urlscan.io logo urlscan.io
SecurityTrails logo

quiz.camplejeuneinjured.com Open in urlscan Pro
3.213.181.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html#qs=r-aficjagkejiicibafgekdkhacbebkbgfafgciiabababadhadfiaceaihgacgchacfhcg...
Effective URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_camp...
Submission: On October 05 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 6 countries across 22 domains to perform 48 HTTP transactions. The main IP is 3.213.181.94, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is quiz.camplejeuneinjured.com.
TLS certificate: Issued by R3 on August 26th 2022. Valid for: 3 months.
This is the only time quiz.camplejeuneinjured.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.217.66.92 16509 (AMAZON-02)
1 1 43.243.194.13 55933 (CLOUDIE-A...)
2 173.213.121.86 62904 (AS62904)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.54 16509 (AMAZON-02)
2 18.168.218.195 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.209.191.2 14618 (AMAZON-AES)
1 1 34.253.72.70 16509 (AMAZON-02)
6 3.213.181.94 14618 (AMAZON-AES)
5 13.225.78.86 16509 (AMAZON-02)
1 13.224.189.42 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42::729 54113 (FASTLY)
1 13.225.84.174 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2001:4860:480... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 212.82.100.181 34010 (YAHOO-IRD)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.84.91.180 14618 (AMAZON-AES)
48 24
1    52.217.66.92 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
jhfklmzmza.s3.amazonaws.com
1    43.243.194.13 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)
PTR: mail-nfsstat.setuppool.com
emk2.giize.com
2    173.213.121.86 (United States)

ASN62904 (AS62904, US)
moonlightday.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.225.78.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-54.fra2.r.cloudfront.net
static.traversedlp.com
2    18.168.218.195 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-218-195.eu-west-2.compute.amazonaws.com
script.anura.io
1    2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
3    54.209.191.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-191-2.compute-1.amazonaws.com
api.traversedlp.com
1    34.253.72.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-72-70.eu-west-1.compute.amazonaws.com
go.shetrack.com
6    3.213.181.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-181-94.compute-1.amazonaws.com
quiz.camplejeuneinjured.com
5    13.225.78.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-86.fra2.r.cloudfront.net
static.leadshook.io
1    13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net
polyfill.leadshook.io
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    13.225.84.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-174.fra2.r.cloudfront.net
d2zdr2rqflfo3.cloudfront.net
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    54.84.91.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-91-180.compute-1.amazonaws.com
sentry.leadshook.io
Apex Domain
Subdomains		 Transfer
7 leadshook.io
static.leadshook.io — Cisco Umbrella Rank: 467807
polyfill.leadshook.io — Cisco Umbrella Rank: 551925
sentry.leadshook.io
1017 KB
6 camplejeuneinjured.com
quiz.camplejeuneinjured.com
19 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
252 B
4 traversedlp.com
static.traversedlp.com — Cisco Umbrella Rank: 42013
api.traversedlp.com — Cisco Umbrella Rank: 9830
5 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2144
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
3 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4869
50 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
146 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 650
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
111 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 358
29 KB
2 anura.io
script.anura.io — Cisco Umbrella Rank: 53469
20 KB
2 moonlightday.com
moonlightday.com
7 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3460
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 19
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
451 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1787
632 B
1 cloudfront.net
d2zdr2rqflfo3.cloudfront.net
411 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
8 KB
1 shetrack.com
go.shetrack.com — Cisco Umbrella Rank: 754697
2 KB
1 aimtell.com
signals.aimtell.com — Cisco Umbrella Rank: 4441
260 B
1 giize.com
emk2.giize.com
355 B
1 amazonaws.com
jhfklmzmza.s3.amazonaws.com
458 B
48 22
Domain Requested by
6 quiz.camplejeuneinjured.com moonlightday.com
browser.sentry-cdn.com
5 static.leadshook.io quiz.camplejeuneinjured.com
4 www.facebook.com quiz.camplejeuneinjured.com
3 browser.sentry-cdn.com quiz.camplejeuneinjured.com
3 api.traversedlp.com static.traversedlp.com
3 www.googletagmanager.com moonlightday.com
quiz.camplejeuneinjured.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
browser.sentry-cdn.com
2 s.yimg.com jhfklmzmza.s3.amazonaws.com
browser.sentry-cdn.com
2 connect.facebook.net jhfklmzmza.s3.amazonaws.com
connect.facebook.net
2 cdnjs.cloudflare.com quiz.camplejeuneinjured.com
2 script.anura.io jhfklmzmza.s3.amazonaws.com
script.anura.io
2 moonlightday.com jhfklmzmza.s3.amazonaws.com
moonlightday.com
1 sentry.leadshook.io browser.sentry-cdn.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net browser.sentry-cdn.com
1 sp.analytics.yahoo.com quiz.camplejeuneinjured.com
1 region1.google-analytics.com www.googletagmanager.com
1 d2zdr2rqflfo3.cloudfront.net quiz.camplejeuneinjured.com
1 fonts.googleapis.com quiz.camplejeuneinjured.com
1 polyfill.leadshook.io quiz.camplejeuneinjured.com
1 go.shetrack.com 1 redirects
1 signals.aimtell.com moonlightday.com
1 static.traversedlp.com www.googletagmanager.com
1 emk2.giize.com 1 redirects
1 jhfklmzmza.s3.amazonaws.com
48 26

This site contains no links.

Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.traversedlp.com
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
script.anura.io
Amazon		 2022-07-12 -
2023-08-10		 a year crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-08		 a year crt.sh
quiz.camplejeuneinjured.com
R3		 2022-08-26 -
2022-11-24		 3 months crt.sh
leadshook.io
Amazon		 2021-12-06 -
2023-01-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-14 -
2022-10-12		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-05 -
2022-10-26		 2 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2023-02-01		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sentry.leadshook.io
Amazon		 2022-02-01 -
2023-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Frame ID: F60D18A33B3F53B64790455D39FA9C91
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DMS Leadshook Page Camp Lejeune - Health_Issues_from_Exposure

Page URL History Show full URLs

  1. https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html Page URL
  2. http://emk2.giize.com/qs=r-aficjagkejiicibafgekdkhacbebkbgfafgciiabababadhadfiaceaihgacgchacfhcgdacb HTTP 302
    http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_59387717... Page URL
  3. https://go.shetrack.com/aff_c?offer_id=1411&aff_id=1062&aff_sub=202673&aff_sub2=9ef6ffa5e8baf2671894... HTTP 302
    https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=A... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

48
Requests

96 %
HTTPS

50 %
IPv6

22
Domains

26
Subdomains

24
IPs

6
Countries

1442 kB
Transfer

6457 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html Page URL
  2. http://emk2.giize.com/qs=r-aficjagkejiicibafgekdkhacbebkbgfafgciiabababadhadfiaceaihgacgchacfhcgdacb HTTP 302
    http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26 Page URL
  3. https://go.shetrack.com/aff_c?offer_id=1411&aff_id=1062&aff_sub=202673&aff_sub2=9ef6ffa5e8baf2671894a698b2231430&aff_sub3=45177_10309054_13 HTTP 302
    https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://emk2.giize.com/qs=r-aficjagkejiicibafgekdkhacbebkbgfafgciiabababadhadfiaceaihgacgchacfhcgdacb HTTP 302
  • http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
eugrmnlcoakyjmgi.html
jhfklmzmza.s3.amazonaws.com/ 		102 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.66.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
102
Content-Type
text/html
Date
Wed, 05 Oct 2022 01:20:26 GMT
ETag
"73685719af01f3f8918a1071f4fd866c"
Last-Modified
Mon, 03 Oct 2022 21:25:53 GMT
Server
AmazonS3
x-amz-id-2
NxFrIqksn50612ber0zhlXYwEW0b3zwlDncZYzmxyKzqLCKg70JznMZ9YDBL9pZP5T4fDxmST4M=
x-amz-request-id
DBVTXESF0CXHM4NQ
/
moonlightday.com/a7b2405123dfccca1f059a630a095838e/
Redirect Chain
  • http://emk2.giize.com/qs=r-aficjagkejiicibafgekdkhacbebkbgfafgciiabababadhadfiaceaihgacgchacfhcgdacb
  • http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
Requested by
Host: jhfklmzmza.s3.amazonaws.com
URL: https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html
Protocol
HTTP/1.1
Server
173.213.121.86 , United States, ASN62904 (AS62904, US),
Reverse DNS
Software
nginx/1.10.3 / PHP/7.3.25
Resource Hash
7fbd85993dd5fbf55db0df6fcf580f8440e9cb9961715a8e1c7faff3549833d5

Request headers

Referer
https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html#qs=r-aficjagkejiicibafgekdkhacbebkbgfafgciiabababadhadfiaceaihgacgchacfhcgdacb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 01:20:29 GMT
Server
nginx/1.10.3
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.25

