Submitted URL: https://cl.exct.net/?qs=df2bbeed355a55415e876624ed8ed6f0bf50551be1dd99549b8d55703c7cd8cad3fc369419aad2d0321c284c5489...
Effective URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Submission: On February 02 via api from US — Scanned from DE

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 69 HTTP transactions. The main IP is 157.230.67.176, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.querysurge.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 26th 2022. Valid for: a year.
This is the only time www.querysurge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
19 157.230.67.176 14061 (DIGITALOC...)
3 2a04:4e42::485 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 52.216.144.196 16509 (AMAZON-02)
7 104.18.70.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 54.236.83.233 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2600:9000:206... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
4 104.16.53.111 13335 (CLOUDFLAR...)
1 13.32.27.24 16509 (AMAZON-02)
1 99.86.4.55 16509 (AMAZON-02)
1 52.213.152.139 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
69 19
Apex Domain
Subdomains
Transfer
19 querysurge.com
www.querysurge.com
691 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
748 KB
7 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1883
ekr.zdassets.com — Cisco Umbrella Rank: 2161
367 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1669
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3272
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3418
tracking.crazyegg.com — Cisco Umbrella Rank: 3205
32 KB
6 amazonaws.com
rttswebproperties.s3.amazonaws.com
898 KB
4 zendesk.com
querysurge.zendesk.com
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
www.linkedin.com — Cisco Umbrella Rank: 575
px4.ads.linkedin.com — Cisco Umbrella Rank: 6074
4 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
23 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
55 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814
376 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 707
5 KB
1 lltrck.com
lltrck.com — Cisco Umbrella Rank: 27639
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
59 KB
1 exct.net
cl.exct.net — Cisco Umbrella Rank: 48873
356 B
69 15
Domain Requested by
19 www.querysurge.com www.querysurge.com
7 fonts.gstatic.com www.querysurge.com
www.google.com
6 static.zdassets.com www.querysurge.com
static.zdassets.com
6 rttswebproperties.s3.amazonaws.com www.querysurge.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 querysurge.zendesk.com static.zdassets.com
4 script.crazyegg.com www.querysurge.com
script.crazyegg.com
3 www.google.com www.querysurge.com
www.gstatic.com
www.google.com
3 cdn.jsdelivr.net www.querysurge.com
2 px.ads.linkedin.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 px4.ads.linkedin.com www.querysurge.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 snap.licdn.com www.googletagmanager.com
1 ekr.zdassets.com static.zdassets.com
1 lltrck.com www.querysurge.com
1 www.googletagmanager.com www.querysurge.com
1 cl.exct.net 1 redirects
69 22
Subject Issuer Validity Valid
*.querysurge.com
Go Daddy Secure Certificate Authority - G2
2022-05-26 -
2023-06-27
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-08 -
2023-04-08
a year crt.sh
*.s3.amazonaws.com
Amazon
2022-09-21 -
2023-08-26
a year crt.sh
zdassets.com
Cloudflare Inc ECC CA-3
2022-11-10 -
2023-11-09
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
lltrck.com
Go Daddy Secure Certificate Authority - G2
2022-07-25 -
2023-08-26
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
linkedin.oribi.io
Amazon
2022-07-07 -
2023-08-06
a year crt.sh
querysurge.zendesk.com
Cloudflare Inc ECC CA-3
2022-05-29 -
2023-05-29
a year crt.sh
crazyegg.com
Amazon
2022-06-27 -
2023-07-26
a year crt.sh
www.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Frame ID: C0940E705585A2DDCB683A95893164F8
Requests: 53 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-c82fe813e62b58e096bc.js
Frame ID: E5E3CFD50832D40748B24CEB0EE54E02
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
Frame ID: 94F4F64FC0E2884819F619AC372EB433
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Partner Program | QuerySurge

Page URL History Show full URLs

  1. https://cl.exct.net/?qs=df2bbeed355a55415e876624ed8ed6f0bf50551be1dd99549b8d55703c7cd8cad3fc3694... HTTP 302
    https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

69
Requests

96 %
HTTPS

55 %
IPv6

15
Domains

22
Subdomains

19
IPs

4
Countries

2901 kB
Transfer

5728 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cl.exct.net/?qs=df2bbeed355a55415e876624ed8ed6f0bf50551be1dd99549b8d55703c7cd8cad3fc369419aad2d0321c284c5489de070a883b118ec2da9f HTTP 302
    https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D36514%26time%3D1675348985495%26url%3Dhttps%253A%252F%252Fwww.querysurge.com%252Fpartner-program%253Futmsource%253Dwelcome_to_QS%2526utm_medium%253DMailer%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer&liSync=true&e_ipv6=AQI8J8AEH_7h2AAAAYYSlMhdFqSWs0VL5QZuRJiXt7fVeNC6DgATJwJEAJRl2A7vq7GFNw8

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request partner-program
www.querysurge.com/
Redirect Chain
  • https://cl.exct.net/?qs=df2bbeed355a55415e876624ed8ed6f0bf50551be1dd99549b8d55703c7cd8cad3fc369419aad2d0321c284c5489de070a883b118ec2da9f
  • https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
48 KB
12 KB
Document
General
Full URL
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Craft Commerce,Craft CMS SEOmatic
Resource Hash
cefbfc60cd18bbbe35f7c2c9728ddd35bab9aeed7c35e05d8ce63e6ea284fb7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 14:43:04 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.querysurge.com/partner-program>; rel='canonical'
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Craft Commerce,Craft CMS SEOmatic
x-robots-tag
all
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
205
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 14:43:03 GMT
Expires
Thu, 02 Feb 2023 14:43:03 GMT
Location
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Pragma
no-cache
jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 14:43:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
9015570
x-jsd-version
3.5.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3096
x-served-by
cache-fra-eddf8230100-FRA, cache-hhn-etou8220048-HHN
x-jsd-version-type
version
etag
W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
querysurge.css
www.querysurge.com/assets/css/
298 KB
54 KB
Stylesheet
General
Full URL
https://www.querysurge.com/assets/css/querysurge.css
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d357d19217562c1b3092d16c09433af93fc575fd71cdd3c8529991aaad69f95c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:07:05 GMT
server
nginx
etag
W/"63854d29-4a9c2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
8044.js
script.crazyegg.com/pages/scripts/0012/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0012/8044.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883bf09628063c9fbfdcb649ddee84961986ecabb82b681768af6d5435c12865

