urlscan.io logo urlscan.io
SecurityTrails logo

a.profitsurvey.live Open in urlscan Pro
2606:4700:3035::ac43:8a73  Public Scan

Go To Rescan Add Verdict Report
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Submission: On August 31 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3035::ac43:8a73, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.profitsurvey.live.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.
This is the only time a.profitsurvey.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3035::ac43:8a73 (United States)

ASN13335 (CLOUDFLARENET, US)
a.profitsurvey.live
4    139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)
propeller-tracking.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
9 a.profitsurvey.live a.profitsurvey.live
6 mc.yandex.com 2 redirects a.profitsurvey.live
mc.yandex.ru
4 propeller-tracking.com a.profitsurvey.live
propeller-tracking.com
2 mc.yandex.ru 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
a.profitsurvey.live
1 www.google.de a.profitsurvey.live
1 www.google.com a.profitsurvey.live
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com a.profitsurvey.live
1 my.rtmark.net a.profitsurvey.live
25 10

This site contains links to these domains. Also see Links.

Domain
beturtwiga.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
propeller-tracking.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-05 -
2021-11-05		 a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Frame ID: 3A60F0837F529908261EEBF38A98D2FD
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

$$$ Online Test

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

25
Requests

100 %
HTTPS

78 %
IPv6

10
Domains

10
Subdomains

9
IPs

5
Countries

271 kB
Transfer

824 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9381.zaOs2dvXl7QaRim6reAxVyW-OSiLjKwYMKdXmZ1dnY2cMS7COUVUKLptJAojnJPr.BT3JVU3M8bOnL7LvabLlcYWLEek%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9381.l3m8hrWl-eWGaZCq4L-UX17l9VKb5e7jCOK9mpGhSkM3N4Us2AvdtuVjwlQjf7gGswUb_wwFHZx6UmpHlLNWUg%2C%2C.nMy0bj-H75dolPeeJQWkePZraVk%2C
Request Chain 21
  • https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A544330170719%3Ahid%3A1061994997%3Az%3A120%3Ai%3A20210831054601%3Aet%3A1630381562%3Ac%3A1%3Arn%3A175697985%3Au%3A1630381562416223068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630381559887%3Ads%3A98%2C469%2C119%2C1%2C0%2C0%2C%2C344%2C2%2C%2C%2C%2C1035%3Adsn%3A99%2C469%2C119%2C1%2C0%2C0%2C%2C346%2C2%2C%2C%2C%2C1035%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630381562%3At%3A%24%24%24%20Online%20Test HTTP 302
  • https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A544330170719%3Ahid%3A1061994997%3Az%3A120%3Ai%3A20210831054601%3Aet%3A1630381562%3Ac%3A1%3Arn%3A175697985%3Au%3A1630381562416223068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630381559887%3Ads%3A98%2C469%2C119%2C1%2C0%2C0%2C%2C344%2C2%2C%2C%2C%2C1035%3Adsn%3A99%2C469%2C119%2C1%2C0%2C0%2C%2C346%2C2%2C%2C%2C%2C1035%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630381562%3At%3A%24%24%24%20Online%20Test

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request survey.html
a.profitsurvey.live/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619318564e4382e079882891808b80c243c050a0d2dfc93b270cca64509a78f8

Request headers

:method
GET
:authority
a.profitsurvey.live
:scheme
https
:path
/survey.html?utm_content=zd_public_v2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-type
text/html
last-modified
Mon, 30 Aug 2021 05:10:44 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2QMPj3VNdaT4AFfI3pyELqYsYbuNDDpupM%2BRPecLNshluutJbzLxV3Dcjq6cuFdNrra47UtApZNYy%2BaRJ40nbURsYKSCvO2SOifKU39xFHn6i%2BENrXIDtXL3akkz%2BTZmHDxqswYtKpn52%2BkSL%2BxzaO%2B"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
687344f129064ebc-FRA
content-encoding
br
fv.js
propeller-tracking.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/fv.js?t=82892&cb=12724596
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-trace-id
019b436f6de45363d782bae718c8ecab
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
rtc.js
a.profitsurvey.live/js/data/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/js/data/rtc.js
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0