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Wed, 05 Oct 2022 01:20:29 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
gtm.js
www.googletagmanager.com/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Requested by
Host: moonlightday.com
URL: http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7335bf51a70f9289d9db45dd6f8462a7a49748c1aaf6dc96b006be2494426152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://moonlightday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39163
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 01:20:29 GMT
fp.php
moonlightday.com/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://moonlightday.com/fp.php
Requested by
Host: moonlightday.com
URL: http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
Protocol
HTTP/1.1
Server
173.213.121.86 , United States, ASN62904 (AS62904, US),
Reverse DNS
Software
nginx/1.10.3 / PHP/7.3.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 05 Oct 2022 01:20:29 GMT
Server
nginx/1.10.3
Connection
keep-alive
X-Powered-By
PHP/7.3.25
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-54.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://moonlightday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
KLbodh6xIMdiUWAxenjc1ByBclqfTj74
Content-Encoding
gzip
Via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
Date
Wed, 05 Oct 2022 00:45:52 GMT
Last-Modified
Wed, 01 Jun 2022 20:20:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
2078
ETag
W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
BRdXyn8U_i9h0ouqIaV_jOWcsSXGG4WhKSsrAwapLhOWYR1j7V93Sg==
request.js
script.anura.io/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=56309078&source=202673&campaign=29471&exid=9ef6ffa5e8baf2671894a698b2231430&188638003328
Requested by
Host: jhfklmzmza.s3.amazonaws.com
URL: https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.218.195 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-218-195.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bdfc3e5b157c33d137ea65978f1655797ce08e6b11b817af1850d44391694a16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://moonlightday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 01:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
matches
signals.aimtell.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Requested by
Host: moonlightday.com
URL: http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://moonlightday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:30 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
755255cc49295c26-FRA
access-control-allow-headers
Content-Type, *
content-length
43
cookie
api.traversedlp.com/retargeting/v1/ 		18 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargeting/v1/cookie
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.191.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-191-2.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://moonlightday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:30 GMT
server
nginx/1.20.0
etag
W/"12-86d81FY+WDtP4sdiTK7DKw"
vary
Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://moonlightday.com
access-control-expose-headers
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
18
enqueue
api.traversedlp.com/retargetinginclusion/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.191.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-191-2.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Referer
http://moonlightday.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
http://moonlightday.com
date
Wed, 05 Oct 2022 01:20:30 GMT
access-control-expose-headers
access-control-allow-credentials
true
server
nginx/1.20.0
vary
X-HTTP-Method-Override
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
enqueue
api.traversedlp.com/retargetinginclusion/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.191.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-191-2.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://moonlightday.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
http://moonlightday.com
access-control-expose-headers
allow
ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
content-length
228
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 01:20:30 GMT
etag
W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
server
nginx/1.20.0
vary
Accept-Encoding
Primary Request BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba
quiz.camplejeuneinjured.com/survey/
Redirect Chain
  • https://go.shetrack.com/aff_c?offer_id=1411&aff_id=1062&aff_sub=202673&aff_sub2=9ef6ffa5e8baf2671894a698b2231430&aff_sub3=45177_10309054_13
  • https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8b...
88 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Requested by
Host: moonlightday.com
URL: http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.181.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-181-94.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
c9e71ce5c263324f8cc9cc10b585811b3500db9bfbbe1c049d9bb88df4608414

Request headers

Referer
http://moonlightday.com/a7b2405123dfccca1f059a630a095838e/?sid1=45177_10309054_13&sid2=4718_593877170_0_0_0_4539296_26_1516_146152_10309054_10_765&sid3=26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 01:20:31 GMT
etag
W/"15eba-MFpgCVii+3ml56DFKJIJFQ3XluQ"
expires
0
pragma
no-cache
server
Caddy
vary
Accept-Encoding
x-powered-by
Express
x-username
undefined

