so-gr3at3.com Open in urlscan Pro
178.63.248.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://survey.quizoracle.com/
Effective URL:
https://so-gr3at3.com/go/1274244
Submission: On November 13 via api (November 13th 2024, 11:10:59 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 58 HTTP transactions. The main IP is 178.63.248.55, located in Germany and belongs to HETZNER-AS, DE. The main domain is so-gr3at3.com. The Cisco Umbrella rank of the primary domain is 205203.
TLS certificate: Issued by R10 on September 22nd 2024. Valid for: 3 months.

This is the only time so-gr3at3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3031::ac43:d502	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:a00:f:458e:2a80:93a1	() ()
8	2600:9000:275... 2600:9000:275b:1800:1b:cadc:ef40:93a1	() ()
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	104.18.166.224 104.18.166.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.16.195 184.30.16.195	() ()
3	157.90.33.68 157.90.33.68	24940 (HETZNER-AS) (HETZNER-AS)
2	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	157.90.33.122 157.90.33.122	24940 (HETZNER-AS) (HETZNER-AS)
1	18.197.18.38 18.197.18.38	16509 (AMAZON-02) (AMAZON-02)
1	172.64.145.17 172.64.145.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.63.248.55 178.63.248.55	24940 (HETZNER-AS) (HETZNER-AS)
58	19

21 2606:4700:3031::ac43:d502 (United States)

ASN13335 (CLOUDFLARENET, US)

survey.quizoracle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a00:f:458e:2a80:93a1 (United States)

ASN- ()

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:275b:1800:1b:cadc:ef40:93a1 (United States)

ASN- ()

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.166.224 (None, )

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.195 (Frankfurt am Main, Germany)

ASN- ()
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.33.68 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub1.1push.io

sdk4push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

reports.newormedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.33.122 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub3.1push.io

uidsync.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.18.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-18-38.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.145.17 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.248.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: psh8.1push.io

so-gr3at3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	quizoracle.com survey.quizoracle.com	124 KB
9	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5497 api.cmp.inmobi.com — Cisco Umbrella Rank: 19117	225 KB
5	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 3447 vtrk.doubleverify.com — Cisco Umbrella Rank: 2654	21 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 160	184 KB
3	sdk4push.com sdk4push.com — Cisco Umbrella Rank: 134016	16 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1207 api.btloader.com — Cisco Umbrella Rank: 1346	26 KB
2	uidsync.net uidsync.net — Cisco Umbrella Rank: 47216	713 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1232	1 KB
2	newormedia.com reports.newormedia.com — Cisco Umbrella Rank: 117214	573 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 628 t.pubmatic.com — Cisco Umbrella Rank: 3328	76 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2036	140 KB
1	so-gr3at3.com so-gr3at3.com — Cisco Umbrella Rank: 205203	350 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 331	1 KB
1	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 87101	310 KB
58	14

	Domain	Requested by
21	survey.quizoracle.com	survey.quizoracle.com
8	cmp.inmobi.com	cdn.thisiswaldo.com cmp.inmobi.com
4	pub.doubleverify.com	cdn.thisiswaldo.com pub.doubleverify.com
3	sdk4push.com	survey.quizoracle.com sdk4push.com
3	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
2	uidsync.net	sdk4push.com
2	api.btloader.com	btloader.com
2	ad-delivery.net	survey.quizoracle.com
2	reports.newormedia.com	cdn.thisiswaldo.com
2	cdn.confiant-integrations.net	cdn.thisiswaldo.com cdn.confiant-integrations.net
1	so-gr3at3.com	survey.quizoracle.com
1	t.pubmatic.com	ads.pubmatic.com
1	vtrk.doubleverify.com	pub.doubleverify.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	ad.doubleclick.net	survey.quizoracle.com
1	cdn.jsdelivr.net	cdn.thisiswaldo.com
1	ads.pubmatic.com	cdn.thisiswaldo.com
1	btloader.com	cdn.thisiswaldo.com
1	cdn.thisiswaldo.com	survey.quizoracle.com
58	19

This site contains no links.

Subject Issuer	Validity	Valid
quizoracle.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2024-03-10` - `2025-03-10`	a year	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
pub.doubleverify.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
confiant-integrations.net WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
btloader.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
sdk4push.com R10	`2024-10-07` - `2025-01-05`	3 months	crt.sh
reports.newormedia.com R10	`2024-10-26` - `2025-01-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
ad-delivery.net WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
api.btloader.com WR3	`2024-10-01` - `2024-12-30`	3 months	crt.sh
uidsync.net Sectigo RSA Domain Validation Secure Server CA	`2023-12-30` - `2025-01-29`	a year	crt.sh
vtrk.doubleverify.com E5	`2024-11-05` - `2025-02-03`	3 months	crt.sh
so-gr3at3.com R10	`2024-09-22` - `2024-12-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://so-gr3at3.com/go/1274244
Frame ID: 8760D8CE1BDF873325EFE4FD53B739B2
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://survey.quizoracle.com/ HTTP 307
https://survey.quizoracle.com/ Page URL
https://so-gr3at3.com/go/1274244 Page URL

Page Statistics

58
Requests

100 %
HTTPS

32 %
IPv6

14
Domains

19
Subdomains

19
IPs

4
Countries

1127 kB
Transfer

3272 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://survey.quizoracle.com/ HTTP 307
https://survey.quizoracle.com/ Page URL
https://so-gr3at3.com/go/1274244 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://survey.quizoracle.com/ HTTP 307
https://survey.quizoracle.com/