Request headers

:path
/js/data/rtc.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5815
cf-polished
origSize=15077
last-modified
Mon, 30 Aug 2021 05:10:44 GMT
server
cloudflare
etag
W/"612c6854-3ae5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2Bygm9fO%2Bg%2FKx4IpPrEjFZWFtZdXcK%2BFbPB2EXR6yhqP68bi53rviEjQAyD5lxpt5KJusjlm3d0E1Us3hzykEvv3bIFls%2FErqCB0yhGia8JmTZrxAvDGoOh8omlC0nVzDIj%2B0wyo%2BM4GFIQvf09rTk%2B1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
687344f1f9d84ebc-FRA
cf-bgj
minify
config.js
a.profitsurvey.live/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/js/config.js
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e97ba43c4ca796ea140bec5a71ad3b7fccdd62607ffdbde3b500a222309302

Request headers

:path
/js/config.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4816
cf-polished
origSize=86052
last-modified
Mon, 30 Aug 2021 05:10:44 GMT
server
cloudflare
etag
W/"612c6854-15024"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTDinsvgKn0pSy9suSy7nFIofPtjZzWn%2B5YqsiUA4AJW0tN9LxNvjtOQ%2B5213o6DEJxGup2nAB9hEtuqa78Lo%2FVt2yRfJc0pt4uMi4u9YS39OTzhzTWegQUQfyPabsMZiCwBTKcnH6q%2Ba88YITg%2FyghT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
687344f1f9db4ebc-FRA
cf-bgj
minify
survey.css
a.profitsurvey.live/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/css/survey.css
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3be03a6b2f9eac618699d1416117e4392a7e589be7ab3db8c9fa4111d147de36

Request headers

:path
/css/survey.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5344
cf-polished
origSize=20082
last-modified
Mon, 30 Aug 2021 05:10:43 GMT
server
cloudflare
etag
W/"612c6853-4e72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CT3JuMuCcfPQEB%2BpUVfSeynSTG8fWKauXMd%2BEJsGT1l%2FpkHz8BD5FnDj54YzQfHUmbMa0i6cZDQh%2B0pNuqiEtbWKzNCpn%2F6us3slIUEFv9RyEt8yvQ0OOqBIU0zpgv72bElGRPo5zyZL5Ys1z21xzEA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
687344f1f9d64ebc-FRA
cf-bgj
minify
style.css
a.profitsurvey.live/css/ 		33 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/css/style.css?v=1
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99f9a09b49183dd3f892522333092c7bed44d6dceab0a7b5caa7e973440d7509

Request headers

:path
/css/style.css?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2199
cf-polished
origSize=34029
last-modified
Mon, 30 Aug 2021 05:10:43 GMT
server
cloudflare
etag
W/"612c6853-84ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAFnKKCFBoXnCEjFTaK5t1mkvMD52IlqkoMyKzOtTuSFl6l6WQ%2FiWpU4QbUiSLKMek6catNogfI3h%2BHBm0ElcdFMxFCM25e3LxFhMuxvnjfv3qrojYN8dfoLoWILMNCV9kmTVOfuTWiGbqL3h1jhNGem"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
687344f1f9d74ebc-FRA
cf-bgj
minify
icon-survey.svg
a.profitsurvey.live/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.profitsurvey.live/img/icon-survey.svg
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904

Request headers

:path
/img/icon-survey.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Aug 2021 05:10:43 GMT
server
cloudflare
age
5098
etag
W/"612c6853-c26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OqFjObCQ1ilLqBLt8vKJRuxIp3UQQNxQS%2FuEE2uUZF%2BVOhO0NgoOurxYmjihTuyWnx5NQaEBeMOwfH2dogOr%2FTh5x6yq1DeRst63obni8LxV5U7FVjG%2FixWxH0YD3TUXl0bbWY8zBkveNk6MYbKjKJy"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687344f2caa64ebc-FRA
survey-site.js
a.profitsurvey.live/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/js/survey-site.js
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ce1add3a481e1df35ca5c582f7b8cc2eb19779063dd89e66f2b142ef57cf3a

