www.poll-central.com Open in urlscan Pro
104.130.29.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.presentingmedicine.com/?qs=bc2efa11abbf950fcf93b4c9061e67dd4eab8ac0c772781ba0b4d43a98d0335e6542613072c51c6d4292cdc9369f...
Effective URL:
https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
Submission: On November 01 via manual (November 1st 2021, 7:05:07 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 69 HTTP transactions. The main IP is 104.130.29.26, located in United States and belongs to RACKSPACE, US. The main domain is www.poll-central.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 27th 2020. Valid for: 2 years.

This is the only time www.poll-central.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.39.110 13.111.39.110	22606 (EXACT-7) (EXACT-7)
1 21	104.130.29.26 104.130.29.26	27357 (RACKSPACE) (RACKSPACE)
3	54.68.153.11 54.68.153.11	16509 (AMAZON-02) (AMAZON-02)
6	52.19.133.188 52.19.133.188	16509 (AMAZON-02) (AMAZON-02)
2	104.85.1.75 104.85.1.75	16625 (AKAMAI-AS) (AKAMAI-AS)
19	84.207.240.86 84.207.240.86	13237 (LAMBDANET...) (LAMBDANET-AS European Backbone of AS13237)
1	2600:9000:215... 2600:9000:2156:8600:17:2bf2:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:215... 2600:9000:2156:1c00:2:50de:8a00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:800:16:4d0a:52c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
69	12

1 13.111.39.110 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email.presentingmedicine.com

click.email.presentingmedicine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.130.29.26 (United States) 1 redirects

ASN27357 (RACKSPACE, US)

www.poll-central.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.68.153.11 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-153-11.us-west-2.compute.amazonaws.com

dgan.docguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.19.133.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-188.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.85.1.75 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-75.deploy.static.akamaitechnologies.com

content.aimatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 84.207.240.86 (Germany)

ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE)
PTR: 84.207.240.86.not-updated.eunx.net

d.peer-play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
peer-play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.peer-play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8600:17:2bf2:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.neml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:1c00:2:50de:8a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.peer-play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:800:16:4d0a:52c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.neml.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	peer-play.com d.peer-play.com peer-play.com c.peer-play.com a.peer-play.com	993 KB
21	poll-central.com 1 redirects www.poll-central.com	549 KB
6	iesnare.com mpsnare.iesnare.com	37 KB
5	gstatic.com fonts.gstatic.com	103 KB
3	docguide.com dgan.docguide.com	5 KB
2	doubleclick.net 1 redirects ad.doubleclick.net	956 B
2	neml.io api.neml.io cdn.neml.io	38 KB
2	aimatch.com content.aimatch.com	249 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	presentingmedicine.com 1 redirects click.email.presentingmedicine.com	269 B
69	10

	Domain	Requested by
21	www.poll-central.com	1 redirects www.poll-central.com
12	d.peer-play.com	dgan.docguide.com d.peer-play.com cdn.neml.io
8	c.peer-play.com	d.peer-play.com
6	mpsnare.iesnare.com	www.poll-central.com mpsnare.iesnare.com cdn.neml.io
5	fonts.gstatic.com	fonts.googleapis.com
4	peer-play.com	d.peer-play.com
3	a.peer-play.com	d.peer-play.com a.peer-play.com
3	dgan.docguide.com	www.poll-central.com
2	ad.doubleclick.net	1 redirects
2	content.aimatch.com	dgan.docguide.com
1	cdn.neml.io	d.peer-play.com
1	fonts.googleapis.com	c.peer-play.com
1	api.neml.io	d.peer-play.com
1	click.email.presentingmedicine.com	1 redirects
69	14

This site contains no links.

Subject Issuer	Validity	Valid
poll-central.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-04-21`	2 years	crt.sh
tier1-usw2.oregon.delivery.aimatch.net Amazon	`2021-10-25` - `2022-11-23`	a year	crt.sh
mpsnare.iesnare.com DigiCert SHA2 Extended Validation Server CA	`2021-04-27` - `2022-05-24`	a year	crt.sh
content.aimatch.com R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
peer-play.com Go Daddy Secure Certificate Authority - G2	`2021-06-28` - `2022-07-30`	a year	crt.sh
api.neml.io Amazon	`2021-07-30` - `2022-08-28`	a year	crt.sh
c.peer-play.com Amazon	`2021-01-21` - `2022-02-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cdn.neml.io Amazon	`2021-07-30` - `2022-08-28`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
Frame ID: 39B2E4C7AB16DE20A193F97BB21AA025
Requests: 23 HTTP requests in this frame

Frame: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/random=413182444
Frame ID: B4FBDB3EB57DA58BA8D2CD61BBD1E0A6
Requests: 2 HTTP requests in this frame

Frame: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/random=708343957
Frame ID: 8063D655CFA8BA89F223D9CAE6ABC621
Requests: 2 HTTP requests in this frame

Frame: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=845x550/viewid=1635793777/spec=78/geography=US/prof=12/random=1360999156%E2%80%8B
Frame ID: 5289C616BEF020F4D7CCEFFD8A847189
Requests: 2 HTTP requests in this frame

Frame: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
Frame ID: C1474CF9E69B097419341C711253F510
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Poll Central

Page URL History Show full URLs

https://click.email.presentingmedicine.com/?qs=bc2efa11abbf950fcf93b4c9061e67dd4eab8ac0c772781ba0b4d43a98d0335e65426130... HTTP 302
http://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1 HTTP 301
https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1 Page URL

Page Statistics

69
Requests

96 %
HTTPS

42 %
IPv6

10
Domains

14
Subdomains

12
IPs

4
Countries

1975 kB
Transfer

5676 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.presentingmedicine.com/?qs=bc2efa11abbf950fcf93b4c9061e67dd4eab8ac0c772781ba0b4d43a98d0335e6542613072c51c6d4292cdc9369ff5c2 HTTP 302
http://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1 HTTP 301
https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://ad.doubleclick.net/ddm/trackimp/N7437.2091303NUMEDIS/B25121492.309616150;dc_trk_aid=502613161;dc_trk_cid=155116513;ord=1635793506555;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N7437.2091303NUMEDIS/B25121492.309616150;dc_pre=CJnqi9ft9_MCFQqKdwodxrAPWA;dc_trk_aid=502613161;dc_trk_cid=155116513;ord=1635793506555;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.poll-central.com/
Redirect Chain

https://click.email.presentingmedicine.com/?qs=bc2efa11abbf950fcf93b4c9061e67dd4eab8ac0c772781ba0b4d43a98d0335e6542613072c51c6d4292cdc9369ff5c2
http://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

31 KB
32 KB

1022ms
747ms

Document
text/html

104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

d73651aac65600c68af7a70285256cd6d2aefdb5e061b8ce2f6be229b49987b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 01 Nov 2021 19:08:52 GMT
Server: Apache/2.2.15 (CentOS)
Content-Security-Policy: upgrade-insecure-requests
X-Content-Type-Options: nosniff nosniff
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Language: en
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-Generator: Drupal 7 (http://drupal.org)
Access-Control-Allow-Origin: *
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Mon, 01 Nov 2021 19:08:51 GMT
Server: Apache/2.2.15 (CentOS)
Location: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
Content-Length: 320
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK css_kShW4RPmRstZ3SpIC-ZvVGNFVAi0WEMuCnI0ZkYIaFw.css
www.poll-central.com/sites/www.poll-central.com/files/css/ 6 KB
2 KB 270ms
91ms Stylesheet
text/css 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/css/css_kShW4RPmRstZ3SpIC-ZvVGNFVAi0WEMuCnI0ZkYIaFw.css