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
survey.quizoracle.com/
Redirect Chain

http://survey.quizoracle.com/
https://survey.quizoracle.com/

29 KB
5 KB

117ms
85ms

Document
text/html

2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c55dd4b66cc7a5983136ced225944d8bcd74a559a1923cfe0595e76d38bb840

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e226fdade4892b4-FRA
content-encoding: zstd
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 13 Nov 2024 23:10:45 GMT
last-modified: Thu, 07 Nov 2024 11:48:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1YBoIsHKJ452plQZO%2BGHHyK1Gvs9jlsxT%2B5cltaiPEMNJHE0K5wxmMTY2NL6zuQk%2Fnij9pgToazd%2BH0NKwV5w%2FO%2FjQ4WuLpNDDCPHjBKZkPYujl6p4KWTnDPZQuA4BSupCM8hw6Vo%2FGnoHwKYFYBz2pBkQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=6038&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3947&recv_bytes=2293&delivery_rate=642185&cwnd=254&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=91&x=0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

Location: https://survey.quizoracle.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 core.css
survey.quizoracle.com/ 3 KB
2 KB 23ms
21ms Stylesheet
text/css 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.quizoracle.com/core.css

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d81da2c036d2cf292d90bdbd51407f2910f06fdeab69ac2fb6793cf3b60f570b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 88041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vj7Vy0THjhPBetW68oZdtMn87YnYBC4JciAwF4%2FfSPsLqCGi2TUWwp4ZflgZWiAQp%2BZ%2B69r0oLDJUdtv%2B0H%2F4pRi9u%2FkCUdwKRcvAP%2BG58nfqZyyLiQoWsITOxQwjlh%2FQNAwM3rDXZVrTN94z8wGM6SEeSI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 19:15:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6244&sent=42&recv=25&lost=0&retrans=0&sent_bytes=24187&recv_bytes=2630&delivery_rate=1591166&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=124&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Aug 2023 12:57:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdb7e8f92b4-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 survey.css
survey.quizoracle.com/ 66 KB
11 KB 20ms
18ms Stylesheet
text/css 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.quizoracle.com/survey.css

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d387924bc09c48a8818ec9e419521c90c21fe89494461994d857a671d14b0737

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 88041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOJAWngVlvwxfwdKts2iskDeDMxYqAc9tlmhMo%2FXhCjHIKjSSYKwdfZhz8LV1gdJPcFfmTS9EJncbPmwiNsEwEkzLLh%2Fa49pd2cAdKe%2BBBAdVhjuWe6QobIFrTBDzW5%2FMbrV2s4bi3VM96m9oznpxqQ6Ico%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 10:28:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6244&sent=25&recv=25&lost=0&retrans=0&sent_bytes=10857&recv_bytes=2630&delivery_rate=1591166&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=123&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Aug 2023 13:46:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdb7e9192b4-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 10869.js Show response
cdn.thisiswaldo.com/static/js/ 310 KB
310 KB 448ms
369ms Script
text/javascript 2600:9000:2156:a00:f:458e:2a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/10869.js

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a00:f:458e:2a80:93a1 , United States, ASN (),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

ff80c98d5da8f52ac8b257bf3f1fffe556f29c0a44522a7919c06695d71ad0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public
x-content-type-options: nosniff
x-generator: Drupal 10 (https://www.drupal.org)
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
expires: Thu, 14 Nov 2024 23:10:45 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: MiFOJ_CQM0CibsOpmBgqa2fA6wztrdzqu0E3a4f0uowiLwDlt1thnQ==
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: text/javascript; charset=UTF-8
content-language: en
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN

GET
H2 200 icon-survey.svg
survey.quizoracle.com/ 3 KB
1 KB 20ms
20ms Image
image/svg+xml 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/icon-survey.svg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a35df0cc8723374ad7b9b6a99e7b07b23a32783d0ae1897fbf8dbc6e6ffe11d6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 88041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWG2%2B1jSWh9RkAGQthKiauf9acqNYJgJJtumIboNOWO08GlqzGw5Vc1m6EhDTZLiz3NTe7TY5ybHsrruiY3ql7B%2FGOEMPclP1oGvtDYGB10M78rb%2B7sL2YTq1nUdNb9z3TX0A%2BawJ1nyPBbwFGnRxChJYEg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 02 Jan 2025 19:15:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6244&sent=39&recv=25&lost=0&retrans=0&sent_bytes=22857&recv_bytes=2630&delivery_rate=1591166&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=124&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdb7e9392b4-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 unnamed.jpg
survey.quizoracle.com/ 1 KB
2 KB 18ms
17ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/unnamed.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNqr2Tc8gVOsn1ORK9fuBieHx6LMAcGmXwTZvPNsZ6k9%2BCu8HopZ%2B%2BGToNNxCyyDIVmxSaEIB9IkQbQ%2Fpk3gSJYbMjiB7WCgKbkwfJ8Vvi0BMd%2FlfI%2FByhVnckkAzOdO9JBKlXGA1giKIKJnVwHHvvXoN4M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6244&sent=21&recv=25&lost=0&retrans=0&sent_bytes=8864&recv_bytes=2630&delivery_rate=1591166&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=123&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdb7e9492b4-FRA
accept-ranges: bytes
content-length: 1378
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-1.png
survey.quizoracle.com/ 6 KB
7 KB 16ms
16ms Image
image/png 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-1.png