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
cf-cache-status
HIT
age
26449
cf-polished
origSize=6088
ce-version
11.5.21
cf-bgj
minify
last-modified
Thu, 02 Feb 2023 07:22:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
7933b2753bef696f-FRA
qsLogo_dark.svg
www.querysurge.com/assets/images/
326 KB
150 KB
Image
General
Full URL
https://www.querysurge.com/assets/images/qsLogo_dark.svg
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a70cc52a4b2d09d27d82825db5fd9130a826f51a76d71035b087fb683988ca50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-51971"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
sg-qs-partner-ecosystem-puzzle-dark_133f2ae6744f77437aed50e479b129c9.png
www.querysurge.com/imager/volumecontentimages/hero-images/querysurge/63737/
93 KB
93 KB
Image
General
Full URL
https://www.querysurge.com/imager/volumecontentimages/hero-images/querysurge/63737/sg-qs-partner-ecosystem-puzzle-dark_133f2ae6744f77437aed50e479b129c9.png
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0a9f24639a8deee497656fdfd44360d1edf608d45078945b81c1bb6ff1be7120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Jan 2023 11:45:27 GMT
server
nginx
etag
"63d3b957-17389"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
95113
x-xss-protection
1; mode=block
qs-new-findpartner.png
rttswebproperties.s3.amazonaws.com/content-images/querysurge/
156 KB
157 KB
Image
General
Full URL
https://rttswebproperties.s3.amazonaws.com/content-images/querysurge/qs-new-findpartner.png
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.196 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
75e5f2d02aec8cde13ee9c80cd54aa3d3dbad37c154b539ec77b18715558a807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 14:43:06 GMT
Last-Modified
Sat, 20 Feb 2021 04:13:12 GMT
Server
AmazonS3
x-amz-request-id
X9312NQG7RS3PZ95
ETag
"a5d173be2ac16b1883d8ca763f82b426"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
160103
x-amz-id-2
QRlNx4hTP5g1DP78QKI5aAgIZWyp/g5P/xyLG4D49gQ1LpE6M8v87z17ELtfET9Sdc/KtO5Z+HU=
x-amz-meta-mtime
1587606502
qs-new-becomepartner.png
rttswebproperties.s3.amazonaws.com/content-images/querysurge/
255 KB
255 KB
Image
General
Full URL
https://rttswebproperties.s3.amazonaws.com/content-images/querysurge/qs-new-becomepartner.png
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.196 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
469747b53421fca919e9f907b52723d5eb9cc02bd3bd501ce3dffebf752d3c40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 14:43:06 GMT
Last-Modified
Sat, 20 Feb 2021 04:13:08 GMT
Server
AmazonS3
x-amz-request-id
X93D1XRCZXPR3N2B
ETag
"c145e746eec08e1d61d755c8f3fe9d24"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
260649
x-amz-id-2
J3SIgBkQ2Gqn12n1l9LAJSIexg4P0de2BjUc+GwAkKU5T91EChqFttZvOwqTtHyBK+4xZG/aKhI=
x-amz-meta-mtime
1587606679
qs-new-partnerportal-dark.png
rttswebproperties.s3.amazonaws.com/content-images/querysurge/
139 KB
140 KB
Image
General
Full URL
https://rttswebproperties.s3.amazonaws.com/content-images/querysurge/qs-new-partnerportal-dark.png
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.196 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4d6b20d7f314108d26e5eb096c6dba88ad93be541a2796971ebc94c56386e591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 14:43:06 GMT
Last-Modified
Sat, 20 Feb 2021 04:12:59 GMT
Server
AmazonS3
x-amz-request-id
X93C9Z5HRNJDS36X
ETag
"29ed3235611e54f70049da99cf963556"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
142764
x-amz-id-2
inzMWhCwWJHzadALJwOlPPnAVRdthTjN03kO0Bb7bCPxCHedIeQT8Q87AbQfNfGsnTkrJF4xE64=
x-amz-meta-mtime
1587606712
global-footer-trial-options_a1c164e89926eceecf6038a43ab80e6d.jpg
www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/63608/
12 KB
12 KB
Image
General
Full URL
https://www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/63608/global-footer-trial-options_a1c164e89926eceecf6038a43ab80e6d.jpg
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7691ad9983301c05fd73703b540fba1efcf9de8ab462a3eb28608a1ca0eb4f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Jan 2023 15:35:05 GMT
server
nginx
etag
"63cffaa9-2fd7"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
12247
x-xss-protection
1; mode=block
global-footer-private-demo_a1c164e89926eceecf6038a43ab80e6d.jpg
www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/98499/
18 KB
18 KB
Image
General
Full URL
https://www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/98499/global-footer-private-demo_a1c164e89926eceecf6038a43ab80e6d.jpg
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
19f8715fca988b9defc80c34e7b186b75f35779db6e6247371646104eb1f6145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Jan 2023 15:35:05 GMT
server
nginx
etag
"63cffaa9-4905"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
18693
x-xss-protection
1; mode=block
global-footer-licensing_a1c164e89926eceecf6038a43ab80e6d.jpg
www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/63621/
22 KB
23 KB
Image
General
Full URL
https://www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/63621/global-footer-licensing_a1c164e89926eceecf6038a43ab80e6d.jpg
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8b5aa970b181ed945d235a947990dbd2e833dc55fe84bc3cb52e452f2cc8a9ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Jan 2023 15:35:05 GMT
server
nginx
etag
"63cffaa9-59ef"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
23023
x-xss-protection
1; mode=block
global-footer-services_a1c164e89926eceecf6038a43ab80e6d.jpg
www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/63623/
38 KB
38 KB
Image
General
Full URL
https://www.querysurge.com/imager/volumecontentimages/footer-content/querysurge/63623/global-footer-services_a1c164e89926eceecf6038a43ab80e6d.jpg
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
35f115e7560e45a4fb630b7dfa2d6c9d00b651b1326551d3c1b036d619a05e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Jan 2023 15:35:05 GMT
server
nginx
etag
"63cffaa9-9620"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
38432
x-xss-protection
1; mode=block
plugin.js
www.querysurge.com/freeform/
96 KB
96 KB
Script
General
Full URL
https://www.querysurge.com/freeform/plugin.js?v=50b0e17fb5ede57fde2212cd669d6fa78cdaffc8
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Craft Commerce,Craft CMS
Resource Hash
35f939ac066aa74174d2fc4a3e3be57409e763897f51535449f9edac760d59be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Feb 2023 14:43:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Oct 2022 04:19:51 GMT
server
nginx
x-powered-by
Craft Commerce,Craft CMS
etag
50b0e17fb5ede57fde2212cd669d6fa78cdaffc8
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=604800, must-revalidate
content-disposition
inline; filename="plugin.js"
accept-ranges
bytes
content-length
97923
x-xss-protection
1; mode=block
expires
0
footerform-image.png
rttswebproperties.s3.amazonaws.com/content-images/
9 KB
9 KB
Image
General
Full URL
https://rttswebproperties.s3.amazonaws.com/content-images/footerform-image.png
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.196 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1796c5a2e211b50434afb89924c891be760c67a81304d170be5391e851fbc71f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 14:43:06 GMT
Last-Modified
Thu, 06 Jan 2022 14:49:19 GMT
Server
AmazonS3
x-amz-request-id
X93DC77F8QV62XJ6
ETag
"143c6d16c7ae5971dfdc73593b20b877"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
9082
x-amz-id-2
V2TAFXrZnRpVJXzvZgVvbt63HpO6GDCGEKCP6OpbQb112kriVOHmjGABJPTSJxx7Bbsu+3kYR7U=
querysurge-logo-dark.svg
rttswebproperties.s3.amazonaws.com/content-images/
334 KB
334 KB
Image
General
Full URL
https://rttswebproperties.s3.amazonaws.com/content-images/querysurge-logo-dark.svg
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.196 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
68bbc0b1c604d6892834fe6c6cba49e6b57b8be37ad1d7d020b8dccfe9bbf6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 14:43:06 GMT
Last-Modified
Fri, 01 Apr 2022 13:30:48 GMT
Server
AmazonS3
x-amz-request-id
X9371VM1QYS2GAAP
ETag
"4b2dcda9798e16ac306d82e73591990e"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
341535
x-amz-id-2
w9PdTYmWKZM0L1lHSEgKJVWfCp22o/BuvWq8THSlS1KVBeC9ly5fANI384Z9nz9w68Fq4oR2ujU=
poweredByOracle.svg
rttswebproperties.s3.amazonaws.com/content-images/footer-content/
3 KB
3 KB
Image
General
Full URL
https://rttswebproperties.s3.amazonaws.com/content-images/footer-content/poweredByOracle.svg
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.144.196 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4fe8c6203401c89d668918fc879613e207204942c5fa9274224cd45a97c93dc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 14:43:06 GMT
Last-Modified
Mon, 22 Feb 2021 21:20:56 GMT
Server
AmazonS3
x-amz-request-id
X935S2QJBC6JC5F5
ETag
"c098fc2dab464bdefef5199fce9fc652"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2897
x-amz-id-2
WcM3K2LqgRtnCuoh51LV3AbPexkNcC+bZGVxQpPZlKtzY9R619nAwdfsG7xHWDiIvHB4uTWe3X8=
x-amz-meta-mtime
1588862884
modernizr.js
www.querysurge.com/assets/js/lib/
36 KB
12 KB
Script
General
Full URL
https://www.querysurge.com/assets/js/lib/modernizr.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a505c4c4b570d93f36c6b5a2a268f6050f1fe37ab4c0607437da53d44d4bbf58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-91e2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/