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

912856e113e646cb59dd2a480be66f5463455408b458432e0a7234664608685c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e91-773-5a6a4601ec65f"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 1907
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK css_1Ccf576qhClqReFx9BOJvO3Hqk0W59gvah6gRwgu2oc.css
www.poll-central.com/sites/www.poll-central.com/files/css/ 29 KB
6 KB 274ms
92ms Stylesheet
text/css 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/css/css_1Ccf576qhClqReFx9BOJvO3Hqk0W59gvah6gRwgu2oc.css

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

d4271fe7beaa84296a45e171f41389bcedc7aa4d16e7d82f6a1ea047082eda87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e93-155b-5a6a4601ee59f"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 5467
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK css_694d4nH1TxpBv8VOWf7oSBduLAdxlMGYVA3zeOn8cJc.css
www.poll-central.com/sites/www.poll-central.com/files/css/ 3 KB
1 KB 275ms
92ms Stylesheet
text/css 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/css/css_694d4nH1TxpBv8VOWf7oSBduLAdxlMGYVA3zeOn8cJc.css

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

ebde1de271f54f1a41bfc54e59fee848176e2c077194c198540df378e9fc7097

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e95-25f-5a6a4601ef927"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 607
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css
www.poll-central.com/sites/www.poll-central.com/files/css/ 137 KB
21 KB 275ms
93ms Stylesheet
text/css 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

01e4762d261bbbb6dc0992abaa0ba0ab0daadd8f679a01bb8f8a8ff0825537d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e97-53b7-5a6a4601f435f"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 21431
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK js_0RyHJ63yYLuaWsodCPCgSD8dcTIA0dqcDf8-7c2XdBw.js Show response
www.poll-central.com/sites/www.poll-central.com/files/js/ 119 KB
42 KB 277ms
93ms Script
text/javascript 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/js/js_0RyHJ63yYLuaWsodCPCgSD8dcTIA0dqcDf8-7c2XdBw.js

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

d11c8727adf260bb9a5aca1d08f0a0483f1d713200d1da9c0dff3eedcd97741c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:32 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e83-a514-5a6a45f9eb14f"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 42260
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK js_H1WOFTSmnr1tpUUs0YR9RNqgA5zupAVBPc2AE2zJ4HE.js Show response
www.poll-central.com/sites/www.poll-central.com/files/js/ 237 KB
78 KB 284ms
95ms Script
text/javascript 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/js/js_H1WOFTSmnr1tpUUs0YR9RNqgA5zupAVBPc2AE2zJ4HE.js

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

1f558e1534a69ebd6da5452cd1847d44daa0039ceea405413dcd80136cc9e071

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e99-13764-5a6a4601fa11f"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 79716
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK js_1GC17U__TMWMBSeVJWK5aMgRyTnSPrOw3EackD9VS9w.js Show response
www.poll-central.com/sites/www.poll-central.com/files/js/ 2 KB
1 KB 540ms
90ms Script
text/javascript 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/js/js_1GC17U__TMWMBSeVJWK5aMgRyTnSPrOw3EackD9VS9w.js

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

d460b5ed4fff4cc58c0527952562b968c811c939d23eb3b0dc469c903f554bdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e9b-402-5a6a4601fb88f"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 1026
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK js_9RirKqoSb4JuG_gby6WQAYbBHlTWpusjFvVaQtoLpQw.js Show response
www.poll-central.com/sites/www.poll-central.com/files/js/ 2 KB
1 KB 558ms
95ms Script
text/javascript 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/js/js_9RirKqoSb4JuG_gby6WQAYbBHlTWpusjFvVaQtoLpQw.js

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

f518ab2aaa126f826e1bf81bcba5900186c11e54d6a6eb2316f55a42da0ba50c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e9d-2e8-5a6a4601fcc17"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 744
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK logo.png
www.poll-central.com/sites/all/themes/pollcentral/ 17 KB
18 KB 275ms
91ms Image
image/png 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.poll-central.com/sites/all/themes/pollcentral/logo.png

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

c2029df3243b532af4b8e9e258e781da56d829a472f741c658458d2840dcd3d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:23:21 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e32d6-4507-5a8493d796c40"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 17671
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK js_VFNWqRUY6zeO0tc6nVADJTWYxfhledIufG20bZsQLUY.js Show response
www.poll-central.com/sites/www.poll-central.com/files/js/ 126 KB
41 KB 286ms
91ms Script
text/javascript 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/js/js_VFNWqRUY6zeO0tc6nVADJTWYxfhledIufG20bZsQLUY.js

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

545356a91518eb378ed2d73a9d5003253598c5f86579d22e7c6db46d9b102d46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:38:22 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124b01-a319-5a849733c2ecf"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 41753
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK js_dxfs7KdWVUOjM8u10vMCMDlrT7NfeelgjWJG8WiHrlk.js Show response
www.poll-central.com/sites/www.poll-central.com/files/js/ 108 KB
24 KB 274ms
90ms Script
text/javascript 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/www.poll-central.com/files/js/js_dxfs7KdWVUOjM8u10vMCMDlrT7NfeelgjWJG8WiHrlk.js

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

7717ececa7565543a333cbb5d2f30230396b4fb35f79e9608d6246f16887ae59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 17:16:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "124e8f-5f9a-5a6a4601eaeef"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 24474
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H2 200 random=413182444 Show response
dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/ Frame B4FB 447 B
693 B 1296ms
225ms Document
text/html 54.68.153.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/random=413182444
Requested by: Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.153.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-153-11.us-west-2.compute.amazonaws.com
Software: Match/6710.52d0111d1821ef4e0fa5670a41ac06746c020e98 (i-06cb326dd9ab2f20e) /
Resource Hash: d6c1e8e7795302188d86891610de1df55b6e9772240e73e1baad62daedadc080

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/

Response headers

date: Mon, 01 Nov 2021 19:05:03 GMT
content-type: text/html; charset=UTF-8
content-length: 447
server: Match/6710.52d0111d1821ef4e0fa5670a41ac06746c020e98 (i-06cb326dd9ab2f20e)
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: -1
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"

GET
H2 200 random=708343957 Show response
dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/ Frame 8063 459 B
704 B 1296ms
226ms Document
text/html 54.68.153.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/random=708343957
Requested by: Host: www.poll-central.com
URL: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.153.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-153-11.us-west-2.compute.amazonaws.com
Software: Match/6710.52d0111d1821ef4e0fa5670a41ac06746c020e98 (i-0dfa6a45a09c3ee16) /
Resource Hash: 24a0dcacef06f2f50b3d49dd4efd982f7ad0c20fa570261ea4f7b4c881ed4f7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/

Response headers

date: Mon, 01 Nov 2021 19:05:03 GMT
content-type: text/html; charset=UTF-8
content-length: 459
server: Match/6710.52d0111d1821ef4e0fa5670a41ac06746c020e98 (i-0dfa6a45a09c3ee16)
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: -1
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"

GET
H/1.1 200
OK menu-icon.png
www.poll-central.com/sites/all/themes/pollcentral/imgs/ 119 B
562 B 279ms
92ms Image
image/png 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.poll-central.com/sites/all/themes/pollcentral/imgs/menu-icon.png

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

2a6f2f887e13302561bd22a640c3a6a1def427a43e33197e172f2070a51ad30a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:23:21 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "103d8b-77-5a8493d796c40"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 119
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK header-shadow-001.png
www.poll-central.com/sites/all/themes/dgxyz/images/ 155 B
598 B 548ms
90ms Image
image/png 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.poll-central.com/sites/all/themes/dgxyz/images/header-shadow-001.png