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYU5dC8sP%2BiAqwlZpU95Qc%2F61cTKPmCupcpox0UZSTxejRObjAC1%2BsoNIi6gpnFOCfNbCQbBcdg0%2FtxKmcbPZVu42zJIxyYZpSN4xlfi4NShAQZDTdUvQSenCLuryslp31gb%2BorTnVpP9S4kBVeHR6zC5xU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6869&sent=46&recv=33&lost=0&retrans=0&sent_bytes=26038&recv_bytes=2749&delivery_rate=3470123&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=156&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/png
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdbaea292b4-FRA
accept-ranges: bytes
content-length: 6577
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-14.jpg
survey.quizoracle.com/ 5 KB
6 KB 16ms
16ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-14.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiooKv3th5zePNGZvNq%2BtXh0%2BG16nabjlVlBJwUogLZOIr0RXBJVzcLZsT4RE%2FdaFQdQddD14zjdL3lnv8p4PqP22NnvQ95IFS%2FkwaZusOuanVachdjIEjj1b9QluUpt5mxHVnzWCT2hqP3PkvQ7U3a34xc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6869&sent=54&recv=33&lost=0&retrans=0&sent_bytes=33236&recv_bytes=2749&delivery_rate=3470123&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=157&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdbaea392b4-FRA
accept-ranges: bytes
content-length: 5392
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-2.png
survey.quizoracle.com/ 6 KB
7 KB 20ms
20ms Image
image/png 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-2.png

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzO7aiu6Gk4Zk1VyUz23ey4UqQHuwreTGm1Jj4ZwctAXVzi43G8gLkQL8ClPkvgkcRofKZiOesPeHCjFY0IdoDbg6sNS1oHr30m%2BxJRlbhIKkRdHhN5n%2F1CT8w0Yl%2BMWB7ZVw%2BhSZ1TpjDDKGmbaqWD1eR0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6514&sent=92&recv=41&lost=0&retrans=0&sent_bytes=70660&recv_bytes=2880&delivery_rate=3470123&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=178&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/png
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdbceb392b4-FRA
accept-ranges: bytes
content-length: 6428
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-4.jpeg
survey.quizoracle.com/ 3 KB
3 KB 17ms
17ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-4.jpeg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvRJPrjPOAvkZw2L7660lzrIZLV86BzY%2Ff6pCH2pSukDsXOT%2Fqu9B9c12jsTgT2VgQA6h0C8TaWaup4iZ522PC3nU3vz1zeXO1526m%2FkCBErLK%2BisxdLi1XGrpUbr%2Bbsqq17Ad28ZIXNl5hbC%2FKcd1KmwJA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 02 Jan 2025 19:15:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6718&sent=103&recv=56&lost=0&retrans=0&sent_bytes=79117&recv_bytes=2997&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=216&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdc0ed392b4-FRA
accept-ranges: bytes
content-length: 2709
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-5.jpg
survey.quizoracle.com/ 4 KB
5 KB 18ms
18ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-5.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inO9UBjULmVujcm4JdjSfOhOnPwwIE4z9Z%2FZJKHgUF82dqrYAODOaQWbh%2Bhe9uXEecBq414CT5TQaRgoQhky%2FZrlfv8VjRB1JoHcp1AJY0shQy%2BqfC2%2Fm%2F2Zf2a7ygttwSycwTMb9JioLoJfJ9wXbHqt69o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6836&sent=108&recv=59&lost=0&retrans=0&sent_bytes=82375&recv_bytes=3056&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=235&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdc2ef192b4-FRA
accept-ranges: bytes
content-length: 4333
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-6.jpg
survey.quizoracle.com/ 4 KB
5 KB 17ms
16ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-6.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698d413ddf6b2ec37acf0e982237d239bd912cb097e243cb355855ac2b8548d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujRXMYU%2BtGi3uz9OxEjlgkFqAPnSHvvnDIKBdnlUemUSIGxOGz2f4QgTiUET6oyVG1fW82OTTwh2zFYeGW8IlWZG0iIX%2FVTbuOkzTL1N2EQVibgBfUA4v3oKCnBIYu88T87ANhOKVS6wpTG8mioxs%2Bfnubg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6618&sent=115&recv=63&lost=0&retrans=0&sent_bytes=87353&recv_bytes=3115&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=253&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdc4f0a92b4-FRA
accept-ranges: bytes
content-length: 4392
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-8.jpg
survey.quizoracle.com/ 6 KB
6 KB 16ms
16ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-8.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64588485da7d470991fdba6c20a6d05c7ad39f92cca72769a95cbe3d873e8edc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGRnHL%2F%2Bh6U4OOmD60gyNnZGsEmDE1Sud1LiILWu09DX80LVNUdtQ2zmbB68OQfPxRmHyN%2BmpZCBRW69Rqg4MRkf8Fd%2B1eXutJbmrNGtKRDc%2FV%2FLDcn8F7UTGpFmXbUfxlIdUpccnDGPYl2pEa76osg%2BAqA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6677&sent=122&recv=67&lost=0&retrans=0&sent_bytes=92291&recv_bytes=3174&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=270&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdc6f1292b4-FRA
accept-ranges: bytes
content-length: 5748
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-3.png
survey.quizoracle.com/ 7 KB
8 KB 16ms
16ms Image
image/png 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-3.png