86 KB
30 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 14:43:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5499821
x-jsd-version
3.4.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30718
x-served-by
cache-fra-eddf8230054-FRA, cache-hhn-etou8220048-HHN
x-jsd-version-type
version
etag
W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.fancybox.min.js
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/
67 KB
22 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 02 Feb 2023 14:43:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
8602083
x-jsd-version
3.5.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
22012
x-served-by
cache-fra-eddf8230026-FRA, cache-hhn-etou8220048-HHN
x-jsd-version-type
version
etag
W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
what-input.js
www.querysurge.com/assets/js/lib/
14 KB
4 KB
Script
General
Full URL
https://www.querysurge.com/assets/js/lib/what-input.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d21ad553baa697f961d35ba95eadccd899ce993cbce77a9935d7182dc855cbcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-36cf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
scrolllock.min.js
www.querysurge.com/assets/js/lib/
12 KB
3 KB
Script
General
Full URL
https://www.querysurge.com/assets/js/lib/scrolllock.min.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
99d4b3a81d4d2406874daadee23906f4eeb3095e5229a5d3535c8e80a5784400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-3067"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
foundation.min.js
www.querysurge.com/assets/js/lib/
259 KB
51 KB
Script
General
Full URL
https://www.querysurge.com/assets/js/lib/foundation.min.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9a52d2bd495c6082a6ffa237c62554d7531291ad361fa8593e98ce8c6b7c2755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-40a33"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
tablesaw.jquery.js
www.querysurge.com/assets/js/lib/
55 KB
14 KB
Script
General
Full URL
https://www.querysurge.com/assets/js/lib/tablesaw.jquery.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a87c5930d6e316e365da817ada9b31ec06c9407ab8a045d7c380cb9377a126b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-da7f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
tablesaw-init.js
www.querysurge.com/assets/js/
739 B
684 B
Script
General
Full URL
https://www.querysurge.com/assets/js/tablesaw-init.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d40f0f63bc91198b5c7ff30b80c5bf097882afc1b3978651c781ebec82e7aa5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-2e3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
resp-trial-options.js
www.querysurge.com/assets/js/objects/
1 KB
694 B
Script
General
Full URL
https://www.querysurge.com/assets/js/objects/resp-trial-options.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5747a01abf9de1f9a6ea3eda8a558159a94d67ca92ccbf979a5f4d058541f509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-455"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
app.js
www.querysurge.com/assets/js/
2 KB
1 KB
Script
General
Full URL
https://www.querysurge.com/assets/js/app.js
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4d5746e8692cf4d2fe8416d06db620bb776c3d8e5bab86c87d7ef435e188cf34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
W/"63854cf9-827"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
snippet.js
static.zdassets.com/ekr/
23 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=a48f8cbf-7413-4c56-bd67-58c6edba4cee
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-amz-version-id
TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
YATKP8KP6G3Z5AYZ
age
27
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
l147GrCFR6sx9RBTtrXxeNM9vjLsXa90ZV4UDeob3tnmFSLCEgQzGLKlxHDXUe8ai9G5OxZf65V1sE5ejtUWhA==
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sr8%2BbnOUwY5D2%2FT02IF56VhCji3OJFOTjE%2BS%2F83fM6GGy175xjP6SSetKzzuwb2wtvuPt2w580j98kBjaS%2BirYL8gIueCupM5oQwwxBDV6bwzi8iPRxF88YYHv9ItU85r17FYIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
7933b2754cdf9247-FRA
gtm.js
www.googletagmanager.com/
158 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?gtm_auth=63pS6AOVlCZJKWM3TKlbvQ&gtm_preview=env-1&gtm_cookies_win=x&id=GTM-WM5T7WP
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd749ed28bc0207629458ae9340196cfe711c6fa17e4d06cef8fe9f51efd7496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59592
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg_stripes.png
www.querysurge.com/assets/images/
5 KB
5 KB
Image
General
Full URL
https://www.querysurge.com/assets/images/bg_stripes.png
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/assets/css/querysurge.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c9d9cae6ed129b03a66446d39bbade639d877a041266c69ee7312b22b7838d0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/assets/css/querysurge.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
"63854cf9-12bf"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
4799
x-xss-protection
1; mode=block
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4n.ttf
fonts.gstatic.com/s/opensans/v34/
119 KB
73 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4n.ttf
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/assets/css/querysurge.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a148c8e49519dad1c63a5b4f880e96c6542708b49b0ee68f2a332eb92f0061e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.querysurge.com/
Origin
https://www.querysurge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74768
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:12:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 07:49:55 GMT
numbers-grabber-dark.png
www.querysurge.com/assets/images/
103 KB
103 KB
Image
General
Full URL
https://www.querysurge.com/assets/images/numbers-grabber-dark.png
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/assets/css/querysurge.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.67.176 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ece6dd3255ab60ecf081d80516af0d84bc1e5117c8b42cb39ea3cd78cb9ea261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/assets/css/querysurge.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 29 Nov 2022 00:06:17 GMT
server
nginx
etag
"63854cf9-19caf"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
105647
x-xss-protection
1; mode=block
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4n.ttf
fonts.gstatic.com/s/opensans/v34/
119 KB
71 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4n.ttf
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/assets/css/querysurge.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc77d953020ee0ed38f6367aa3b9559bb49472dedccfb652d37bfd8836fa2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.querysurge.com/
Origin
https://www.querysurge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 02:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72585
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 02:07:09 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4n.ttf
fonts.gstatic.com/s/opensans/v34/
119 KB
73 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4n.ttf
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/assets/css/querysurge.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
709a9da0902227901a1642c01b060f134fbffebd6424d580c76eae020cf9f36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.querysurge.com/
Origin
https://www.querysurge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 19:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74627
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:12:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 19:36:12 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjaVc.ttf
fonts.gstatic.com/s/opensans/v34/
125 KB
77 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjaVc.ttf
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/assets/css/querysurge.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bfa9e26e08714efba82a00416db1f758e82411e2ccb10b8993f11e968b3534a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.querysurge.com/
Origin
https://www.querysurge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:50:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78578
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:28:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 07:50:43 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4n.ttf
fonts.gstatic.com/s/opensans/v34/
119 KB
73 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0C4n.ttf
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/assets/css/querysurge.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f472fdce85bacb82ef49af28c1a9adc84a4a5deb20e480ebae41b050a8dd2af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.querysurge.com/
Origin
https://www.querysurge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74468
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:12:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 13:12:04 GMT
lt-v3.js
lltrck.com/scripts/
0
0
Script
General
Full URL
https://lltrck.com/scripts/lt-v3.js?llid=11412
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.83.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-83-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