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

3a09e5ba4f84cefe12e0cf9371452b9d3e899dab9ca9b425429535892513f38c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:23:27 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1237e1-9b-5a8493dd4f9c0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 155
Expires: Mon, 15 Nov 2021 19:08:54 GMT

GET
DATA 200
OK truncated
/ 410 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7abb88b894a3117fbaba405688f2e2d91f8f59e216d7f8dfb45375fb74e6221

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK Muli-Regular.ttf
www.poll-central.com/sites/all/themes/pollcentral/fonts/Muli/ 92 KB
93 KB 262ms
95ms Font
text/plain 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/all/themes/pollcentral/fonts/Muli/Muli-Regular.ttf

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

00134777545a7666732acea7a13f8c7c3b76133a91df484ae27aa6b328580954

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css
Origin: https://www.poll-central.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:23:20 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1601f6-17070-5a8493d6a2a00"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 94320
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK Muli-Bold.ttf
www.poll-central.com/sites/all/themes/pollcentral/fonts/Muli/ 92 KB
92 KB 259ms
90ms Font
text/plain 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/all/themes/pollcentral/fonts/Muli/Muli-Bold.ttf

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

bd931b37ac70d4c1eb7edfe59659060baf3954d3972c43701e8f2540e1f1c3b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css
Origin: https://www.poll-central.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:23:20 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1601ed-16e78-5a8493d6a2a00"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 93816
Expires: Mon, 15 Nov 2021 19:08:53 GMT

GET
H/1.1 200
OK Muli-SemiBold.ttf
www.poll-central.com/sites/all/themes/pollcentral/fonts/Muli/ 91 KB
92 KB 342ms
95ms Font
text/plain 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/sites/all/themes/pollcentral/fonts/Muli/Muli-SemiBold.ttf

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

9f62c0c7b0afb001b6864818d5011006f84cd45c662db5d87786e4f4053e806d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_AeR2LSYbu7bcCZKrqgugqw2q3Y9nmgG7j4qP8IJVN9c.css
Origin: https://www.poll-central.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:23:20 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1601f7-16de8-5a8493d6a2a00"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 93672
Expires: Mon, 15 Nov 2021 19:08:54 GMT

GET
H/1.1 200
OK snare.js Show response
mpsnare.iesnare.com/ 38 KB
13 KB 145ms
34ms Script
text/javascript 52.19.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/snare.js

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/js/js_VFNWqRUY6zeO0tc6nVADJTWYxfhledIufG20bZsQLUY.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-133-188.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e6b6e618d6946d1c9ba51b639672d72f649558bf08b0c1bc3c122466fb04b853

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 19:05:02 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

POST
H/1.1 200
OK track Show response
www.poll-central.com/ 1 B
450 B 1136ms
1003ms XHR
text/html 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/track

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/js/js_0RyHJ63yYLuaWsodCPCgSD8dcTIA0dqcDf8-7c2XdBw.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 01 Nov 2021 19:08:54 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
Content-Language: en
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET random=1360999156%E2%80%8B
dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=845x550/viewid=1635793732/spec=78/geography=US/prof=12/ Frame 5289 0
0

GET
H2 200 random=1360999156%E2%80%8B Show response
dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=845x550/viewid=1635793777/spec=78/geography=US/prof=12/ Frame 5289 3 KB
3 KB 207ms
206ms Document
text/html 54.68.153.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=845x550/viewid=1635793777/spec=78/geography=US/prof=12/random=1360999156%E2%80%8B
Requested by: Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/js/js_0RyHJ63yYLuaWsodCPCgSD8dcTIA0dqcDf8-7c2XdBw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.153.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-153-11.us-west-2.compute.amazonaws.com
Software: Match/6710.52d0111d1821ef4e0fa5670a41ac06746c020e98 (i-067068d4252d7de1e) /
Resource Hash: 58e237305870f3740e6a097f3e3b5836b3bb95e6ae3eb4158eceb484302587ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/

Response headers

date: Mon, 01 Nov 2021 19:05:03 GMT
content-type: text/html; charset=UTF-8
content-length: 3229
server: Match/6710.52d0111d1821ef4e0fa5670a41ac06746c020e98 (i-067068d4252d7de1e)
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: -1
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"

GET
H/1.1 200
OK overlay.png
www.poll-central.com/sites/all/modules/custom/interstitial/includes/images/ 937 B
1 KB 275ms
92ms Image
image/png 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.poll-central.com/sites/all/modules/custom/interstitial/includes/images/overlay.png

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_1Ccf576qhClqReFx9BOJvO3Hqk0W59gvah6gRwgu2oc.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

666383514e046613546f4623c5be6b456e0470703c244e58f67449d476e65df6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/sites/www.poll-central.com/files/css/css_1Ccf576qhClqReFx9BOJvO3Hqk0W59gvah6gRwgu2oc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:08:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 15:23:05 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1a2751-3a9-5a8493c854840"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Accept-Ranges: bytes
Content-Length: 937
Expires: Mon, 15 Nov 2021 19:08:55 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/script/ 96 B
610 B 33ms
33ms Script
text/javascript 52.19.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-133-188.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a1f87979dd7d213373e7b4b6a5a98187c55db521805e41e15339b67401e78193

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.poll-central.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Tue, 01 Nov 2022 19:05:03 GMT

GET
H2 200 130201793_TBI_300x250_2_.jpg
content.aimatch.com/dgan/2/ Frame B4FB 26 KB
26 KB 321ms
250ms Image
image/jpeg 104.85.1.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.aimatch.com/dgan/2/130201793_TBI_300x250_2_.jpg
Requested by: Host: dgan.docguide.com
URL: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/random=413182444
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.75 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d726dccd36f7453ba1069936aee9466cbddd5ea66c0c09c9ca22a02f78d07738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dgan.docguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: d3zSQDniA7p0dvtd1wkAOb2HJYf_TEBK
last-modified: Fri, 01 Oct 2021 19:01:57 GMT
server: AmazonS3
x-amz-request-id: MNA6REVZPQM87AD8
etag: "19b33925a532f39e878bc5c2a914e2dc"
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=60
date: Mon, 01 Nov 2021 19:05:04 GMT
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 26489
x-amz-id-2: wUAP4C3J/EdnfXgJ60ESKj8fAvux/d/+dJL12QNSpII7pSrW1XgmrBt+rOGvr/Sv5SRJ50gAXpQ=
expires: Mon, 01 Nov 2021 19:06:04 GMT

GET
H2 200 150206674_bnc-300x250-a_QAApp_280721.jpg
content.aimatch.com/dgan/2/ Frame 8063 221 KB
222 KB 333ms
261ms Image
image/jpeg 104.85.1.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.aimatch.com/dgan/2/150206674_bnc-300x250-a_QAApp_280721.jpg
Requested by: Host: dgan.docguide.com
URL: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=300x250/viewid=1635793732/spec=78/geography=US/prof=12/random=708343957
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.1.75 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6734865d437156badd1cf462104d9f2317f0296126ab63c6149f9d88b10bec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dgan.docguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: V3651By.4DALbCTSojRXrqN_10I1LFzp
last-modified: Wed, 28 Jul 2021 20:11:59 GMT
server: AmazonS3
x-amz-request-id: MNAEP261PEEFP003
etag: "bc14d35ca76812eb722e95e5b3eb0286"
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
cache-control: max-age=60
date: Mon, 01 Nov 2021 19:05:04 GMT
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 226755
x-amz-id-2: RkdvNa2C9lhtEc3EO8mU57oQ4KCQESrR0yamS3ZM5a3xTQemAs9OyGL6dymNTC6OO4zj6NPPXD8=
expires: Mon, 01 Nov 2021 19:06:04 GMT