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yjC9EGZbG34gGh8Lmh22h7DozUgD28%2FkV8PuyXrUwcKX7PjRw5wQni6Ta07OgAissRWb%2FeVLeVTUuU2UrHpNkXbpblWtTl2YJiu2xGG1IQ8A%2BNsJ1p%2BvM%2BDOAE7aUQXdeyfTu8ojiRnwdS4Is2sG9U3NrtM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6662&sent=130&recv=72&lost=0&retrans=0&sent_bytes=98578&recv_bytes=3233&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=289&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/png
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdc7f1c92b4-FRA
accept-ranges: bytes
content-length: 7368
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-9.jpg
survey.quizoracle.com/ 5 KB
6 KB 18ms
17ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-9.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf1b8dcdce4e9b76157ce90e086ebafb100063eaeb091e97087d97f5d0fb50b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9n82CBC2pjaF7m4NNdf2pgwAT4%2FWvkKslcdAogaMo52%2F7%2F%2F1udkKZ9XVSviU6%2Fu%2FkxEH5uFfzFlF%2FGXZO8c%2FIogNfxszxCVi9zlxMZ3qd3hN1mxp578HGklWRHoZ%2FyMWhqLA8QmUhcTQdN77XNk9RELT2JY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6800&sent=139&recv=77&lost=0&retrans=0&sent_bytes=106701&recv_bytes=3292&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=307&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdc9f2f92b4-FRA
accept-ranges: bytes
content-length: 5190
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-10.jpg
survey.quizoracle.com/ 6 KB
7 KB 51ms
51ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-10.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6i9tMbGRvy91fLqbIuLcsYs03B4i2lUp5s4EU0Vn0rgiX4qM6ufcPFxTkSI3aRLOr7VO8t3FLDuxvPgJ44xnKs9Op1JtRHvfWswK3%2BdlbRxug4WT9bAmlhPnGhgTEhBMZ0BGUtI%2FY6436fOK4rYH1j8vvA8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Jan 2025 23:10:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6917&sent=147&recv=81&lost=0&retrans=0&sent_bytes=112446&recv_bytes=3351&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=360&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdcbf3692b4-FRA
accept-ranges: bytes
content-length: 6178
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-11.jpeg
survey.quizoracle.com/ 4 KB
5 KB 15ms
15ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-11.jpeg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKs7EpFziZJ%2B%2FmcK8AYhf8VWUh3R1FfOS3hLsA5E%2Fu8WSpCbToMmpypvoap7DuVFoJGwCPUNV0K9bm89EFa%2Fiy8A4H4gKbFn8gZly2WKgjjw4qQDK9iqWh4gLa6Kz%2Fcm9zaA0Upph0uaxR6GWTTKcwde%2Byw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6984&sent=155&recv=85&lost=0&retrans=0&sent_bytes=119237&recv_bytes=3411&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=378&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdd0f6592b4-FRA
accept-ranges: bytes
content-length: 4175
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-12.jpeg
survey.quizoracle.com/ 3 KB
4 KB 20ms
19ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-12.jpeg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LO9259qwKTFMrPWuKkSDCwwRe%2BrpNjmLsGVP1KYxj%2FfSR%2FNsOfRgg6raRpNPX7CC%2B%2FinoUy2LO1E6OIJIWDfJvonUIabsF%2Fx0A3SIGm5F%2F%2Bc8rGaNR5m%2Fx5PJrAXvXdN4X9GZOQTXSHGsnwfXhBudcD7a2c%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6773&sent=161&recv=89&lost=0&retrans=0&sent_bytes=123949&recv_bytes=3471&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=400&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdd2f7292b4-FRA
accept-ranges: bytes
content-length: 3519
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 person-13.jpg
survey.quizoracle.com/ 3 KB
4 KB 16ms
16ms Image
image/jpeg 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.quizoracle.com/person-13.jpg

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f30b8552d0ab928d895390b337a0049405f3b1e8446631e606ba787e1205e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkDz1XS6B46cQIicUMNfhMuIfFu9mKf1vXAsLVs1x%2F%2FdqIuS7hKkzYynX1MgfaMjQMXFYQPSUGUTx7XtLKVWaJONAZOjxyepoXUPWs4FecWFZHYvnBxfSKDDSEAJSa6ZbvDhomBJuOrXzWTkPdhAc46hdDM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Jan 2025 16:45:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6795&sent=166&recv=92&lost=0&retrans=0&sent_bytes=127991&recv_bytes=3531&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=416&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: image/jpeg
last-modified: Thu, 03 Aug 2023 13:10:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdd4f8592b4-FRA
accept-ranges: bytes
content-length: 3172
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 jquery.js Show response
survey.quizoracle.com/ 85 KB
30 KB 18ms
18ms Script
application/javascript 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.quizoracle.com/jquery.js

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yyzOBUxWojd9zzRTTcAXKYekdZBJYJay8ShQFaeTfBLndkdrrkgIjNbuR5qoCoJajsUalUk36F8PyDcEo%2BSg6PRZbg9AHAyux7thY5FuiNeRjwlTHdcV2LVQlQAoSCGFW1clw4xCAycLpnILcagyublp2%2Bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 07:18:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6514&sent=63&recv=41&lost=0&retrans=0&sent_bytes=39315&recv_bytes=2880&delivery_rate=3470123&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=176&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Aug 2023 15:17:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdbceb492b4-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 main.js Show response
survey.quizoracle.com/ 2 KB
1 KB 18ms
16ms Script
application/javascript 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.quizoracle.com/main.js