www.querysurge.com.json
script.crazyegg.com/pages/data-scripts/0012/8044/site/
5 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0012/8044/site/www.querysurge.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/8044.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eeb2c5c44b18c9bb4c63c7610123150441e036c8b9198e2784201e743637c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2023 14:43:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.21
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7933b2768aa22c52-FRA
content-length
1793
a48f8cbf-7413-4c56-bd67-58c6edba4cee
ekr.zdassets.com/compose/
402 B
1 KB
XHR
General
Full URL
https://ekr.zdassets.com/compose/a48f8cbf-7413-4c56-bd67-58c6edba4cee
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a48f8cbf-7413-4c56-bd67-58c6edba4cee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9345373c0c7fa26de244391844ee344532ecdfa8ca9032381047dfa964c99582
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
79337d15ee0d2c5a-SEA, 79337d15ee0d2c5a-SEA
x-runtime
0.004611
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9345373c0c7fa26de244391844ee3445"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSOtm6Mg%2FeRIxGqMrpw2tB1acg0Zw7OZYBiX7EtF51ZoSc1bMTq3vhnsrUAZbA8oa%2BI7Rrnxh%2FSx1uXEbPX99Oy2wwiu6ReXaiD7sLLZ%2BjsIkMpNj9heHwecDtjmt36pGAE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
cf-ray
7933b2769fbb2c77-FRA
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?gtm_auth=63pS6AOVlCZJKWM3TKlbvQ&gtm_preview=env-1&gtm_cookies_win=x&id=GTM-WM5T7WP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 13:12:10 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5455
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Feb 2023 15:12:10 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?gtm_auth=63pS6AOVlCZJKWM3TKlbvQ&gtm_preview=env-1&gtm_cookies_win=x&id=GTM-WM5T7WP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=16017
accept-ranges
bytes
content-length
4777
token
cdn.linkedin.oribi.io/partner/36514/domain/querysurge.com/
36 B
376 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/36514/domain/querysurge.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:18:06 GMT
content-encoding
gzip
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1499
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
JbiTCNUOJT-ktWqw-6FezLLv7cNyi2e68v7HiOX4z807zFsptauQwQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D36514%26time%3D1675348985495%26url%3Dhttps%253A%252F%252Fwww.querysurge.com%252Fp...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer&liSync=true&e_i...
0
483 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer&liSync=true&e_ipv6=AQI8J8AEH_7h2AAAAYYSlMhdFqSWs0VL5QZuRJiXt7fVeNC6DgATJwJEAJRl2A7vq7GFNw8
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C3DD7E9BD1334661B2943E6C22F74FAD Ref B: DUS30EDGE0312 Ref C: 2023-02-02T14:43:06Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzuJUySSyRR2mphMIuVA==