GET
H/1.1 200
OK game Show response
d.peer-play.com/130201793/P1/ Frame C147 72 KB
73 KB 1035ms
679ms Document
text/html 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836

Requested by

Host: dgan.docguide.com
URL: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=845x550/viewid=1635793777/spec=78/geography=US/prof=12/random=1360999156%E2%80%8B

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

2e4fbd5390de026cf20acc3bdd1bb5ba3571cd7a80d2e8e86854929782890de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dgan.docguide.com/

Response headers

Server: nginx
Date: Mon, 01 Nov 2021 19:05:04 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=1
X-Powered-By: Express
ETag: W/"f8db-Cv0TXyxWwZjXOEvIND7A84H1GR8"
Strict-Transport-Security: max-age=1800; includeSubDomains
Content-Length: 74168

POST
H/1.1 200
OK csb_iovation Show response
www.poll-central.com/ 71 B
513 B 985ms
806ms XHR
application/json 104.130.29.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.poll-central.com/csb_iovation?mid=101368766&specialty=78&country=US&profession=12&interstitial=1

Requested by

Host: www.poll-central.com
URL: https://www.poll-central.com/sites/www.poll-central.com/files/js/js_VFNWqRUY6zeO0tc6nVADJTWYxfhledIufG20bZsQLUY.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.130.29.26 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Apache/2.2.15 (CentOS) /

Resource Hash

afb7e06ce3469a3503183207d2e0d50acad9a4cf1e0be1391299e3445bf8b670

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.poll-central.com/?mid=101368766&specialty=78&country=US&profession=12&interstitial=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 01 Nov 2021 19:08:56 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
Content-Language: en
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Content-Security-Policy: upgrade-insecure-requests
Connection: close
Content-Type: application/json
Content-Length: 71
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK styles.f921a81197b0b812d410.css
d.peer-play.com/ Frame C147 238 KB
33 KB 156ms
104ms Stylesheet
text/css 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/styles.f921a81197b0b812d410.css

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

17aec1ee2c35eece845def8f63b2c65b81d2a3dd4ceef7ea03be489d4ac5849a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:05 GMT
Content-Encoding: br
Last-Modified: Mon, 18 Oct 2021 13:38:14 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"8064-17c939fc570"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Strict-Transport-Security: max-age=1800; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 32868

GET
H/1.1 200
OK runtime-es2015.cdfb0ddb511f65fdc0a0.js Show response
d.peer-play.com/ Frame C147 1 KB
1 KB 138ms
85ms Script
application/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/runtime-es2015.cdfb0ddb511f65fdc0a0.js

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Referer: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:05 GMT
Content-Encoding: br
Last-Modified: Mon, 18 Oct 2021 13:38:12 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"282-17c939fbda0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Strict-Transport-Security: max-age=1800; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 642

GET
H/1.1 200
OK polyfills-es2015.c22f48b80b65e9b79c0e.js Show response
d.peer-play.com/ Frame C147 160 KB
46 KB 140ms
87ms Script
application/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/polyfills-es2015.c22f48b80b65e9b79c0e.js

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

41979db81604962e7fc25dc62ee527138280290318688c4194b0dc37a3af349d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Referer: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:05 GMT
Content-Encoding: br
Last-Modified: Mon, 18 Oct 2021 13:38:11 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"b6eb-17c939fb9b8"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Strict-Transport-Security: max-age=1800; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 46827

GET
H/1.1 200
OK scripts.43693d122d7c07a7c8da.js Show response
d.peer-play.com/ Frame C147 455 KB
114 KB 139ms
85ms Script
application/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/scripts.43693d122d7c07a7c8da.js

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

128188a9dcf9e2e4e4b8e1b228ee2d60f097754d7269f5ccb8abdb4bc5e7cf45

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:05 GMT
Content-Encoding: br
Last-Modified: Mon, 18 Oct 2021 13:38:13 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"1c7c9-17c939fc188"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Strict-Transport-Security: max-age=1800; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 116681

GET
H/1.1 200
OK main-es2015.80998c4dd9c46a1cada6.js Show response
d.peer-play.com/ Frame C147 3 MB
415 KB 138ms
85ms Script
application/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/main-es2015.80998c4dd9c46a1cada6.js

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

f0b9a865e2c29fb1285315963cf95371400978a45806bb6c8f65840424cd6991

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Referer: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:05 GMT
Content-Encoding: br
Last-Modified: Mon, 18 Oct 2021 13:38:04 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"67bfb-17c939f9e60"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Strict-Transport-Security: max-age=1800; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 424955

GET
H/1.1 200
OK _Incapsula_Resource
d.peer-play.com/ Frame C147 0
172 B 27ms
27ms Image
image/jpeg 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.peer-play.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5977126615394428
Requested by: Host: d.peer-play.com
URL: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),
Reverse DNS: 84.207.240.86.not-updated.eunx.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/130201793/P1/game?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: image/jpeg

OPTIONS
H/1.1 200
OK 130201793-P1.json
peer-play.com/api/mdadi/pquiz/init/ Frame 0
0 163ms
48ms Preflight
text/html 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://peer-play.com/api/mdadi/pquiz/init/130201793-P1.json?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://d.peer-play.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Mon, 01 Nov 2021 19:05:05 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: Mon, 15 Nov 2021 19:05:05 GMT
Strict-Transport-Security: max-age=1800; includeSubDomains
Access-Control-Allow-Origin: https://d.peer-play.com
Access-Control-Allow-Headers: Authorization,Origin,Content-Type,X-CSRF-Token,X-Requested-With
Access-Control-Allow-Methods: GET,PUT,POST,OPTIONS
Access-Control-Allow-Credentials: true
Content-Length: 0
Keep-Alive: timeout=1, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK 130201793-P1.json Show response
peer-play.com/api/mdadi/pquiz/init/ Frame C147 54 B
736 B 340ms
249ms XHR
application/json 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://peer-play.com/api/mdadi/pquiz/init/130201793-P1.json?v=2

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/polyfills-es2015.c22f48b80b65e9b79c0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

Apache /

Resource Hash

4502a03e00d54b4a2f6da8702f5311c03ac88b60c491af2f4d404be2c4441e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://d.peer-play.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 01 Nov 2021 19:05:05 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache
Strict-Transport-Security: max-age=1800; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://d.peer-play.com
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=1, max=200
Content-Length: 54
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 info Show response
api.neml.io/geo/ Frame C147 86 B
616 B 396ms
314ms XHR
application/json 2600:9000:2156:8600:17:2bf2:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.neml.io/geo/info
Requested by: Host: d.peer-play.com
URL: https://d.peer-play.com/polyfills-es2015.c22f48b80b65e9b79c0e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8600:17:2bf2:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0758bd944ffb4fd62aaa61ffb2249fec76a11f40f919a7dfe27018fb9f236d0

Request headers

Accept: application/json, text/plain, */*
Referer: https://d.peer-play.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 19:05:06 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P4, FRA50-C1
x-amzn-requestid: 6c268ff4-b696-4f73-a8b6-8c9cffc601ce
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
x-amzn-trace-id: Root=1-61803a62-6980cb8e31b4718c058cf2dc;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: II4PYFkxjoEF62Q=
content-length: 99
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront), 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
access-control-allow-headers: *
x-amz-cf-id: S_gt9TxFDERx3o1qEdEgdTp078Ra50dHWvl7OgAlrW2_enVs2XVjLA==