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f963ba524a68297aa10ec6b7128ea720e4af8ae0f7d7b5ef352a3a26d642dec0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 88040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bv50AFumt%2B9AbzQZ2rX7WYN9AYLFoPX34ZVW0NuZsiVN95QqCKa%2Fte8s62NPeSmcRSJFYcDTwhHHlSE9ufLHbLljtWZ0OxlsfO5deIPClWEoyq%2BBW80Ics3IF2%2FBTHWBc%2FXw%2BEEg3LUW0zSM2hqVXILQF5o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 19:15:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6369&sent=100&recv=54&lost=0&retrans=0&sent_bytes=77622&recv_bytes=2935&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=197&x=0"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 07 Aug 2023 15:17:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fdbeec392b4-FRA
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/fTfJtcPmQDwZG/survey.quizoracle.com/ 3 KB
2 KB 104ms
51ms Script
application/javascript 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/fTfJtcPmQDwZG/survey.quizoracle.com/choice.js?tag_version=V3
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de2eaa6c889400061e8927bebbd6d7a6c41f11d00cd09ede0c01d23af31cd187

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control: max-age=900
content-encoding: br
etag: W/"8e615669f5a628f76a6f311d4e90ab28"
cross-origin-resource-policy: cross-origin
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 0qC12P2hBvw3bPr3wabqqqneiHSVCZPnm1LAk2I5KJu2G07AQMGXIg==
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 19:21:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
32 KB 52ms
21ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1251d242662e19bfbeba29346121b44a9a6c336d80b0330663361c8c1f848cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 796 / 20040 / 31088885 / config-hash: 13882964719308623871
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 23:10:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33219
x-xss-protection: 0
server: cafe

GET
H3 200 pub.js Show response
pub.doubleverify.com/dvtag/27568946/DV1462093/ 64 KB
20 KB 63ms
30ms Script
text/javascript 104.18.166.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/27568946/DV1462093/pub.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.166.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dacf2b10a123ea70335bb2365bfd78e2d53e2f9e1634fbc8ba568534a15c0aff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
access-control-expose-headers: Server-Timing, Cf-Ray
access-control-allow-credentials: true
cf-ray: 8e226fe13be2d2be-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 147 KB
32 KB 41ms
19ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e5514c7a7481c094fe5ad8dabf787e4f269790569d8cc125989b6df6ff3b51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "9f02a78d6abeb1ea6a44ce07a05f298d"
age: 316
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: text/javascript
last-modified: Wed, 13 Nov 2024 22:51:11 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: gV5m8n7629b63tOsneKA3xejmY9oHi1d7r/wWODk/QuJxhmfVjUdiF/LeHYCvvSX8vtT8MuGCQEA4ZetJdc5EOqy6qdGnyHX
cache-control: public, max-age=900, stale-while-revalidate=3600
x-amz-request-id: ZYD6Z1WA3Y5F36J1
cf-ray: 8e226fe12b0318c7-FRA
accept-ranges: bytes
content-length: 32062
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 tag Show response
btloader.com/ 83 KB
26 KB 46ms
19ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5665063362887680&upapi=true
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642574900260f93c845d151a14b9301de5357c14e077dc7110739235da80c4af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "f994175af7829507c2a5bfefa23a022e"
age: 128
via: 1.1 google
cf-ray: 8e226fe13d1630c4-FRA
accept-ranges: bytes
content-length: 26184
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: application/javascript
last-modified: Wed, 13 Nov 2024 23:05:10 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 226 KB
75 KB 60ms
17ms Script
application/javascript 184.30.16.195

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0af3dcbf2695e8b9ac3117f4a698bbb06121901b1d06e7a6377fa87d02d0d29e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=29991
content-encoding: gzip
expires: Thu, 14 Nov 2024 07:30:36 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 76767
date: Wed, 13 Nov 2024 23:10:45 GMT
last-modified: Sat, 29 Apr 2023 01:08:05 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sdk.js Show response
sdk4push.com/f/ 53 KB
15 KB 37ms
10ms Script
application/javascript 157.90.33.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk4push.com/f/sdk.js?z=1274241
Requested by: Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.68 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub1.1push.io
Software: Angie /
Resource Hash: f3d7f4e228e094cb0bfa58d89b651b879602807366787d4ba3b9af0b357af34c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
content-length: 14985
content-encoding: gzip
date: Wed, 13 Nov 2024 23:10:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: Angie

OPTIONS
H/1.1 204
No Content track_impression
reports.newormedia.com/ 0
0 327ms
109ms Preflight 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://reports.newormedia.com/track_impression

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://survey.quizoracle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://survey.quizoracle.com
Access-Control-Max-Age: 1000
Cache-Control: no-cache, private
Connection: Keep-Alive
Date: Wed, 13 Nov 2024 23:10:46 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.41 (Ubuntu)
Vary: Origin,Access-Control-Request-Method
X-Content-Type-Options: nosniff

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 41ms
10ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241114

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b67c789430a34ef43ddf63e9f621575f2462c3fbc96eb27ad4efbac05ab8f161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"63e-UDHgaCAfFuiGsSmc/pDTzauEB3U"
age: 25795
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230039-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 856
x-jsd-version: 1.0.2239