Redirect headers

date
Thu, 02 Feb 2023 14:43:05 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9EF01506FFE542FAAE04AC586D80DE5A Ref B: FRAEDGE1308 Ref C: 2023-02-02T14:43:05Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=36514&time=1675348985495&url=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer&liSync=true&e_ipv6=AQI8J8AEH_7h2AAAAYYSlMhdFqSWs0VL5QZuRJiXt7fVeNC6DgATJwJEAJRl2A7vq7GFNw8
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzuJUuk2s304TzOMEVIA==
a71ff47379fe64aec2ec12080229caf0.js
script.crazyegg.com/pages/versioned/common-scripts/
78 KB
26 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/8044.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e879ae2a4a3917bd9e47b24fdef9560f89304a503bafd3c67dbfe4a5ea538a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Jan 2023 16:34:43 GMT
server
cloudflare
age
68918
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7933b2778e9d696f-FRA
content-length
26918
collect
www.google-analytics.com/j/
2 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1363327746&t=pageview&_s=1&dl=https%3A%2F%2Fwww.querysurge.com%2Fpartner-program%3Futmsource%3Dwelcome_to_QS%26utm_medium%3DMailer&ul=en-us&de=UTF-8&dt=Partner%20Program%20%7C%20QuerySurge&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1000441043&gjid=1390172784&cid=233218055.1675348986&tid=UA-27662673-1&_gid=229467343.1675348986&_r=1&_slc=1&gtm=2wg1u0WM5T7WP&z=1751003062
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 14:43:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.querysurge.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.querysurge.com.json
script.crazyegg.com/pages/data-scripts/0012/8044/sampling/
161 B
213 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0012/8044/sampling/www.querysurge.com.json?t=465374
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b02b00af955bf7cf1c9d5ba0a790ab760f1d3ab3df0b2b260bc22a59139a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2023 14:43:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.21
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7933b277fcb42c52-FRA
content-length
149
web-widget-framework-c82fe813e62b58e096bc.js
static.zdassets.com/web_widget/latest/ Frame E5E3
158 KB
49 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-c82fe813e62b58e096bc.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a48f8cbf-7413-4c56-bd67-58c6edba4cee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4a6d9424e18ced13b9ab3ee007ef3d54a0e23d19c21d1747e73b43465d6563
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:05 GMT
x-amz-version-id
1cCOlxhNqu17ys_QySYbf1YbpGnPAUXV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
MJRJ4G4SB2J1TH3K
age
118813
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
7elXhNV4is9ZSpLT/+gL5/1XGBmoNoOe4ZR8m8LeePRccLLgdhKOm2PlK2ykHz1eiq/KZIO0Xy4=
last-modified
Mon, 30 Jan 2023 01:09:01 GMT
server
cloudflare
etag
W/"5c97db2a2d29c595e26430d1c8358d6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVtkzR7vxHzeKu7E7rcB%2FVNHTjQ57f%2FhMb%2Bw9d0Htli8SPrheU4VMk5egHhWsGe9uEGZkn4pvogiPkP4IU9Q79Sfs4Fl5gJefvhyqkP44WEbh5e7O3K0wSkS4wBcXBJWem%2F7TB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7933b27828459247-FRA
expires
Tue, 30 Jan 2024 01:09:00 GMT
config
querysurge.zendesk.com/embeddable/ Frame E5E3
659 B
1 KB
Fetch
General
Full URL
https://querysurge.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c82fe813e62b58e096bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9442da8fd9d4198cd1ee66a5256865c51b1f1a5c20906d846b067122cbff14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-584788bd97-m9zbt
x-cached
MISS
x-request-id
7933b2798d1c909d-SEA
x-runtime
0.002156
last-modified
Thu, 02 Feb 2023 14:11:50 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djYmB%2FFY5ZqfOwrtfV5%2F%2FAp20eFv8NqOMWG93AuD9yZ0JgfepBJ1WDpFQVyYqvAynHCHUYcWTij6owVZhT4pCoycv%2BQGK1BIBYmq5z2cxnTfiobDcc%2BnEsHDfxt5M0G4J1c3NTCIf4o%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
7933b2798d1c909d-FRA
healthcheck
pagestates-tracking.crazyegg.com/
19 B
462 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 07:21:27 GMT
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
4605699
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
4tyOAoy86qe3Ycms8H_mlkzT-ZmXwxD2IiPqEFOeVy-AT3FSML5-8Q==
healthcheck
assets-tracking.crazyegg.com/
19 B
462 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 03:56:02 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1421224
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
BdQJEsjyuxKIQZhUuMDYpNFEBZYQn2B0ZHNSSOGHS-funJT72DRuAg==
b33c3af1-dca9-47c0-8cce-1555c1767355
https://www.querysurge.com/
45 B
0
Other
General
Full URL
blob:https://www.querysurge.com/b33c3af1-dca9-47c0-8cce-1555c1767355
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/
26 B
133 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1675348985911&tk=46027986f1a95810ed211c7dbcc5e571&s=41785&p=%2Fpartner-program&u=128044&v=5e6d546728924d03133b0096056dc7f16c34a369
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.152.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-152-139.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
405bfa023e590ac8cd81ee85b1e7fc2bd6e44748145e953e1c5199e4fbb02ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Feb 2023 14:43:06 GMT
cache-control
no-store
server
awselb/2.0
content-length
26
content-type
text/plain
web-widget-classic-34c91d3.js
static.zdassets.com/web_widget/latest/classic/ Frame E5E3
13 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-34c91d3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c82fe813e62b58e096bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a0bdf45fbd7fe2f35c5223090b4fc7cbe0c17a6bb1d1c723f278eff3d5773f3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
x-amz-version-id
XHJDUaBKxE89UxJh6.a92Af8FUc8mhAA
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8SC3T7NGM4V5GHJB
age
118813
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Wraf5kMweWotbKJqRMEP0BR+ICxre8016UPkEqvfdi4+y6mt9A4V4pvahxH9UBUq4Y9IHqbxVxA=
last-modified
Mon, 30 Jan 2023 01:11:44 GMT
server
cloudflare
etag
W/"9f439f16bdd7a42b3da820fde4e96890"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJ3fdhOOQAujH6EVZsbWfl4Q0q5QMZwRsQ28MlzyDFy%2BfgcBoiuyeEFrqNPqI0LVmGpfeXyhIyfSLOSsgcAx%2BpuuvwEFWP8Bv%2Bt4miCkUFpmNrVzslyq7xLdvuqm%2B9o7h3Z%2BqjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7933b27afbcc9247-FRA
expires
Tue, 30 Jan 2024 01:11:43 GMT
0534dfdf-86e2-43a2-8746-13443f4c900d
https://www.querysurge.com/
241 B
0
Other
General
Full URL
blob:https://www.querysurge.com/0534dfdf-86e2-43a2-8746-13443f4c900d
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2114989d66d95af8cdd26e29437dc39e0629668c72fe16e8ffd7957788a323da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
web-widget-8165-34c91d3.js
static.zdassets.com/web_widget/latest/classic/ Frame E5E3
663 KB
190 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-34c91d3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-34c91d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
x-amz-version-id
tYOSfzpt5WjSOWaRj9efQMLiLa0r_8B0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8SC2HF493ZDTN3YJ
age
118813
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
1eyBklf4faENSqVBIM/MWrXWKDrLgVpxoPcYfRvTiQPXrFWpum6yz3YgjW+8s7DjRm3ix7QxwXE=
last-modified
Mon, 30 Jan 2023 01:11:44 GMT
server
cloudflare
etag
W/"d519ea27f763cb6ec80aeec5b45213a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MAMfxY5RomlHJzeZ4JNx4GvPIUnB4pPy2SXlVIswdwTKvyalONhEp3f%2Fv7hzXcCV5JnU0X9mF0NkuwBQw1Pu5E7b8qi85Lo8qCbtDmzfs1IaE3WK7RhsTYCgD%2Bv3f4vj3RNbNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7933b27b5c499247-FRA
expires
Tue, 30 Jan 2024 01:11:43 GMT
web-widget-5324-34c91d3.js
static.zdassets.com/web_widget/latest/classic/ Frame E5E3
493 KB
109 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-34c91d3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-34c91d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5562e93178aa7ee1deb15cb8d45229e8efbfe2707982ada0c7ac1902e14191
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
x-amz-version-id
6AuBmSIJ32qDXiB1mw4Drv9aAUt8ZDjH
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8SC96P78A7YFSTHB
age
118813
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