Request headers

:path
/js/survey-site.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Aug 2021 05:10:44 GMT
server
cloudflare
age
6873
etag
W/"612c6854-b23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dp1MNq%2BkPC2BXz1%2Fcu%2Fpp%2FXJkykHPimbVmdyQGZGzFmQ9vM%2FBsSqH6SVBnFMxJqi1Zw7%2BHj8rWhzSiuoiRwA0eFq4bPKCiGZAmYQTfpqO14gMB8nAVwR97HOnDNWc940DTZtHQ0%2BMGE%2Feydzkx3SkfnC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687344f2caa84ebc-FRA
cf-bgj
minify
survey.js
a.profitsurvey.live/js/ 		275 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/js/survey.js
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a18b1f01075dc3267781bee9c0c74e28e05f3cc258f41117a52e27f87a54c07c

Request headers

:path
/js/survey.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6017
cf-polished
origSize=281556
last-modified
Mon, 30 Aug 2021 05:10:44 GMT
server
cloudflare
etag
W/"612c6854-44bd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTSnoyWAVcGNueJwiJg5urMWcZUQBJAees9hL1jOrXxYkKv2kRP7nFuMu2RtoO%2By45wkf6yBgsi0Bvsrtw7a%2FwdP2OSvzto5m0DliSzObl55lf6FroCgbspI0UbblmDagR%2BzPyICf%2BX21q0XCWh8KECK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
687344f2ba904ebc-FRA
cf-bgj
minify
gid.js
my.rtmark.net/ 		65 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/js/survey.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d45468418ce1b8ce36167fabbcefdfa08d2f3000abb2403aea4b07f7c34e3409
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:01 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.profitsurvey.live
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
gtm.js
www.googletagmanager.com/ 		110 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e26f4558576f55921da8180de8ff48db145d0227e6750ec3d162b52c8fc49b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40431
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Aug 2021 03:46:00 GMT
cookie-consent-1.json
a.profitsurvey.live/js/dict/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.profitsurvey.live/js/dict/cookie-consent-1.json?v=1
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/js/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b21cf692d9c422efe96ada7ff51e9f81621408a56b21f5f4748bb0f3dee7345

