb026cc5e843d43105970407603a
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
b6464b169be6f69cb316cf800c65f74fda55efee156e6165eba1b58fb2202272
c2b86d0da0d0048e58482507b735a6f8626a98fe604751a3711dd5ab5322821c
d6ffde0bc44344c9007373cfd28cad502d8ab3dffb0f7c02fd72f68d309386b1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e7357f466bf5a0d2c56ff6ba83dbd8c0d2fad5e2d60622c7b1cb08fc2d1eb5
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9