GET
H2 200 domain_v4.css
c.peer-play.com/assets/css/ Frame C147 25 KB
6 KB 264ms
170ms Stylesheet
text/css 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.peer-play.com/assets/css/domain_v4.css
Requested by: Host: d.peer-play.com
URL: https://d.peer-play.com/main-es2015.80998c4dd9c46a1cada6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 986fc2cafe6002dde5c55087923e53e696b6341d599aad50f062765be393986c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 19:05:07 GMT
content-encoding: gzip
last-modified: Thu, 13 Feb 2020 22:01:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"61b281348ec03f4479d3b8b86027dc99"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-id: f32h03dYO_nUleMFcbrvTkvHRSAeynFWZJRZUWVFCuPnEvCFcIFozw==

GET
H2 200 general21.css
c.peer-play.com/programs/130201793/css/ Frame C147 9 KB
2 KB 260ms
166ms Stylesheet
text/css 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.peer-play.com/programs/130201793/css/general21.css
Requested by: Host: d.peer-play.com
URL: https://d.peer-play.com/main-es2015.80998c4dd9c46a1cada6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98a8d447439b209c920ea27de8768b8e211a323a3169046feaa361d60e47ecdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 19:05:07 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 15:19:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"405b32081812ad98b9d1e5ccb5b4a29c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-id: gEPwrnbYf77dcDtJwT35Ev4LrGsfU_GMeywkGWjyA-gEzTGeeN4f5w==

GET
H2 200 css
fonts.googleapis.com/ Frame C147 8 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,400i,600,600i|Barlow+Condensed:400,400i,600,600i

Requested by

Host: c.peer-play.com
URL: https://c.peer-play.com/assets/css/domain_v4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

866753098c7de11d1b4acaea29608b6663d07b68b217961f3d5b4cb3bec3164a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 19:05:06 GMT
server: ESF
date: Mon, 01 Nov 2021 19:05:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 01 Nov 2021 19:05:06 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/ Frame C147 20 KB
21 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,600i|Barlow+Condensed:400,400i,600,600i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 13:29:55 GMT
x-content-type-options: nosniff
age: 452111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20444
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 13:29:55 GMT

GET
H2 200 PP2019_domain.js Show response
c.peer-play.com/assets/js/ Frame C147 2 KB
1 KB 16ms
16ms Script
application/javascript 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.peer-play.com/assets/js/PP2019_domain.js
Requested by: Host: d.peer-play.com
URL: https://d.peer-play.com/main-es2015.80998c4dd9c46a1cada6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67d59ae7da167fddbbeeea868512e6ffeb3573263bff973ebac331f252ded558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 00:20:21 GMT
content-encoding: gzip
last-modified: Thu, 23 Jan 2020 16:35:09 GMT
server: AmazonS3
age: 672286
etag: W/"2bb0b25f4670c44fd16076e6b37b4592"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jCKwkpDEfcOJuIAssTK6aKABFOjFt7okq8flFjTO8DMpu3W5FBxD9w==

GET
H2 200 tag.js Show response
c.peer-play.com/programs/130201793/js/ Frame C147 429 B
758 B 153ms
153ms Script
application/x-javascript 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.peer-play.com/programs/130201793/js/tag.js
Requested by: Host: d.peer-play.com
URL: https://d.peer-play.com/main-es2015.80998c4dd9c46a1cada6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f51d047695ca0503a55e28f5810dad880a1975ca9c0028194879e269b74431db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 19:05:07 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Mon, 02 Aug 2021 20:28:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "5e308a35d04fb034422da47dbfdb6d9d"
x-cache: Miss from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 429
x-amz-cf-id: MNn4cFwvGMER5xXAzOXcEGTeexRq-H_FPmmX_1Jz6Q5Q9JbzsRVfNA==

GET
H/1.1 200
OK pwk.js Show response
a.peer-play.com/ Frame C147 96 KB
96 KB 174ms
57ms Script
application/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://a.peer-play.com/pwk.js

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/main-es2015.80998c4dd9c46a1cada6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx /

Resource Hash

12691bb01f7615ed0b4f0e3d906b9e8f92db1a567421299892035d928bb9a794

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
Last-Modified: Fri, 15 Oct 2021 14:42:23 GMT
Server: nginx
ETag: "6169934f-17e18"
Strict-Transport-Security: max-age=1800; includeSubDomains
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 97816

OPTIONS
H/1.1 200
OK 0.json
peer-play.com/api/mdadi/pquiz/score/130201793-p1/ Frame 0
0 31ms
31ms Preflight
text/html 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://peer-play.com/api/mdadi/pquiz/score/130201793-p1/0.json?v=2.json

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://d.peer-play.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: Mon, 15 Nov 2021 19:05:06 GMT
Strict-Transport-Security: max-age=1800; includeSubDomains
Access-Control-Allow-Origin: https://d.peer-play.com
Access-Control-Allow-Headers: Authorization,Origin,Content-Type,X-CSRF-Token,X-Requested-With
Access-Control-Allow-Methods: GET,PUT,POST,OPTIONS
Access-Control-Allow-Credentials: true
Content-Length: 0
Keep-Alive: timeout=1, max=199
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 client.js Show response
cdn.neml.io/device/ Frame C147 37 KB
38 KB 88ms
11ms Script
application/javascript 2600:9000:2156:800:16:4d0a:52c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neml.io/device/client.js
Requested by: Host: d.peer-play.com
URL: https://d.peer-play.com/main-es2015.80998c4dd9c46a1cada6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:16:4d0a:52c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e3185687e98d6d7ed40234da99cb0e8d5f86b980345ada09e9cd6e4aa854058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:50:33 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified: Mon, 20 Sep 2021 15:50:24 GMT
server: AmazonS3
age: 62074
etag: "cf6516cd580470b04bff1d569cc1a099"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 38335
x-amz-cf-id: q9sivHawq4CeyKavHE7XqZojn8UH6KC3DaUMZSiqUILCnk6xbNMGVg==

GET
H/1.1 200
OK glyphicons-regular.aca35251952e72d9e32d.woff2
d.peer-play.com/ Frame C147 94 KB
95 KB 106ms
52ms Font
font/woff2 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/glyphicons-regular.aca35251952e72d9e32d.woff2

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/styles.f921a81197b0b812d410.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Referer: https://d.peer-play.com/styles.f921a81197b0b812d410.css
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
Last-Modified: Mon, 18 Oct 2021 13:35:09 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"17884-17c939cf2c8"
Strict-Transport-Security: max-age=1800; includeSubDomains
Content-Type: font/woff2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 96388

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame C147 20 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,600i|Barlow+Condensed:400,400i,600,600i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

604f11b1aa0c94217abb80eb7a5c7de728f9463e4f045fe8a34339f438a50cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 06:12:21 GMT
x-content-type-options: nosniff
age: 305565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20500
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 06:12:21 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v5/ Frame C147 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,600i|Barlow+Condensed:400,400i,600,600i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 10:50:27 GMT
x-content-type-options: nosniff
age: 29679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21072
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 10:50:27 GMT

POST
H/1.1 200
OK 0.json Show response
peer-play.com/api/mdadi/pquiz/score/130201793-p1/ Frame C147 104 B
787 B 741ms
741ms XHR
application/json 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://peer-play.com/api/mdadi/pquiz/score/130201793-p1/0.json?v=2.json

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/polyfills-es2015.c22f48b80b65e9b79c0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

Apache /

Resource Hash

fff3b1f9ba209cb1aad2392ad34e6ef456eb5c37a9a9451b78357e3afa7ad5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains
X-Content-Type-Options	nosniff, nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://d.peer-play.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache
Strict-Transport-Security: max-age=1800; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://d.peer-play.com
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=1, max=199
Content-Length: 104
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame C147 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,600i|Barlow+Condensed:400,400i,600,600i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32387836fb24cb0196a59da5f3fc92cff01d4a88f35aecd7f4d49785179aff88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:36:58 GMT
x-content-type-options: nosniff
age: 365288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19492
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 13:36:58 GMT