IpwuR34srvQVmQJeLx0QiBXfUdR/JLNo/L1waBNNC30ARA4Yi+/KV7BselFOXXn55O8mF9dr1mY=
last-modified
Mon, 30 Jan 2023 01:11:44 GMT
server
cloudflare
etag
W/"e40ffe6686756f7ae653217693dadaac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkIszfIYQafoIa1qwITwsgH39ADPqNsBagwwm4nbX8kXWcpT%2BYS8MlX9FgBuy%2Bj9%2F8tMvw6zkKN5aa74TjWx9bHWJ2rIJJqcKodyGsYXy2UN6hosYLGAlKnykBxNgZ9M2UjJKMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7933b27b5c4c9247-FRA
expires
Tue, 30 Jan 2024 01:11:43 GMT
embeddable_blip
querysurge.zendesk.com/ Frame E5E3
0
274 B
XHR
General
Full URL
https://querysurge.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6ImRjNjQ3YjEwNzQ0OTQ2Nzg4NWJjNDhkZDA0YjgyZmVhIiwic3VpZCI6IjJjNTdlNzEwZWFlODRjNzE5ZWYzMTVmN2Y3OTA3ZWQxIiwidmVyc2lvbiI6IjM0YzkxZDMiLCJ0aW1lc3RhbXAiOiIyMDIzLTAyLTAyVDE0OjQzOjA2LjM2MloiLCJ1cmwiOiJodHRwczovL3d3dy5xdWVyeXN1cmdlLmNvbS9wYXJ0bmVyLXByb2dyYW0%2FdXRtc291cmNlPXdlbGNvbWVfdG9fUVMmdXRtX21lZGl1bT1NYWlsZXIifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c82fe813e62b58e096bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2023 14:43:06 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ejPscrsbIBxeUM%2BPB3SLlV0kgeZvSnUCz1cbbzjhdzRbP2xOeZOKiyoPFNGGQXbsdXifOV5w8YctIBw7Q9MggcqzGt8plvAL7TdJ3BZlC14YKt6mmK9kB06%2BfVKYz4jMOOP15zgBpQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7933b27cefc8909d-FRA
content-length
0
x-request-id
7933b27cefc8909d-SEA
embeddable_blip
querysurge.zendesk.com/ Frame E5E3
0
324 B
XHR
General
Full URL
https://querysurge.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29sb3IiOnsibGF1bmNoZXIiOiIjZmY2NjAwIiwibGF1bmNoZXJUZXh0IjoiI2ZmZmZmZiJ9LCJjb250YWN0Rm9ybSI6eyJzdXBwcmVzcyI6dHJ1ZX0sImhlbHBDZW50ZXIiOnsidGl0bGUiOnsiKiI6Iktub3dsZWRnZSBCYXNlIn19fX0sImJ1aWQiOiJkYzY0N2IxMDc0NDk0Njc4ODViYzQ4ZGQwNGI4MmZlYSIsInN1aWQiOiIyYzU3ZTcxMGVhZTg0YzcxOWVmMzE1ZjdmNzkwN2VkMSIsInZlcnNpb24iOiIzNGM5MWQzIiwidGltZXN0YW1wIjoiMjAyMy0wMi0wMlQxNDo0MzowNi4zNzJaIiwidXJsIjoiaHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb20vcGFydG5lci1wcm9ncmFtP3V0bXNvdXJjZT13ZWxjb21lX3RvX1FTJnV0bV9tZWRpdW09TWFpbGVyIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c82fe813e62b58e096bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2023 14:43:06 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lk1lOMIHilhWFg8qqkWnJirpVWr39k6lpfIrbNYvpYsPD93nt93lk9UFakCjQEQdFzeqyjdgxhF1AkEIk70ndaSNNyK18TDP85DCZheEP3w5JohYIRdUQQETIAKDvYcKGhCOQXXnP84%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7933b27cffd4909d-FRA
content-length
0
x-request-id
7933b27cffd4909d-SEA
de-de-json-34c91d3.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame E5E3
27 KB
7 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-34c91d3.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-34c91d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fef4c190d8296649859de74e1cc0c1f75d535f85fe2fc91c94d21991ae629c8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
x-amz-version-id
L1deZv7Wkiw201nErema9fA..LY_bDl1
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
EFKQYQ9MBC90D8PK
age
118810
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
AF1fyBdQARhztMwkLWMJOKJWRbpBmUMkO0/CJB5yPsN4/5IhEIX0/wKqrM8lOUtN37MIGJgCrg8=
last-modified
Mon, 30 Jan 2023 01:11:45 GMT
server
cloudflare
etag
W/"899ac1a429cb8c6ab010f1aad08f8b61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruATJJap1nUPCfFhJ3%2B4ETFaXHeFtqVfArrHeemp1AAiY%2FGXFaCcNWidVZ6xM8GLIABdkhNt2%2Byg9J6NLK9tleXEwBXbkcfsoqhdwA67RuitaPr2icleqocV0kpUXK3E7UjEyag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7933b27cfe629247-FRA
expires
Tue, 30 Jan 2024 01:11:44 GMT
api.js
www.google.com/recaptcha/
884 B
908 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo
Requested by
Host: www.querysurge.com
URL: https://www.querysurge.com/freeform/plugin.js?v=50b0e17fb5ede57fde2212cd669d6fa78cdaffc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4df7008cb747201f732ab52f087a6f7cc6a0bc874ccd07be050350ecab6e2784
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
588
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 14:43:06 GMT
embeddable_blip
querysurge.zendesk.com/ Frame E5E3
0
0
Fetch
General
Full URL
https://querysurge.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjExOTksImNvbmZpZ0xvYWRUaW1lIjozNTF9LCJidWlkIjoiZGM2NDdiMTA3NDQ5NDY3ODg1YmM0OGRkMDRiODJmZWEiLCJzdWlkIjoiMmM1N2U3MTBlYWU4NGM3MTllZjMxNWY3Zjc5MDdlZDEiLCJ2ZXJzaW9uIjoiMzRjOTFkMyIsInRpbWVzdGFtcCI6IjIwMjMtMDItMDJUMTQ6NDM6MDYuNDYzWiIsInVybCI6Imh0dHBzOi8vd3d3LnF1ZXJ5c3VyZ2UuY29tL3BhcnRuZXItcHJvZ3JhbT91dG1zb3VyY2U9d2VsY29tZV90b19RUyZ1dG1fbWVkaXVtPU1haWxlciJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c82fe813e62b58e096bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:06 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Feb 2023 14:43:06 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huw3ljXC%2Fu8mwaZN6qSIIx0MARDAi4ZopdCxdRUBpMpyadtfstqd0YrVPdLCBJQcJMK7VNlRc345AG1vA3tS8SkDf2xLTukb2xZfrYqE7a%2FDv8utgNmc4uwlD%2FqqRNfqlxAU%2BrapbI0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7933b27d884d909d-FRA
content-length
0
x-request-id
7933b27d884d909d-SEA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/
405 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Origin
https://www.querysurge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 11:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165279
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 01:02:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 11:09:58 GMT
anchor
www.google.com/recaptcha/api2/ Frame 94F4
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a80a19b0a97bbf66e725fca9a0904fb19890209849790dce35b180c70ef482af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KDVe7vO6yILszYvOg516qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.querysurge.com/partner-program?utmsource=welcome_to_QS&utm_medium=Mailer
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22406
content-security-policy
script-src 'report-sample' 'nonce-KDVe7vO6yILszYvOg516qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 02 Feb 2023 14:43:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 94F4
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 12:10:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 01:02:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 12:10:40 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 94F4
405 KB
161 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 11:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165279
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 01:02:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 11:09:58 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 94F4
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 15:21:21 GMT
x-content-type-options
nosniff
age
170506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 15:21:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94F4
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 13:18:51 GMT
x-content-type-options
nosniff
age
264256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 13:18:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94F4
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 13:11:58 GMT
x-content-type-options
nosniff
age
5469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 13:11:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 94F4
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9YuMUAAAAAE4AmI7NEYs4hflPnRLv1uQZ2xwo&co=aHR0cHM6Ly93d3cucXVlcnlzdXJnZS5jb206NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=gc1bgassf04c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 14:43:07 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| dataLayer object| form object| Modernizr function| $ function| jQuery object| whatInput object| scrollLock object| Foundation object| Tablesaw object| mediaQuery function| doSomething boolean| llcookieless object| formalyze boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| zEWebpackACJsonp function| zE function| zEmbed object| zESettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| lintrk boolean| _already_called_lintrk string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| gaplugins object| gaGlobal object| gaData object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT boolean| zEACLoaded function| $zopim object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_595447