POST
H/1.1 201
Created track_impression Show response
reports.newormedia.com/ 16 B
573 B 134ms
132ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://reports.newormedia.com/track_impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10869.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer

Response headers

Transfer-Encoding: chunked
Cache-Control: must-revalidate, no-cache, private
Connection: Keep-Alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Generator: Drupal 10 (https://www.drupal.org)
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Access-Control-Allow-Origin: https://survey.quizoracle.com
Keep-Alive: timeout=5, max=99
Date: Wed, 13 Nov 2024 23:10:46 GMT
Content-language: en
Vary: Origin
Server: Apache/2.4.41 (Ubuntu)
Content-Type: application/json
X-Frame-Options: SAMEORIGIN

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/ 489 KB
152 KB 8ms
7ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411110102/pubads_impl.js?cb=31088885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f57fc8287a3cd71b1434c298f33cc8d1b4c5cf7bc5b396f19ef636b12c7db35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 13412890727867976863
age: 41982
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 11:31:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 13 Nov 2024 11:31:04 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155146
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 405 B
193 B 26ms
24ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=survey.quizoracle.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

eed17113509c017416d8bbdd7efc59107f6d318a5981fba5142bc7257ae44996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 23:10:46 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 168
date: Wed, 13 Nov 2024 23:10:46 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
1 KB 116ms
16ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1031108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tsFzbI%2BoTpsxu6tdVjzxX3MsugYfy5hEl%2BR6fHmuoc2%2FeeUidGjyCpTsI%2F8xQiEhmZbXUdM0OTrdMSAVL9lP7eQYd5QWjlaciKQhqxLkHgKfxcS%2F2y5nBKDxv0j%2B9Z8L%2FQIvTtnTm4zKGdCkVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Sat, 02 Nov 2024 01:21:58 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=6442&sent=7&recv=14&lost=0&retrans=0&sent_bytes=3995&recv_bytes=2309&delivery_rate=548491&cwnd=252&unsent_bytes=0&cid=049bdee28f7c02da&ts=92&x=0"
x-goog-stored-content-length: 43
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2L9qXq_rDmTix2LeWeC79koU-ruSeBvCnublDlZRy2OunCnQETn2DHpUFNqkJei0j8xB0
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8e226fe24a56bb37-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 105ms
7ms Image
image/x-icon 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 39058
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 12:19:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 12:19:48 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
469 B 116ms
17ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.718050178522579
Requested by: Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1031108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9vt6TgKfxOwtKFRF3ix3nSakzMYJwWtiqDoJPrR7JDvLvEpc%2BmZkTLu5%2FNBM6YmsK3i9gOrFQzJh2qfAHK9vSk5VDNgsse9tpiWw7NTzvn7cBd%2FNwBGm473lMEAgtvfeW8ycnXnKnDCUA8nTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Sat, 02 Nov 2024 01:21:58 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=6442&sent=10&recv=14&lost=0&retrans=0&sent_bytes=5120&recv_bytes=2309&delivery_rate=548491&cwnd=252&unsent_bytes=0&cid=049bdee28f7c02da&ts=92&x=0"
x-goog-stored-content-length: 43
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2L9qXq_rDmTix2LeWeC79koU-ruSeBvCnublDlZRy2OunCnQETn2DHpUFNqkJei0j8xB0
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8e226fe24a57bb37-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202410301053/ 301 KB
108 KB 17ms
17ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202410301053/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "d0b0bc4f725f8e2c71589dc3208c484d"
age: 681418
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 30 Oct 2024 14:54:35 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: 0ZbTaGf6AsGVX8vpp3yxEHcaXMTxS0xprwVbwh5fruv2xluKjH+argLPwfY4opFpSLb+pesyzDLYPZHaLACpwz6qlac3Dgl2
cache-control: public, max-age=31536000
x-amz-request-id: XM8WF665WT4EGXNA
cf-ray: 8e226fe1ab4918c7-FRA
accept-ranges: bytes
content-length: 110098
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 event
sdk4push.com/ 0
531 B 10ms
7ms Ping
text/plain 157.90.33.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk4push.com/event?z=1274241
Requested by: Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1274241
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.68 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub1.1push.io
Software: Angie /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin: https://survey.quizoracle.com
content-length: 0
date: Wed, 13 Nov 2024 23:10:46 GMT
server: Angie
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/ids/ 13 B
275 B 77ms
76ms Fetch
application/json 104.18.166.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=27568946&cmp=DV1462093&url=https%3A%2F%2Fsurvey.quizoracle.com&ids=1&token=XTDXnaMTM9qwnUTrnEM2w92gTth6I8gTrA6sQPuu2%2BkZRkv8g6c2FglCM6vhTKfjv5tMotIcDKlVUT9cTw9XezdcRSIJhkYvbeVt1EZtH%2F90eRWItH2ppxbIIJeHgRsT37ujXQ11B1lo61xAd7v%2FhTU%3D