Request headers

:path
/js/dict/cookie-consent-1.json?v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
a.profitsurvey.live
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 30 Aug 2021 05:10:44 GMT
server
cloudflare
etag
W/"612c6854-111c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVrQ%2FT6dCMhdmnXLofxsDpIN%2BajldnQsxNmflulePjvJuCgeHom%2F26GeveuZ2usyV%2Bpfj39AIle0LppUNusU3LD4VrBMlhwpofvf1jbjoc7IZ4nUpQEQZz6jdys7s8%2BuwZMDvTuRP8Nll84rPavVjecS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687344f41c124ebc-FRA
vctx
propeller-tracking.com/ 		0
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vctx?t=82892
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id
563e1f4d097445790e38057807d371ac
pragma
no-cache
date
Tue, 31 Aug 2021 03:45:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://a.profitsurvey.live
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
vbl
propeller-tracking.com/ 		0
495 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vbl?t=82892&bid=undefined&aid=undefined
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-trace-id
334be88389ad77ba2de6273c13757900
pragma
no-cache
date
Tue, 31 Aug 2021 03:45:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://a.profitsurvey.live
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
822
date
Tue, 31 Aug 2021 03:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 31 Aug 2021 05:32:19 GMT
tag.js
mc.yandex.ru/metrika/ 		224 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSFF85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:01 GMT
content-encoding
br
last-modified
Thu, 26 Aug 2021 16:59:05 GMT
etag
"6127a958-11d31"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73009
expires
Tue, 31 Aug 2021 04:46:01 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-174297796-1&cid=1217696141.1630381561&jid=413669803&gjid=1872817907&_gid=1209749656.1630381561&_u=YGBAgEABAAAAAE~&z=2040488476
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 31 Aug 2021 03:46:01 GMT
content-type
text/plain
access-control-allow-origin
https://a.profitsurvey.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=219560731&t=pageview&_s=1&dl=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&ul=en-us&de=UTF-8&dt=%24%24%24%20Online%20Test&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=413669803&gjid=1872817907&cid=1217696141.1630381561&tid=UA-174297796-1&_gid=1209749656.1630381561&gtm=2wg8p0NLSFF85&z=409897119
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:25:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4850
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-174297796-1&cid=1217696141.1630381561&jid=413669803&_u=YGBAgEABAAAAAE~&z=1967126981
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 03:46:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-174297796-1&cid=1217696141.1630381561&jid=413669803&_u=YGBAgEABAAAAAE~&z=1967126981
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 03:46:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9381.zaOs2dvXl7QaRim6reAxVyW-OSiLjKwYMKdXmZ1dnY2cMS7COUVUKLptJAojnJPr.BT3JVU3M8bOnL7LvabLlcYWLEek%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9381.l3m8hrWl-eWGaZCq4L-UX17l9VKb5e7jCOK9mpGhSkM3N4Us2AvdtuVjwlQjf7gGswUb_wwFHZx6UmpHlLNWUg%2C%2C.nMy0bj-H75dolPeeJQWkePZraVk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9381.l3m8hrWl-eWGaZCq4L-UX17l9VKb5e7jCOK9mpGhSkM3N4Us2AvdtuVjwlQjf7gGswUb_wwFHZx6UmpHlLNWUg%2C%2C.nMy0bj-H75dolPeeJQWkePZraVk%2C
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:02 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9381.l3m8hrWl-eWGaZCq4L-UX17l9VKb5e7jCOK9mpGhSkM3N4Us2AvdtuVjwlQjf7gGswUb_wwFHZx6UmpHlLNWUg%2C%2C.nMy0bj-H75dolPeeJQWkePZraVk%2C
date
Tue, 31 Aug 2021 03:46:01 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: a.profitsurvey.live
URL: https://a.profitsurvey.live/survey.html?utm_content=zd_public_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:46:01 GMT
last-modified
Thu, 26 Aug 2021 15:39:16 GMT
etag
"6127a958-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 31 Aug 2021 04:46:01 GMT
1
mc.yandex.com/watch/66423859/
Redirect Chain
  • https://mc.yandex.com/watch/66423859?wmode=7&page-url=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhs...
  • https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A544330170719%3Ahid%3A1061994997%3Az%3A120%3Ai%3A20210831054601%3Aet%3A1630381562%3Ac%3A1%3Arn%3A175697985%3Au%3A1630381562416223068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630381559887%3Ads%3A98%2C469%2C119%2C1%2C0%2C0%2C%2C344%2C2%2C%2C%2C%2C1035%3Adsn%3A99%2C469%2C119%2C1%2C0%2C0%2C%2C346%2C2%2C%2C%2C%2C1035%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630381562%3At%3A%24%24%24%20Online%20Test
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
88f1df387dd9c9e16dc6fff400c08279556d5c63b7d9674a2b9fe74c10b64cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 03:46:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 31-Aug-2021 03:46:02 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.profitsurvey.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Tue, 31-Aug-2021 03:46:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 03:46:02 GMT
last-modified
Tue, 31-Aug-2021 03:46:02 GMT
location
/watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A544330170719%3Ahid%3A1061994997%3Az%3A120%3Ai%3A20210831054601%3Aet%3A1630381562%3Ac%3A1%3Arn%3A175697985%3Au%3A1630381562416223068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630381559887%3Ads%3A98%2C469%2C119%2C1%2C0%2C0%2C%2C344%2C2%2C%2C%2C%2C1035%3Adsn%3A99%2C469%2C119%2C1%2C0%2C0%2C%2C346%2C2%2C%2C%2C%2C1035%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630381562%3At%3A%24%24%24%20Online%20Test
strict-transport-security
max-age=31536000
access-control-allow-origin
https://a.profitsurvey.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 31-Aug-2021 03:46:02 GMT
1
mc.yandex.com/watch/66423859/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66423859/1?page-url=goal%3A%2F%2Fa.profitsurvey.live%2Fnotification_permission&page-ref=https%3A%2F%2Fa.profitsurvey.live%2Fsurvey.html%3Futm_content%3Dzd_public_v2&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A1%3Als%3A544330170719%3Ahid%3A1061994997%3Az%3A120%3Ai%3A20210831054602%3Aet%3A1630381562%3Ac%3A1%3Arn%3A904629422%3Au%3A1630381562416223068%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1630381559887%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2229%2C2229%2C0%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2229%2C2229%2C0%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630381562%3At%3A%24%24%24%20Online%20Test
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 03:46:02 GMT
last-modified
Tue, 31-Aug-2021 03:46:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://a.profitsurvey.live
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 31-Aug-2021 03:46:02 GMT
vbri
propeller-tracking.com/ 		0
495 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vbri?t=82892&bid=undefined&aid=undefined&tp=3141.900001525879
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=82892&cb=12724596
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-trace-id
293313118d21687df975d2fbe8a25dbd
pragma
no-cache
date
Tue, 31 Aug 2021 03:45:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://a.profitsurvey.live
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| realtimeConfig object| global_vars object| geoLanguage object| offerLanguage function| axios object| urlParams object| reverseConfig object| dataLayer function| createAtr function| doAlert object| $alert object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| reachGoal object| gaplugins object| gaGlobal object| gaData object| Ya function| ym object| yaCounter66423859