17 Cookies

Domain/Path Name / Value
www.querysurge.com/ Name: CraftSessionId
Value: 7cln2hbd19akrrodfh7vjl4n5u
www.querysurge.com/ Name: CRAFT_CSRF_TOKEN
Value: 0987393ae27acbf24d47c4de1685796e32e1ea06b7c8858545ac44be2c36b7a1a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%223yV1a-8lFq0Um2q-b578hihyAt2-Crzgq0Us7VdM%22%3B%7D
.querysurge.com/ Name: _ga
Value: GA1.2.233218055.1675348986
.querysurge.com/ Name: _gid
Value: GA1.2.229467343.1675348986
.querysurge.com/ Name: _gat_UA-27662673-1
Value: 1
www.querysurge.com/ Name: ln_or
Value: eyIzNjUxNCI6ImQifQ%3D%3D
.linkedin.com/ Name: UserMatchHistory
Value: AQKOZljrJE_8SwAAAYYSlMdAtQJLxTJQJXA5hsRTOzgUMJzLxPmm_UyVAZVfBVfaKcJ87DCBGsI-bA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ1st-u7Kng_gAAAYYSlMdBcS_6GkiyKjhftUtJlvEMnUKS9JV_s3pmtv5OGNYD_mWO2LQO5qh9GctORRj0eQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&dbdbdd12-dd79-420c-8c9b-b0a93f95ae23"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2676:u=1:x=1:i=1675348985:t=1675435385:v=2:sig=AQGWjHeY8eQbbiJZR7IIdpfOZxYixNMe"
.querysurge.com/ Name: cebs
Value: 1
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202302021443050eac133f-b155-4a73-8287-fd81b86c5e2cAQEqHlHyOPla2mrM99c3-Q1VLu-L54Lh"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzUzNDg5ODU7MjswMjEuSUgtseK5BLht9z3xG2v31KfKgTKM8OK9rKXITeM53A==
.querysurge.com/ Name: cebsp
Value: 1
.querysurge.com/ Name: _ce.s
Value: v~5e6d546728924d03133b0096056dc7f16c34a369~vpv~0~v11.rlc~1675348986106