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/dvtag/27568946/DV1462093/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.166.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a9c1dec1a24dd650f7b3b74a5c8ab1f6b68b653deef124accbde1c8a24abf0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
cache-control: private, max-age=900
access-control-expose-headers: Server-Timing, Cf-Ray
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8e226fe1ccfed25d-FRA
access-control-allow-origin: https://survey.quizoracle.com
alt-svc: h3=":443"; ma=86400
content-length: 13
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json
vary: origin, x-forwarded-for, user-agent, Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/bsc/ 64 B
331 B 31ms
30ms Fetch
application/json 104.18.166.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=27568946&cmp=DV1462093&url=https%3A%2F%2Fsurvey.quizoracle.com&bsc=1&token=XTDXnaMTM9qwnUTrnEM2w92gTth6I8gTrA6sQPuu2%2BkZRkv8g6c2FglCM6vhTKfjv5tMotIcDKlVUT9cTw9XezdcRSIJhkYvbeVt1EZtH%2F90eRWItH2ppxbIIJeHgRsT37ujXQ11B1lo61xAd7v%2FhTU%3D

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/dvtag/27568946/DV1462093/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.166.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b25bba409082158604d0fcc83f07c89f3e1c24ce88e6fb638aa6773c8f19f84b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=14400
timing-allow-origin: *
content-encoding: br
access-control-expose-headers: Server-Timing, Cf-Ray
access-control-allow-credentials: true
cf-ray: 8e226fe1cd01d25d-FRA
access-control-allow-origin: https://survey.quizoracle.com
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json
vary: origin, Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
47 KB 9ms
7ms Script
text/javascript 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=survey.quizoracle.com
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/fTfJtcPmQDwZG/survey.quizoracle.com/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: W/"db6c513b7a9d1bf38b36047c185655a2"
age: 74351
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-meta-qc-ineu: True
x-cache: Hit from cloudfront
x-amz-cf-id: H22m_I7uy3Gt9gDOtHwwkw6f7qeqJh2AICZJJt4XMTQf_KMQhx9eFg==
date: Wed, 13 Nov 2024 02:31:36 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
cache-control: max-age=172800
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/vlp/ 109 B
320 B 48ms
48ms Fetch
application/json 104.18.166.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/vlp/pub.json?ctx=27568946&cmp=DV1462093&url=https%3A%2F%2Fsurvey.quizoracle.com&vlp=1&tvp=1&slot-0-%2F124067137%2C22515025358%2Fquizoracle728x90FS_2=728x90&slot-1-%2F124067137%2C22515025358%2Fquizoracle300x250FL_1=1x1&token=XTDXnaMTM9qwnUTrnEM2w92gTth6I8gTrA6sQPuu2%2BkZRkv8g6c2FglCM6vhTKfjv5tMotIcDKlVUT9cTw9XezdcRSIJhkYvbeVt1EZtH%2F90eRWItH2ppxbIIJeHgRsT37ujXQ11B1lo61xAd7v%2FhTU%3D

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/dvtag/27568946/DV1462093/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.166.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65af40ec5fc59a1ded1cfeb4f0a9b071f150ba2cee2aaeeae97968933838f98f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
cache-control: public, max-age=7421
timing-allow-origin: *
content-encoding: br
access-control-expose-headers: Server-Timing, Cf-Ray
access-control-allow-credentials: true
cf-ray: 8e226fe22d6ad25d-FRA
access-control-allow-origin: https://survey.quizoracle.com
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json
vary: origin, Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
323 B 22ms
8ms XHR
application/json 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=survey.quizoracle.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-expose-headers: *
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: NTQC7jfNImRr3aI_wheWnJ71MGEedyg8D01lhYpY-tqGjGdMaB9eZw==
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 146ms
119ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5665063362887680
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5665063362887680&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json
vary: Origin

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 20 KB
4 KB 9ms
8ms XHR
application/json 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=survey.quizoracle.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69f1af22af8e44222a678a83372b852d1b93810614c08c5105a4c2fe5f549fa3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"b81347ef446ccff2cae50ed49b7871ac"
age: 72603
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: ajAcCnBVEU8DGe--NIMuNdwPUQtIwd3acdOB1diYuTejcrbwaPlyRg==
date: Wed, 13 Nov 2024 03:00:44 GMT
content-type: application/json
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Wed, 13 Nov 2024 03:00:42 GMT
cache-control: max-age=172800
access-control-allow-credentials: true
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 404 favicon.ico
survey.quizoracle.com/ 315 B
753 B 48ms
47ms Other
text/html 2606:4700:3031::ac43:d502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.quizoracle.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:d502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwXrZatpTL3Pmdn9E2EHZbkckxqRbZ1wy4vji53APi67De5kQio2WlMGIZuXGWzZjimDwvK7GY0mydUpnBy08vONIvpGgkKnw5HXJwoc0m4P6kAK2E4ucVbJu9eyjGujp4wuxtkAcxUP6tWtVMIlxLP0YWE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12010&sent=172&recv=96&lost=0&retrans=0&sent_bytes=131889&recv_bytes=3662&delivery_rate=5803482&cwnd=257&unsent_bytes=0&cid=a87cf11f25a4c9e3&ts=1353&x=0"
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e226fe2fa1f92b4-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sync Show response
uidsync.net/ 62 B
713 B 21ms
7ms Fetch
application/json 157.90.33.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=I07PpZ3knnKauU7B3Tj9MG
Requested by: Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1274241
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.122 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub3.1push.io
Software: Angie /
Resource Hash: 0ab5390541f9a9429057224aa1f35128133e7327220900cf9bf56ba2829925ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin: https://survey.quizoracle.com
content-length: 62
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json; charset=utf-8
server: Angie
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