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
422
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 05 Oct 2022 01:20:30 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102f3ac713d63970bc68fe35d99a07
X-Request-Id
78580353a207a06cc48a50166ea93c16
X-Robots-Tag
noindex, nofollow
response.json
script.anura.io/ 		43 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=202673&campaign=29471&exid=9ef6ffa5e8baf2671894a698b2231430&188638003328
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.218.195 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-218-195.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://moonlightday.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 01:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
d3fed649.frontend_vendor.css
static.leadshook.io/app/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 01:26:29 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 02:42:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
86043
etag
W/"d3fed6497d41e35427f8a3440db188fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
x-amz-cf-id
7z6JahdoKumE0PzgVQiAyo76Xfl8TWc8sFQ1V3dxXooPe1G_TPk-uQ==
1f0bcbdf.app.css
static.leadshook.io/app/ 		247 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/1f0bcbdf.app.css
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
807bf403ddd2ecc9a6f12b5922b739b6956b52643f557ffcf387a0c53226889e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 16:34:35 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:26:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
31557
etag
"25ae4f0b7e867a5785d1e1af4d0fc636"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
58045
x-amz-cf-id
XYX4uR7ywms162YY6ST0F3Oe021H14gAlHnqXQQU4WhTc0mb4_fj8g==
pollyfill.js
polyfill.leadshook.io/ 		101 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.leadshook.io/pollyfill.js
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:12:53 GMT
content-security-policy
default-src 'self'
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
age
50858
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=31536000
feature-policy
camera 'none'; microphone 'none'; speaker 'none'
content-length
101
x-amz-cf-id
e7ByV5emM2G5aJrWHMXNc35juXI3K_4hA0vWrX-XOD3MEYAD-Oty7g==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1986714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bluMh%2F1SkVXVo2Q0tWxmNDY1fql0JSIYNg22ToefJ0Klo0xECfVd93juKeq9%2BEsu3os%2FQfODoK0jIEPL%2BZvuwXVwzZCAUuSuUZBEIsiL6WVDMSqhJnLnavNoVPzKzm4ugOWYbVZlOtclv%2BdQtLAE90jD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
755255d289755b8c-FRA
expires
Mon, 25 Sep 2023 01:20:31 GMT
css2
fonts.googleapis.com/ 		223 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
410e2ee58ae8ade92b8e2065a9b6c303a3dcdd2bf4ddc382cf61f6c4c6d94667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 01:20:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 01:20:31 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10110199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22890
last-modified
Sat, 25 Dec 2021 03:05:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61c68a7c-596a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXPQvW%2BRsGGcd8MsgQlphTNXqh3C3WosvttEHgI%2BIJ8Gig4nhm9usQUDMMcuiGd5tkH3QJeW6PcSBHdyZKBjnR0xCmSz%2BcNQ1lCO9YLBCk%2FRWWZia28iI0Gl2QIWkWWZ73TwgAUmyYWd0nYfPmcS6YF2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
755255d309af5b8c-FRA
expires
Mon, 25 Sep 2023 01:20:31 GMT
80cc3c9e.frontend_vendor.js
static.leadshook.io/app/ 		2 MB
633 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/80cc3c9e.frontend_vendor.js
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54e22a0aae25cbaf8a332e6ad6c574c313d734317426b2af1c3f6b5933b18b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 01:26:50 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 02:42:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
86022
etag
"3af304daf61ae4f3257b8240e6def942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
647356
x-amz-cf-id
UANhIAFLT3maIEVKsMbOmCDm2lt7QX03nX-DUShbfxVRDZASBkSXKQ==
bundle.min.js
browser.sentry-cdn.com/6.17.4/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.17.4/bundle.min.js
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://quiz.camplejeuneinjured.com/
Origin
https://quiz.camplejeuneinjured.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 02 Feb 2022 15:42:58 GMT
server
Fastly
age
1853933
etag
"456782718f10c0d95baf1a859662a1e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20491
expires
Wed, 13 Sep 2023 14:21:37 GMT
bundle.tracing.min.js
browser.sentry-cdn.com/6.17.4/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://quiz.camplejeuneinjured.com/
Origin
https://quiz.camplejeuneinjured.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 02 Feb 2022 15:42:58 GMT
server
Fastly
age
1251910
etag
"d79feee5fcf01c4d7aae920cbcbc5c06"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
28623
expires
Wed, 20 Sep 2023 13:35:21 GMT
angular.min.js
browser.sentry-cdn.com/6.17.4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.17.4/angular.min.js
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://quiz.camplejeuneinjured.com/
Origin
https://quiz.camplejeuneinjured.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 02 Feb 2022 15:42:58 GMT
server
Fastly
age
651483
etag
"88a049ef735409b4f4e297d1b058b3ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1770
expires
Wed, 27 Sep 2023 12:22:28 GMT
f3fb7cc0.frontend_app.js
static.leadshook.io/app/ 		3 MB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.leadshook.io/app/f3fb7cc0.frontend_app.js
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c19d921aa31a76d03e49f6517d833ffca3ef706834e2c025aedca50a76195fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 20:01:11 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 19:32:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
19161
etag
W/"71b6379f70010d94b1e434f08e6c83d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
jgarjW8t96g0K7pUzrl9paPaf0hUujGzpbF9LpwjGxL-S3Qv4y019w==
gtm.js
www.googletagmanager.com/ 		156 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MX9FZS9
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate+EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6675afde90ac0daa2b8303d176a9b52c180fd01e99d8d357db676b85248dfe8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59420
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 01:20:31 GMT
pixel.png
d2zdr2rqflfo3.cloudfront.net/ 		95 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=quiz.camplejeuneinjured.com&subdomain=toxic-water-defenders&accountId=2829&quizId=54488&leadId=304745080&quizVersionId=29
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-174.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:32 GMT
via
1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
last-modified
Sat, 28 Sep 2019 18:11:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"9591c410148e6883727c5339fd1c02cd"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
iRb3QbYz7SDaOYAFu1gcKyeIKc_CDDvV3fFP5-r8rFmEp0Ly_-YJAg==
camp-lejeune-justice-logo-1661526854334.png
static.leadshook.io/upload/toxic-water-defenders/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.leadshook.io/upload/toxic-water-defenders/camp-lejeune-justice-logo-1661526854334.png
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bba0e7c1b8796e7e001761717804a59b409d50a0724914c600b879c94f1df82b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:15:12 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified
Fri, 26 Aug 2022 15:14:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
29120
etag
"00ea114bdb1f94b9b241f8eaa7559ef5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4117
x-amz-cf-id
M7fXafCVmiwKsMZqFNRR-3-AknmBeE6uYs5J2m1z5P2_dZF98X0xUg==
impressions
quiz.camplejeuneinjured.com/api/ 		374 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quiz.camplejeuneinjured.com/api/impressions
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.181.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-181-94.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
b510595d4ffc0a2b6d7126f807545e5f98420d68c20d8ab8bcb9192d57694dd3