1 Console Messages

Source Level URL
Text
network error URL: https://lltrck.com/scripts/lt-v3.js?llid=11412
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cl.exct.net
ekr.zdassets.com
fonts.gstatic.com
lltrck.com
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px4.ads.linkedin.com
querysurge.zendesk.com
rttswebproperties.s3.amazonaws.com
script.crazyegg.com
snap.licdn.com
static.zdassets.com
tracking.crazyegg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.querysurge.com
104.16.53.111
104.18.70.113
13.107.42.14
13.32.27.24
157.230.67.176
2600:9000:206f:800:2:53b2:240:93a1
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:400d:803::2003
2a00:1450:400d:803::2008
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::200e
2a02:26f0:11a::217:9a4a
2a02:26f0:dc:18b::416d
2a04:4e42::485
52.213.152.139
52.216.144.196
54.236.83.233
99.86.4.55
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a9f24639a8deee497656fdfd44360d1edf608d45078945b81c1bb6ff1be7120
0eeb2c5c44b18c9bb4c63c7610123150441e036c8b9198e2784201e743637c0d
1796c5a2e211b50434afb89924c891be760c67a81304d170be5391e851fbc71f
19f8715fca988b9defc80c34e7b186b75f35779db6e6247371646104eb1f6145
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2114989d66d95af8cdd26e29437dc39e0629668c72fe16e8ffd7957788a323da
35f115e7560e45a4fb630b7dfa2d6c9d00b651b1326551d3c1b036d619a05e5f
35f939ac066aa74174d2fc4a3e3be57409e763897f51535449f9edac760d59be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f472fdce85bacb82ef49af28c1a9adc84a4a5deb20e480ebae41b050a8dd2af
3fef4c190d8296649859de74e1cc0c1f75d535f85fe2fc91c94d21991ae629c8
405bfa023e590ac8cd81ee85b1e7fc2bd6e44748145e953e1c5199e4fbb02ec0
447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7
469747b53421fca919e9f907b52723d5eb9cc02bd3bd501ce3dffebf752d3c40
4d5746e8692cf4d2fe8416d06db620bb776c3d8e5bab86c87d7ef435e188cf34
4d6b20d7f314108d26e5eb096c6dba88ad93be541a2796971ebc94c56386e591
4df7008cb747201f732ab52f087a6f7cc6a0bc874ccd07be050350ecab6e2784
4fe8c6203401c89d668918fc879613e207204942c5fa9274224cd45a97c93dc6
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5747a01abf9de1f9a6ea3eda8a558159a94d67ca92ccbf979a5f4d058541f509
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59b02b00af955bf7cf1c9d5ba0a790ab760f1d3ab3df0b2b260bc22a59139a61
5a0bdf45fbd7fe2f35c5223090b4fc7cbe0c17a6bb1d1c723f278eff3d5773f3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
68bbc0b1c604d6892834fe6c6cba49e6b57b8be37ad1d7d020b8dccfe9bbf6de
6f5562e93178aa7ee1deb15cb8d45229e8efbfe2707982ada0c7ac1902e14191
709a9da0902227901a1642c01b060f134fbffebd6424d580c76eae020cf9f36c
75e5f2d02aec8cde13ee9c80cd54aa3d3dbad37c154b539ec77b18715558a807
7691ad9983301c05fd73703b540fba1efcf9de8ab462a3eb28608a1ca0eb4f8d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
883bf09628063c9fbfdcb649ddee84961986ecabb82b681768af6d5435c12865
8b5aa970b181ed945d235a947990dbd2e833dc55fe84bc3cb52e452f2cc8a9ab
8bfa9e26e08714efba82a00416db1f758e82411e2ccb10b8993f11e968b3534a
9345373c0c7fa26de244391844ee344532ecdfa8ca9032381047dfa964c99582
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99d4b3a81d4d2406874daadee23906f4eeb3095e5229a5d3535c8e80a5784400
9a52d2bd495c6082a6ffa237c62554d7531291ad361fa8593e98ce8c6b7c2755
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a148c8e49519dad1c63a5b4f880e96c6542708b49b0ee68f2a332eb92f0061e4
a505c4c4b570d93f36c6b5a2a268f6050f1fe37ab4c0607437da53d44d4bbf58
a70cc52a4b2d09d27d82825db5fd9130a826f51a76d71035b087fb683988ca50
a80a19b0a97bbf66e725fca9a0904fb19890209849790dce35b180c70ef482af
a87c5930d6e316e365da817ada9b31ec06c9407ab8a045d7c380cb9377a126b8
acc77d953020ee0ed38f6367aa3b9559bb49472dedccfb652d37bfd8836fa2e2
af4a6d9424e18ced13b9ab3ee007ef3d54a0e23d19c21d1747e73b43465d6563
b9442da8fd9d4198cd1ee66a5256865c51b1f1a5c20906d846b067122cbff14d
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c9d9cae6ed129b03a66446d39bbade639d877a041266c69ee7312b22b7838d0c
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cd749ed28bc0207629458ae9340196cfe711c6fa17e4d06cef8fe9f51efd7496
cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f
cefbfc60cd18bbbe35f7c2c9728ddd35bab9aeed7c35e05d8ce63e6ea284fb7a
d21ad553baa697f961d35ba95eadccd899ce993cbce77a9935d7182dc855cbcc
d357d19217562c1b3092d16c09433af93fc575fd71cdd3c8529991aaad69f95c
d40f0f63bc91198b5c7ff30b80c5bf097882afc1b3978651c781ebec82e7aa5e
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e879ae2a4a3917bd9e47b24fdef9560f89304a503bafd3c67dbfe4a5ea538a8f
ece6dd3255ab60ecf081d80516af0d84bc1e5117c8b42cb39ea3cd78cb9ea261
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f