GET
H2 200 7cHrv4kjgoGqM7E_Cfs7wH8.woff2
fonts.gstatic.com/s/barlow/v5/ Frame C147 22 KB
22 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wH8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,400i,600,600i|Barlow+Condensed:400,400i,600,600i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d.peer-play.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:54:12 GMT
x-content-type-options: nosniff
age: 310254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22548
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 04:54:12 GMT

GET
H/1.1 200
OK loading.gif
d.peer-play.com/assets/images/ Frame C147 1 KB
1 KB 101ms
47ms Image
image/gif 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d.peer-play.com/assets/images/loading.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx / Express

Resource Hash

6f578841271e49a72efc7e9281a47907aac4269038f674162955b82b8ca174d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/130201793/Game/Question1?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836&CountryID=GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
Last-Modified: Mon, 18 Oct 2021 13:35:09 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"454-17c939cf2c8"
Strict-Transport-Security: max-age=1800; includeSubDomains
Content-Type: image/gif
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1
Content-Length: 1108

GET
H2 200 logo_gray.jpg
c.peer-play.com/assets/images/ Frame C147 25 KB
26 KB 18ms
17ms Image
image/jpeg 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.peer-play.com/assets/images/logo_gray.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47ae979713b7225c1fb061b8386c7125702ac9cee67bf516a978428222b8a2e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 00:20:23 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 13:17:52 GMT
server: AmazonS3
age: 672284
etag: "cab64b7297c6bbe83569067a263e1ffb"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 25863
x-amz-cf-id: GRD6aoWeKXu82xxwLUQz_dVyp44BaTy37NVOqlbd8U4RbjuPOctNAw==

GET
H2 200 ppicon_gray.png
c.peer-play.com/assets/images/ Frame C147 5 KB
5 KB 21ms
20ms Image
image/png 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.peer-play.com/assets/images/ppicon_gray.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fe5bd98b90c1f7a142c20c1327656764167a2513e6d37ae768e34e6d14faf38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 00:20:23 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 13:20:30 GMT
server: AmazonS3
age: 672284
etag: "e27759f22dacfc39e86ef51d76ae9ddb"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4625
x-amz-cf-id: IYpVOR7jm4uRNEMRFh35gildvlYgzaIsioY3m20k1fhXyvqQx8WdiQ==

GET
H2 200 novartis.png
c.peer-play.com/programs/130201793/img/ Frame C147 12 KB
12 KB 171ms
170ms Image
image/png 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.peer-play.com/programs/130201793/img/novartis.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd46fbba735939f1bf8225c7d0f4a09440f2fa7c907f26f47a9b7f2f5d5a176a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 19:05:07 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 02:07:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "da5b4c6827c1de116579ce34e4347369"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 12377
x-amz-cf-id: QZD6tftesZ1o6RDjEYNAxq3-lgvtOi-YhBKKMdiesYDIisHckl3uBw==

GET
H2 200 piqray.png
c.peer-play.com/programs/130201793/img/ Frame C147 20 KB
20 KB 166ms
166ms Image
image/png 2600:9000:2156:1c00:2:50de:8a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.peer-play.com/programs/130201793/img/piqray.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1c00:2:50de:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81dd2cf9925e8b8fc4444d1e1f6c694a9718f9cd286c43ab328583877b8731e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 19:05:07 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 02:07:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "14d4a35881960e4f42e4e26d65a0e5de"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 20427
x-amz-cf-id: prvCu9-BYvC06i1Wx8OwXezpMjuXLsRpYNgFKS7Ehm6XJOCeiOev0w==

GET
H2

200

B25121492.309616150;dc_pre=CJnqi9ft9_MCFQqKdwodxrAPWA;dc_trk_aid=502613161;dc_trk_cid=155116513;ord=1635793506555;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N7437.2091303NUMEDIS/ Frame C147
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N7437.2091303NUMEDIS/B25121492.309616150;dc_trk_aid=502613161;dc_trk_cid=155116513;ord=1635793506555;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimp/N7437.2091303NUMEDIS/B25121492.309616150;dc_pre=CJnqi9ft9_MCFQqKdwodxrAPWA;dc_trk_aid=502613161;dc_trk_cid=155116513;ord=1635793506555;dc_lat=;dc_rdid=;tag_f...

42 B
220 B

28ms
27ms

Image
image/gif

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N7437.2091303NUMEDIS/B25121492.309616150;dc_pre=CJnqi9ft9_MCFQqKdwodxrAPWA;dc_trk_aid=502613161;dc_trk_cid=155116513;ord=1635793506555;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Protocol

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 19:05:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 19:05:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N7437.2091303NUMEDIS/B25121492.309616150;dc_pre=CJnqi9ft9_MCFQqKdwodxrAPWA;dc_trk_aid=502613161;dc_trk_cid=155116513;ord=1635793506555;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK static_wdp.js Show response
d.peer-play.com/prx/iojs/general5/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ Frame C147 39 KB
40 KB 188ms
140ms Script
text/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/prx/iojs/general5/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: cdn.neml.io
URL: https://cdn.neml.io/device/client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx /

Resource Hash

9a184c870b25bf7b299f7fb8bd05d7d2d4e3964b581d07dde036f9083ddfd431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=1800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/130201793/Game/Question1?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836&CountryID=GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=31536000; includeSubdomains, max-age=1800; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=1
Content-Length: 40133
Server: nginx
Expires: Wed, 01 Dec 2021 19:05:06 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ Frame C147 44 KB
20 KB 59ms
58ms Script
text/javascript 52.19.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: cdn.neml.io
URL: https://cdn.neml.io/device/client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-133-188.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a3a057139e4f17294a0b6028608c87862ce54e4fd9a707a9346eede005763e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 19:05:06 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

POST
H/1.1 204
No Response matomo.php
a.peer-play.com/ Frame C147 0
378 B 89ms
88ms Ping
text/html 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://a.peer-play.com/matomo.php?action_name=update&idsite=96&rec=1&r=346845&h=19&m=5&s=6&url=https%3A%2F%2Fd.peer-play.com%2F130201793%2FP1%2Fgame%3FMemberID%3D101368766%26SpecialtyID%3D78%26ProfessionID%3D12%26AudienceID%3Dpollcentral%26Promocode%3D836%26CountryID%3DGB&urlref=https%3A%2F%2Fdgan.docguide.com%2F&_id=e5685bb4a8a67c3e&_idn=1&_refts=1635793507&_ref=https%3A%2F%2Fdgan.docguide.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22%22%2C%22%22%5D%2C%222%22%3A%5B%22%22%2C%22%22%5D%2C%223%22%3A%5B%22%22%2C%22%22%5D%2C%224%22%3A%5B%22%22%2C%22%22%5D%2C%225%22%3A%5B%22%22%2C%22%22%5D%2C%226%22%3A%5B%22%22%2C%22%22%5D%2C%227%22%3A%5B%22%22%2C%22%22%5D%2C%228%22%3A%5B%22%22%2C%22%22%5D%2C%229%22%3A%5B%22%22%2C%22%22%5D%2C%2210%22%3A%5B%22%22%2C%22%22%5D%7D&_cvar=%7B%221%22%3A%5B%22MemberID%22%2C%22101368766%22%5D%2C%222%22%3A%5B%22EmailID%22%2C%22%22%5D%2C%223%22%3A%5B%22SpecialtyID%22%2C%2278%22%5D%2C%224%22%3A%5B%22CountryID%22%2C%22GB%22%5D%2C%225%22%3A%5B%22qsession%22%2C%22qs61803a61d615b%22%5D%2C%226%22%3A%5B%22ProfessionID%22%2C%2212%22%5D%2C%227%22%3A%5B%22AOMID%22%2C%22%22%5D%2C%228%22%3A%5B%22AudienceID%22%2C%22pollcentral%22%5D%2C%229%22%3A%5B%22PSLDeviceID%22%2C%22%22%5D%7D&pv_id=aeu9o2&new_visit=0&pf_net=357&pf_srv=679&pf_tfr=122&pf_dm1=241&pf_dm2=275&pf_onl=0