Request headers

Accept
application/json, text/plain, */*
Referer
https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
server
Caddy
x-username
undefined
etag
W/"176-Wmc2HmBs+ja9wzvO/W8Ow1wEUYY"
x-powered-by
Express
vary
X-HTTP-Method-Override, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://quiz.camplejeuneinjured.com
access-control-allow-credentials
true
content-length
374
nodetracker
quiz.camplejeuneinjured.com/api/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quiz.camplejeuneinjured.com/api/nodetracker
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.181.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-181-94.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://quiz.camplejeuneinjured.com
date
Wed, 05 Oct 2022 01:20:31 GMT
access-control-allow-credentials
true
server
Caddy
x-username
undefined
x-powered-by
Express
vary
X-HTTP-Method-Override, Origin
geoip
quiz.camplejeuneinjured.com/api/ 		2 KB
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quiz.camplejeuneinjured.com/api/geoip?leadId=304745080
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.181.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-181-94.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
17fbbc5ee3e8c6091f15376f5d386797f3039d420c7846ea1713da8bc8bc371e

Request headers

Accept
*/*
Referer
https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
gzip
server
Caddy
x-username
undefined
etag
W/"7f0-Z0poQSFPy10VsE9qKtEmKrCsOeI"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
leaddevice
quiz.camplejeuneinjured.com/api/ 		1 KB
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quiz.camplejeuneinjured.com/api/leaddevice?leadId=304745080&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F106.0.5249.91+Safari%2F537.36
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.181.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-181-94.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
31364146cc701809616c77542b584f6c622cf08f00d69617798c99640718572b