6 Cookies

Domain/Path Name / Value
.profitsurvey.live/ Name: _ym_isad
Value: 2
.profitsurvey.live/ Name: _ym_uid
Value: 1630381562416223068
.profitsurvey.live/ Name: _ym_d
Value: 1630381562
.profitsurvey.live/ Name: _dc_gtm_UA-174297796-1
Value: 1
.profitsurvey.live/ Name: _gid
Value: GA1.2.1209749656.1630381561
.profitsurvey.live/ Name: _ga
Value: GA1.2.1217696141.1630381561

2 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
GTM -> YM 66423859
console-api log (Line 1)
Message:
GTM -> YM 66423859, reachGoal notification permission =

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.profitsurvey.live
mc.yandex.com
mc.yandex.ru
my.rtmark.net
propeller-tracking.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
139.45.195.8
139.45.197.240
2606:4700:3035::ac43:8a73
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2004
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9c
2a02:6b8::1:119
3be03a6b2f9eac618699d1416117e4392a7e589be7ab3db8c9fa4111d147de36
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
619318564e4382e079882891808b80c243c050a0d2dfc93b270cca64509a78f8
64a92922801ea676a88192b928a94d9179fe23c789767bba01647c21fb289904
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88f1df387dd9c9e16dc6fff400c08279556d5c63b7d9674a2b9fe74c10b64cea
8b21cf692d9c422efe96ada7ff51e9f81621408a56b21f5f4748bb0f3dee7345
8e26f4558576f55921da8180de8ff48db145d0227e6750ec3d162b52c8fc49b3
91e97ba43c4ca796ea140bec5a71ad3b7fccdd62607ffdbde3b500a222309302
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
99f9a09b49183dd3f892522333092c7bed44d6dceab0a7b5caa7e973440d7509
a18b1f01075dc3267781bee9c0c74e28e05f3cc258f41117a52e27f87a54c07c
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
d45468418ce1b8ce36167fabbcefdfa08d2f3000abb2403aea4b07f7c34e3409
d8e21a5fdcb464c61185f66b10a6405f01fe3a8cd639b599a5b3d2f6b5aae4c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ce1add3a481e1df35ca5c582f7b8cc2eb19779063dd89e66f2b142ef57cf3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62