Requested by

Host: a.peer-play.com
URL: https://a.peer-play.com/pwk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Referer: https://d.peer-play.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
Content-Encoding: none
Server: nginx
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://d.peer-play.com
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1800; includeSubDomains
Keep-Alive: timeout=1
Content-Length: 0

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.4.0/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ Frame C147 477 B
910 B 34ms
33ms Script
text/javascript 52.19.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.4.0/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-133-188.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3c568129c8da20b23345beede4a7faa1d42639813439fa6898214a3c4bd38fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Tue, 01 Nov 2022 19:05:06 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ Frame C147 504 B
881 B 57ms
32ms Media
audio/mpeg 52.19.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.13775330953238174

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-133-188.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2513c99bd4c235c4c21ca48ab6e9c94258d59640afbdeeefbb1b0b335966ce68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://d.peer-play.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 01 Nov 2021 19:05:06 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dyn_wdp.js Show response
d.peer-play.com/prx/iojs/5.4.0/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ Frame C147 2 KB
3 KB 99ms
99ms Script
text/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/prx/iojs/5.4.0/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Requested by

Host: cdn.neml.io
URL: https://cdn.neml.io/device/client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx /

Resource Hash

35b20cfaba1c6bc445e72fcb133b397132f6ed0b6d5af949d744f55f6739e191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=1800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/130201793/Game/Question1?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836&CountryID=GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 19:05:06 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=31536000; includeSubdomains, max-age=1800; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=1
Content-Length: 2418
Server: nginx
Expires: 0

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ Frame C147 504 B
881 B 32ms
31ms Media
audio/mpeg 52.19.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.35186893038657185

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-133-188.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2513c99bd4c235c4c21ca48ab6e9c94258d59640afbdeeefbb1b0b335966ce68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://d.peer-play.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Mon, 01 Nov 2021 19:05:06 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK logo.js Show response
d.peer-play.com/prx/iojs/5.4.0/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/ Frame C147 477 B
1020 B 100ms
100ms Script
text/javascript 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.peer-play.com/prx/iojs/5.4.0/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/logo.js

Requested by

Host: d.peer-play.com
URL: https://d.peer-play.com/prx/iojs/general5/5FExse%2BoA1134BhiwCF2EeQ1TfisPJGha4CpVG2nd7E%3D/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx /

Resource Hash

03c065e91230ab074f3a68415364ead0387d1c378edceef8944b613d2188197b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=1800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d.peer-play.com/130201793/Game/Question1?MemberID=101368766&SpecialtyID=78&ProfessionID=12&AudienceID=pollcentral&Promocode=836&CountryID=GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 19:05:07 GMT
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=31536000; includeSubdomains, max-age=1800; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=1
Content-Length: 477
Server: nginx
Expires: Tue, 01 Nov 2022 19:05:07 GMT

POST info
api.neml.io/device/ Frame C147 0
0

POST
H/1.1 204
No Response matomo.php
a.peer-play.com/ Frame C147 0
378 B 90ms
90ms Ping
text/html 84.207.240.86
LAMBDANET-AS Euro...

General

Check archive.org

Show headers Download Go to

Full URL

https://a.peer-play.com/matomo.php?action_name=view%2FQuestion1&idsite=96&rec=1&r=493568&h=19&m=5&s=6&url=https%3A%2F%2Fd.peer-play.com%2F130201793%2FGame%2FQuestion1%3FMemberID%3D101368766%26SpecialtyID%3D78%26ProfessionID%3D12%26AudienceID%3Dpollcentral%26Promocode%3D836%26CountryID%3DGB&urlref=https%3A%2F%2Fdgan.docguide.com%2F&_id=6c401e36987659b4&_idn=1&_refts=1635793507&_ref=https%3A%2F%2Fdgan.docguide.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22ProjectNumber%22%2C%22130201793-p1%22%5D%2C%222%22%3A%5B%22PromoCode%22%2C%22836%22%5D%2C%223%22%3A%5B%22CampaignID%22%2C%22%22%5D%2C%224%22%3A%5B%22Collection%22%2C%22130201793%22%5D%2C%225%22%3A%5B%22%22%2C%22%22%5D%2C%226%22%3A%5B%22%22%2C%22%22%5D%2C%227%22%3A%5B%22%22%2C%22%22%5D%2C%228%22%3A%5B%22%22%2C%22%22%5D%2C%229%22%3A%5B%22%22%2C%22%22%5D%2C%2210%22%3A%5B%22%22%2C%22%22%5D%7D&_cvar=%7B%221%22%3A%5B%22MemberID%22%2C%22101368766%22%5D%2C%222%22%3A%5B%22EmailID%22%2C%22%22%5D%2C%223%22%3A%5B%22SpecialtyID%22%2C%2278%22%5D%2C%224%22%3A%5B%22CountryID%22%2C%22GB%22%5D%2C%225%22%3A%5B%22qsession%22%2C%22qs61803a61d615b%22%5D%2C%226%22%3A%5B%22ProfessionID%22%2C%2212%22%5D%2C%227%22%3A%5B%22AOMID%22%2C%22%22%5D%2C%228%22%3A%5B%22AudienceID%22%2C%22pollcentral%22%5D%2C%229%22%3A%5B%22PSLDeviceID%22%2C%22%22%5D%7D&pv_id=f4oojG&new_visit=1&pf_net=357&pf_srv=679&pf_tfr=122&pf_dm1=241&pf_dm2=275&pf_onl=0

Requested by

Host: a.peer-play.com
URL: https://a.peer-play.com/pwk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.207.240.86 , Germany, ASN13237 (LAMBDANET-AS European Backbone of AS13237, DE),

Reverse DNS

84.207.240.86.not-updated.eunx.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1800; includeSubDomains

Request headers

Referer: https://d.peer-play.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Mon, 01 Nov 2021 19:05:07 GMT
Content-Encoding: none
Server: nginx
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://d.peer-play.com
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1800; includeSubDomains
Keep-Alive: timeout=1
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dgan.docguide.com
URL: https://dgan.docguide.com/dgan/hserver/mid=101368766/personid=101368766/property=pollcentral/size=845x550/viewid=1635793732/spec=78/geography=US/prof=12/random=1360999156%E2%80%8B