Request headers

Accept
*/*
Referer
https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
gzip
server
Caddy
x-username
undefined
etag
W/"565-rTnraY4VgC0UIXOYB9MUd2qrow4"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: jhfklmzmza.s3.amazonaws.com
URL: https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Oct 2022 01:20:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sv2N1MVVtOvtrFVwGbi6VLPuQQ1cix5XtzkTX7FYF6B0ypR1pll3oSYXkLb8rStzfxb0FZcGcH2N6qEdLyuBmA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: jhfklmzmza.s3.amazonaws.com
URL: https://jhfklmzmza.s3.amazonaws.com/eugrmnlcoakyjmgi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:03 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
JS423CBFN4FR0R52
age
29
x-amz-server-side-encryption
AES256
x-amz-id-2
7PNPhOohGx/Phw2V+dHFp7fvbo+LNIt8BxzO69/j4bTQNSVCWsHRXHa6qNdBFFgbWfZ3myWaW98=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		126 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0123456789&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX9FZS9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3cbce9f6a967435ba5934bb61d85667d0d7a1b4a740832c61de14a81567f93d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:20:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50689
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 01:20:31 GMT
561098318928514
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/561098318928514?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
54eec1c7a7a3966cca6fd9b24adb9934f3dc2f68a5de32080260ec01755b6463
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Oct 2022 01:20:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
FVKu1AIQEY4873yiRL76xfJrUvh5I/KjkKTOygMiSkRbktagWeEpRfEsQO5iyVtz7yFOFI716ySniKLUulnY/A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
356 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0123456789&gtm=2oea30&_p=1446743858&cid=1534016887.1664932832&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664932831&sct=1&seg=0&dl=https%3A%2F%2Fquiz.camplejeuneinjured.com%2Fsurvey%2FBEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba%3Futm_source%3DHPLD%26utm_medium%3DAffiliate%2520EN%26utm_campaign%3DAugust%26utm_id%3DLaunch%26utm_term%3D202673%26utm_content%3D9ef6ffa5e8baf2671894a698b2231430&dr=http%3A%2F%2Fmoonlightday.com%2F&dt=DMS%20Leadshook%20Page%20Camp%20Lejeune&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0123456789&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 01:20:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quiz.camplejeuneinjured.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10186151.json
s.yimg.com/wi/config/ 		2 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10186151.json
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 00:41:01 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
Z7Y1V5YZ40MR8NFG
age
2370
content-length
2
x-amz-id-2
RYqF0qU/vzceB3XLDQt5744SLSbeDcIHRCaak1VilN0435rdaIhKxI4hCPOnOHBpiecz3Fa6iU4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
fields
quiz.camplejeuneinjured.com/api/leads/304745080/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quiz.camplejeuneinjured.com/api/leads/304745080/fields
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.181.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-181-94.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://quiz.camplejeuneinjured.com
date
Wed, 05 Oct 2022 01:20:31 GMT
access-control-allow-credentials
true
server
Caddy
x-username
undefined
x-powered-by
Express
vary
X-HTTP-Method-Override, Origin
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=561098318928514&ev=PageView&dl=https%3A%2F%2Fquiz.camplejeuneinjured.com%2Fsurvey%2FBEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba%3Futm_source%3DHPLD%26utm_medium%3DAffiliate%2520EN%26utm_campaign%3DAugust%26utm_id%3DLaunch%26utm_term%3D202673%26utm_content%3D9ef6ffa5e8baf2671894a698b2231430&rl=http%3A%2F%2Fmoonlightday.com%2F&if=false&ts=1664932831880&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664932831879.797875546&it=1664932831778&coo=false&rqm=GET
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 01:20:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
sp.pl
sp.analytics.yahoo.com/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2005%20Oct%202022%2001%3A20%3A31%20GMT&n=0&b=DMS%20Leadshook%20Page%20Camp%20Lejeune&.yp=10186151&f=https%3A%2F%2Fquiz.camplejeuneinjured.com%2Fsurvey%2FBEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba%3Futm_source%3DHPLD%26utm_medium%3DAffiliate%2520EN%26utm_campaign%3DAugust%26utm_id%3DLaunch%26utm_term%3D202673%26utm_content%3D9ef6ffa5e8baf2671894a698b2231430&e=http%3A%2F%2Fmoonlightday.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: quiz.camplejeuneinjured.com
URL: https://quiz.camplejeuneinjured.com/survey/BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba?utm_source=HPLD&utm_medium=Affiliate%20EN&utm_campaign=August&utm_id=Launch&utm_term=202673&utm_content=9ef6ffa5e8baf2671894a698b2231430
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 01:20:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
1
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 05 Oct 2022 01:20:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX9FZS9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 01:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1113
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 03:01:59 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=561098318928514&ev=ViewContent&dl=https%3A%2F%2Fquiz.camplejeuneinjured.com%2Fsurvey%2FBEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba%3Futm_source%3DHPLD%26utm_medium%3DAffiliate%2520EN%26utm_campaign%3DAugust%26utm_id%3DLaunch%26utm_term%3D202673%26utm_content%3D9ef6ffa5e8baf2671894a698b2231430&rl=http%3A%2F%2Fmoonlightday.com%2F&if=false&ts=1664932832566&cd[content_name]=DMS%20Leadshook%20Page%20Camp%20Lejeune&cd[content_category]=LH_DMS%20Leadshook%20Page%20Camp%20Lejeune&cd[content_type]=LH%20First%20Visit&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664932831879.797875546&it=1664932831778&coo=false&eid=977601_304745080_first&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 01:20:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1446743858&t=event&ni=0&_s=1&dl=https%3A%2F%2Fquiz.camplejeuneinjured.com%2Fsurvey%2FBEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba%3Futm_source%3DHPLD%26utm_medium%3DAffiliate%2520EN%26utm_campaign%3DAugust%26utm_id%3DLaunch%26utm_term%3D202673%26utm_content%3D9ef6ffa5e8baf2671894a698b2231430&dr=http%3A%2F%2Fmoonlightday.com%2F&ul=en-us&de=UTF-8&dt=DMS%20Leadshook%20Page%20Camp%20Lejeune%20-%20Health_Issues_from_Exposure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LH_DMS%20Leadshook%20Page%20Camp%20Lejeune&ea=LH%20First%20Visit&el=DMS%20Leadshook%20Page%20Camp%20Lejeune&_u=YADAAEABAAAAACAAI~&jid=1721134798&gjid=1029330689&cid=1534016887.1664932832&tid=UA-232155948-1&_gid=1366336448.1664932833&_r=1&gtm=2wga30MX9FZS9&z=991162276
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://quiz.camplejeuneinjured.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 01:20:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quiz.camplejeuneinjured.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-232155948-1&cid=1534016887.1664932832&jid=1721134798&gjid=1029330689&_gid=1366336448.1664932833&_u=YADAAEAAAAAAACAAI~&z=1196175672
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://quiz.camplejeuneinjured.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 05 Oct 2022 01:20:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quiz.camplejeuneinjured.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-232155948-1&cid=1534016887.1664932832&jid=1721134798&_u=YADAAEAAAAAAACAAI~&z=455437762
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 01:20:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-232155948-1&cid=1534016887.1664932832&jid=1721134798&_u=YADAAEAAAAAAACAAI~&z=455437762
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 01:20:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sentry.leadshook.io/api/2/store/ 		56 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.leadshook.io/api/2/store/?sentry_key=5be3622205ce450cade96e98ed2752d4&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.91.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-91-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Request headers

Referer
https://quiz.camplejeuneinjured.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://quiz.camplejeuneinjured.com
date
Wed, 05 Oct 2022 01:20:33 GMT
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
server
nginx
content-length
56
vary
Origin
content-type
application/json
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=561098318928514&ev=Microdata&dl=https%3A%2F%2Fquiz.camplejeuneinjured.com%2Fsurvey%2FBEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba%3Futm_source%3DHPLD%26utm_medium%3DAffiliate%2520EN%26utm_campaign%3DAugust%26utm_id%3DLaunch%26utm_term%3D202673%26utm_content%3D9ef6ffa5e8baf2671894a698b2231430&rl=http%3A%2F%2Fmoonlightday.com%2F&if=false&ts=1664932833383&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22DMS%20Leadshook%20Page%20Camp%20Lejeune%20-%20Health_Issues_from_Exposure%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=2&o=30&fbp=fb.1.1664932831879.797875546&it=1664932831778&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 01:20:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=561098318928514&ev=ViewContent&dl=https%3A%2F%2Fquiz.camplejeuneinjured.com%2Fsurvey%2FBEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba%3Futm_source%3DHPLD%26utm_medium%3DAffiliate%2520EN%26utm_campaign%3DAugust%26utm_id%3DLaunch%26utm_term%3D202673%26utm_content%3D9ef6ffa5e8baf2671894a698b2231430&rl=http%3A%2F%2Fmoonlightday.com%2F&if=false&ts=1664932833495&cd[content_name]=DMS%20Leadshook%20Page%20Camp%20Lejeune&cd[content_category]=LH_view_page&cd[content_type]=LH%20Page%20View%20Event&sw=1600&sh=1200&v=2.9.84&r=stable&ec=3&o=30&fbp=fb.1.1664932831879.797875546&it=1664932831778&coo=false&eid=977601_304745080_enter&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://quiz.camplejeuneinjured.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 01:20:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| pageType object| googleWebFonts string| googleWebFontsFamily object| quiz string| referrer object| lead object| dataLayer object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin object| ngFileUpload object| m function| $ function| jQuery object| angular function| moment function| momentDurationFormatSetup object| momentBusiness object| accounting object| FileAPI function| _ object| math object| inflection function| ngInflection object| intlTelInputGlobals object| intlTelInputUtils object| changeCase function| SignaturePad function| AlliesComplete object| Sentry object| __SENTRY__ object| originalModules object| usedModules object| allWebFonts object| defaultWebFonts function| getSubdomain function| serialize function| sleep number| maxAttempts object| finishedJobStatus function| poolJob string| DATE_FORMAT string| TIME_FORMAT string| DATETIME_FORMAT string| DATEPICKER_DEFAULT_FORMAT string| TIMEPICKER_DEFAULT_FORMAT object| numericFieldFormats object| angularDateStringFormats object| fieldFormats object| numberFormats object| currencies function| numberFormat function| percentageFormat function| percentageUnformat function| durationFormat function| formatNumber function| unformatNumber object| QUESTION_TYPE object| QUESTION_TYPE_WITH_INPUT function| questionHasInput function| isDateTimeQuestion object| GOOGLE_ADDRESS_EXAMPLE object| GOOGLE_ADDRESS_FIELDS object| GOOGLE_ADDRESS_COMPONENTS object| POSTCODER_ADDRESS_EXAMPLE function| isDateTimeField function| toUTCTimestamp function| toLocalDate function| addStyles function| hash object| hashFns function| getNodeTitle function| getEventId function| getEventTime object| trackingFields function| escapeRegExp function| replaceAll object| defaultQuestionLineStyle function| getLineStyle function| getChatTailStyle function| shuffle function| getYoutubeVideoId function| getVideoId function| isDisplayDropdownAsUISelect object| RESERVED_FIELDS function| twilioValidation function| dataSoapValidation function| getCookie function| setCookie object| SKIPPED_NODE_TYPES function| isSkippedNode function| findFirstNode function| getNodesStepProps number| ACTIVE_REQUESTS object| CKEDITOR object| LH object| page string| leadUrl object| DT string| parentUrl object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| dotq object| gaGlobal object| YAHOO object| tokens object| messages function| receiveMessage string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