Domain: api.neml.io
URL: https://api.neml.io/device/info

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.poll-central.com/	1970-01-19 22:56:33	Name: SSESS5156c607ce9f2c66eae6173a03ef35af Value: 2rOE18d0VI5cKnPoLr1PJsVJJ0qFlwzCYae9G2p1lyw
www.poll-central.com/	1969-12-31 23:59:59	Name: has_js Value: 1
mpsnare.iesnare.com/	1970-01-20 07:08:49	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: jGNBGRMutqiUkZnh8hrq/73whBJIuuPFghCkCNXcZgQ=
www.poll-central.com/	1970-01-20 02:42:25	Name: idkey Value: Y2tEeHZTdFJKc0RQakMrM01yVmt2V0tJajkwWjJuM2VidGdxL0RrdXJ0ND0=
.doubleclick.net/	1970-01-19 22:23:14	Name: test_cookie Value: CheckForPermission
d.peer-play.com/	1970-01-20 07:08:49	Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 4ZN8AIi+dbSyCu34vjUcwuA/IuVO0QziTFDpm4VHmdY=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.poll-central.com/sites/www.poll-central.com/files/js/js_0RyHJ63yYLuaWsodCPCgSD8dcTIA0dqcDf8-7c2XdBw.js(Line 3) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
javascript	warning	URL: https://d.peer-play.com/polyfills-es2015.c22f48b80b65e9b79c0e.js(Line 1) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://d.peer-play.com/polyfills-es2015.c22f48b80b65e9b79c0e.js(Line 1) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.peer-play.com
ad.doubleclick.net
api.neml.io
c.peer-play.com
cdn.neml.io
click.email.presentingmedicine.com
content.aimatch.com
d.peer-play.com
dgan.docguide.com
fonts.googleapis.com
fonts.gstatic.com
mpsnare.iesnare.com
peer-play.com
www.poll-central.com
api.neml.io
dgan.docguide.com
104.130.29.26
104.85.1.75
13.111.39.110
142.250.186.102
2600:9000:2156:1c00:2:50de:8a00:93a1
2600:9000:2156:800:16:4d0a:52c0:93a1
2600:9000:2156:8600:17:2bf2:b180:93a1
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2003
52.19.133.188
54.68.153.11
84.207.240.86
00134777545a7666732acea7a13f8c7c3b76133a91df484ae27aa6b328580954
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01e4762d261bbbb6dc0992abaa0ba0ab0daadd8f679a01bb8f8a8ff0825537d7
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
03c065e91230ab074f3a68415364ead0387d1c378edceef8944b613d2188197b
12691bb01f7615ed0b4f0e3d906b9e8f92db1a567421299892035d928bb9a794
128188a9dcf9e2e4e4b8e1b228ee2d60f097754d7269f5ccb8abdb4bc5e7cf45
17aec1ee2c35eece845def8f63b2c65b81d2a3dd4ceef7ea03be489d4ac5849a
1f558e1534a69ebd6da5452cd1847d44daa0039ceea405413dcd80136cc9e071
24a0dcacef06f2f50b3d49dd4efd982f7ad0c20fa570261ea4f7b4c881ed4f7c
2513c99bd4c235c4c21ca48ab6e9c94258d59640afbdeeefbb1b0b335966ce68
2a6f2f887e13302561bd22a640c3a6a1def427a43e33197e172f2070a51ad30a
2e3185687e98d6d7ed40234da99cb0e8d5f86b980345ada09e9cd6e4aa854058
2e4fbd5390de026cf20acc3bdd1bb5ba3571cd7a80d2e8e86854929782890de2
32387836fb24cb0196a59da5f3fc92cff01d4a88f35aecd7f4d49785179aff88
35b20cfaba1c6bc445e72fcb133b397132f6ed0b6d5af949d744f55f6739e191
3a09e5ba4f84cefe12e0cf9371452b9d3e899dab9ca9b425429535892513f38c
3c568129c8da20b23345beede4a7faa1d42639813439fa6898214a3c4bd38fe4
41979db81604962e7fc25dc62ee527138280290318688c4194b0dc37a3af349d
4502a03e00d54b4a2f6da8702f5311c03ac88b60c491af2f4d404be2c4441e50
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
47ae979713b7225c1fb061b8386c7125702ac9cee67bf516a978428222b8a2e1
545356a91518eb378ed2d73a9d5003253598c5f86579d22e7c6db46d9b102d46
58e237305870f3740e6a097f3e3b5836b3bb95e6ae3eb4158eceb484302587ea
604f11b1aa0c94217abb80eb7a5c7de728f9463e4f045fe8a34339f438a50cec
62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497
666383514e046613546f4623c5be6b456e0470703c244e58f67449d476e65df6
67d59ae7da167fddbbeeea868512e6ffeb3573263bff973ebac331f252ded558
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
6f578841271e49a72efc7e9281a47907aac4269038f674162955b82b8ca174d3
7717ececa7565543a333cbb5d2f30230396b4fb35f79e9608d6246f16887ae59
7fe5bd98b90c1f7a142c20c1327656764167a2513e6d37ae768e34e6d14faf38
81dd2cf9925e8b8fc4444d1e1f6c694a9718f9cd286c43ab328583877b8731e4
866753098c7de11d1b4acaea29608b6663d07b68b217961f3d5b4cb3bec3164a
912856e113e646cb59dd2a480be66f5463455408b458432e0a7234664608685c
986fc2cafe6002dde5c55087923e53e696b6341d599aad50f062765be393986c
98a8d447439b209c920ea27de8768b8e211a323a3169046feaa361d60e47ecdd
9a184c870b25bf7b299f7fb8bd05d7d2d4e3964b581d07dde036f9083ddfd431
9f62c0c7b0afb001b6864818d5011006f84cd45c662db5d87786e4f4053e806d
a0758bd944ffb4fd62aaa61ffb2249fec76a11f40f919a7dfe27018fb9f236d0
a1f87979dd7d213373e7b4b6a5a98187c55db521805e41e15339b67401e78193
a3a057139e4f17294a0b6028608c87862ce54e4fd9a707a9346eede005763e06
afb7e06ce3469a3503183207d2e0d50acad9a4cf1e0be1391299e3445bf8b670
bd931b37ac70d4c1eb7edfe59659060baf3954d3972c43701e8f2540e1f1c3b2
c2029df3243b532af4b8e9e258e781da56d829a472f741c658458d2840dcd3d7
d11c8727adf260bb9a5aca1d08f0a0483f1d713200d1da9c0dff3eedcd97741c
d4271fe7beaa84296a45e171f41389bcedc7aa4d16e7d82f6a1ea047082eda87
d460b5ed4fff4cc58c0527952562b968c811c939d23eb3b0dc469c903f554bdc
d6c1e8e7795302188d86891610de1df55b6e9772240e73e1baad62daedadc080
d726dccd36f7453ba1069936aee9466cbddd5ea66c0c09c9ca22a02f78d07738
d73651aac65600c68af7a70285256cd6d2aefdb5e061b8ce2f6be229b49987b4
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b6e618d6946d1c9ba51b639672d72f649558bf08b0c1bc3c122466fb04b853
e7abb88b894a3117fbaba405688f2e2d91f8f59e216d7f8dfb45375fb74e6221
ebde1de271f54f1a41bfc54e59fee848176e2c077194c198540df378e9fc7097
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b9a865e2c29fb1285315963cf95371400978a45806bb6c8f65840424cd6991
f518ab2aaa126f826e1bf81bcba5900186c11e54d6a6eb2316f55a42da0ba50c
f51d047695ca0503a55e28f5810dad880a1975ca9c0028194879e269b74431db
f6734865d437156badd1cf462104d9f2317f0296126ab63c6149f9d88b10bec1
fd46fbba735939f1bf8225c7d0f4a09440f2fa7c907f26f47a9b7f2f5d5a176a
fff3b1f9ba209cb1aad2392ad34e6ef456eb5c37a9a9451b78357e3afa7ad5e4

www.poll-central.com Open in urlscan Pro 104.130.29.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

69 Requests

96 %HTTPS

42 %IPv6

10 Domains

14 Subdomains

12 IPs

4 Countries

1975 kBTransfer

5676 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.poll-central.com Open in urlscan Pro
104.130.29.26 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

96 %
HTTPS

42 %
IPv6

10
Domains

14
Subdomains

12
IPs

4
Countries

1975 kB
Transfer

5676 kB
Size

6
Cookies

69 HTTP transactions
1 data transactions