11 Cookies

Domain/Path Name / Value
moonlightday.com/ Name: clkcheck29471
Value: 9ef6ffa5e8baf2671894a698b2231430_202673
go.shetrack.com/ Name: enc_aff_session_1411
Value: ENC033c6d524f157bed4cb03a7a1df37fe5d71eb7e938b56a5bd155657ea077fcccdcd3fd854f41fe33be7b2a658049c7f6f057df3b71c9adea9575e5bbe4549827925ba36da1accd1d52e636343dd560b22b9237fe801aa8623aaf26376a5753a97f61fede33fd3ab65caa7a7635bdb00cfcf1bfa447870e77c2bf456dc7751b01b292f8e8e7dfc1507738ee6dfdacb38b087a064da25c010a202da1d80b3f90031001edcc53dac660e124e80c7fbaa435d89c9a90bf0c1b4cb2b3707073eadf948b344b8c93
go.shetrack.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNi4wLjUyNDkuOTEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
quiz.camplejeuneinjured.com/ Name: BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJba.leadData
Value: j%3A%7B%22leadId%22%3A304745080%2C%22leadToken%22%3A%22BEwN2Pkr4rngQwNc65CKZfZw2GP1fQzU3tjHyJbaFUmCxmRw7izBXqe0WD5V%22%2C%22quizId%22%3A54488%7D
.camplejeuneinjured.com/ Name: _gcl_au
Value: 1.1.739702138.1664932832
.camplejeuneinjured.com/ Name: _fbp
Value: fb.1.1664932831879.797875546
.yahoo.com/ Name: A3
Value: d=AQABBN_bPGMCEBv-4EgBlDR5gLlXDz75p7QFEgEBAQEtPmNGYwAAAAAA_eMAAA&S=AQAAApl0KJSnpz_5TsDKGB_alM0
.camplejeuneinjured.com/ Name: _ga_0123456789
Value: GS1.1.1664932831.1.0.1664932832.0.0.0
.camplejeuneinjured.com/ Name: _ga
Value: GA1.2.1534016887.1664932832
.camplejeuneinjured.com/ Name: _gid
Value: GA1.2.1366336448.1664932833
.camplejeuneinjured.com/ Name: _gat_UA-232155948-1
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://sentry.leadshook.io/api/2/store/?sentry_key=5be3622205ce450cade96e98ed2752d4&sentry_version=7
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
browser.sentry-cdn.com
cdnjs.cloudflare.com
connect.facebook.net
d2zdr2rqflfo3.cloudfront.net
emk2.giize.com
fonts.googleapis.com
go.shetrack.com
jhfklmzmza.s3.amazonaws.com
moonlightday.com
polyfill.leadshook.io
quiz.camplejeuneinjured.com
region1.google-analytics.com
s.yimg.com
script.anura.io
sentry.leadshook.io
signals.aimtell.com
sp.analytics.yahoo.com
static.leadshook.io
static.traversedlp.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.189.42
13.225.78.54
13.225.78.86
13.225.84.174
173.213.121.86
18.168.218.195
2001:4860:4802:34::36
212.82.100.181
2606:4700::6811:190e
2606:4700::6812:1f97
2a00:1288:80:807::1
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:400c:c02::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::729
3.213.181.94
34.253.72.70
43.243.194.13
52.217.66.92
54.209.191.2
54.84.91.180
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
17fbbc5ee3e8c6091f15376f5d386797f3039d420c7846ea1713da8bc8bc371e
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
31364146cc701809616c77542b584f6c622cf08f00d69617798c99640718572b
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
410e2ee58ae8ade92b8e2065a9b6c303a3dcdd2bf4ddc382cf61f6c4c6d94667
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54eec1c7a7a3966cca6fd9b24adb9934f3dc2f68a5de32080260ec01755b6463
6675afde90ac0daa2b8303d176a9b52c180fd01e99d8d357db676b85248dfe8b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
7335bf51a70f9289d9db45dd6f8462a7a49748c1aaf6dc96b006be2494426152
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65
7fbd85993dd5fbf55db0df6fcf580f8440e9cb9961715a8e1c7faff3549833d5
807bf403ddd2ecc9a6f12b5922b739b6956b52643f557ffcf387a0c53226889e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a54e22a0aae25cbaf8a332e6ad6c574c313d734317426b2af1c3f6b5933b18b1
ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b510595d4ffc0a2b6d7126f807545e5f98420d68c20d8ab8bcb9192d57694dd3
bba0e7c1b8796e7e001761717804a59b409d50a0724914c600b879c94f1df82b
bdfc3e5b157c33d137ea65978f1655797ce08e6b11b817af1850d44391694a16
c19d921aa31a76d03e49f6517d833ffca3ef706834e2c025aedca50a76195fe6
c9e71ce5c263324f8cc9cc10b585811b3500db9bfbbe1c049d9bb88df4608414
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cbce9f6a967435ba5934bb61d85667d0d7a1b4a740832c61de14a81567f93d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629