OPTIONS
H2 204 sync
uidsync.net/ 0
0 33ms
6ms Preflight 157.90.33.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=I07PpZ3knnKauU7B3Tj9MG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.122 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub3.1push.io
Software: Angie /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://survey.quizoracle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://survey.quizoracle.com
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date: Wed, 13 Nov 2024 23:10:46 GMT
expires: Tue, 11 Jan 1994 00:00:00 GMT
pragma: no-cache
server: Angie

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/53/ 296 KB
72 KB 8ms
8ms Script
application/javascript 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=survey.quizoracle.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d36878275fdebcd10c4e7b031c09a5e76999afea375eff8688bc6622b0b349b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"ab9573d6ab1dc3230983376fffe35e48"
age: 273
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: izMZ3AWshCpGG5dHup-Kdwo1RUl45qqSIns5TuI5Jw98Q2aKl_UFLg==
date: Wed, 13 Nov 2024 23:06:13 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Aug 2024 08:13:00 GMT
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 607 KB
68 KB 8ms
8ms XHR
application/json 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=survey.quizoracle.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39e8daed58dc5228196591c1c5687619aa2745a1c0b3805bd96ea3f08473e96e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"7ff8fe0d671401c044cb6163ef00b1ce"
age: 74910
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: iqf6nleS38NhlcTiQulmNHFhbkoPq9kfrSOyutsw30wyQQTVSUbCmg==
date: Wed, 13 Nov 2024 02:22:17 GMT
content-type: application/json
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 07 Nov 2024 23:59:16 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 140 KB
33 KB 16ms
15ms XHR
application/json 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=survey.quizoracle.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de8a74a0dc1628de13229ad1c6b91f017bea67e449e62294a31a4e830c7bf5b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"435863264ebe1e7a868128113388e07b"
age: 72621
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: jizJRvKD8L7h1WsKB4cbFSg1EJKnk-HNNzftyXpMT-anrB2MMXCz8A==
date: Wed, 13 Nov 2024 03:00:26 GMT
content-type: application/json
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Wed, 13 Nov 2024 03:00:24 GMT
cache-control: max-age=172800
access-control-allow-credentials: true
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 121ms
120ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=wMMrurkuhG&w=5093420371017728&o=5665063362887680&cv=2.1.63&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fsurvey.quizoracle.com%2F&sid=tU7aY7lXaw&pm=false&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5665063362887680&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 23:10:46 GMT
vary: Origin

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 58ms
8ms XHR
text/plain 18.197.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22survey.quizoracle.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22H4fDOwadDckydfm5SZMdvQ%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1731539446316%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-m9yve88r65gl4x9c94oh%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.197.18.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-18-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-allow-origin: *
content-length: 2
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
322 B 8ms
8ms XHR
application/json 2600:9000:275b:1800:1b:cadc:ef40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:1800:1b:cadc:ef40:93a1 , United States, ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-expose-headers: *
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 39
x-amz-cf-id: M7EcSDQsccdDmt5k7oV-nnDDXkwV7q47eRlDqdmGNVRBJq8dwg0Ptw==
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7
server: CloudFront

POST
H3 204 /
vtrk.doubleverify.com/ 0
182 B 62ms
19ms Ping
text/plain 172.64.145.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?ec=dvtag&ea=ad-request&ctx=27568946&cmp=DV1462093&cd111=success&cm106=0&cm107=1&cd112=modern&cd102=9818fbb&cd103=&cd107=4ea827e4-c12c-43b5-9d85-06b9b993edf3&cd109=modern&cd108=&cd105=27568946&cd106=DV1462093&cd104=survey.quizoracle.com&cd101=ad-request&cm101=1&cid=b7e6e967-e1d8-49be-a3e6-2b070f148449&t=event&v=1&z=b7e6e967-e1d8-49be-a3e6-2b070f148449&cd160=b7e6e967-e1d8-49be-a3e6-2b070f148449
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/dvtag/27568946/DV1462093/pub.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.145.17 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
cf-ray: 8e226fe4d91ddc82-FRA
access-control-allow-origin: https://survey.quizoracle.com
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 23:10:46 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
186 B 66ms
13ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=160082
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://survey.quizoracle.com
content-length: 17
date: Wed, 13 Nov 2024 23:10:46 GMT
content-type: text/plain; charset=utf-8

POST
H2 200 event
sdk4push.com/ 0
532 B 22ms
8ms Ping
text/plain 157.90.33.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk4push.com/event?z=1274241
Requested by: Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1274241
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.68 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub1.1push.io
Software: Angie /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin: https://survey.quizoracle.com
content-length: 0
date: Wed, 13 Nov 2024 23:10:47 GMT
server: Angie
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

GET
H2 200 Primary Request 1274244 Show response
so-gr3at3.com/go/ 31 B
350 B 29ms
8ms Document
text/html 178.63.248.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://so-gr3at3.com/go/1274244
Requested by: Host: survey.quizoracle.com
URL: https://survey.quizoracle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.248.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: psh8.1push.io
Software: Angie /
Resource Hash: f91b1662285405dce2af5446855f3c6c4aea3ddd4fe238e7ef97c362afbe3ca2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-length: 31
content-type: text/html; charset=utf-8
date: Wed, 13 Nov 2024 23:10:47 GMT
server: Angie

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://survey.quizoracle.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
api.cmp.inmobi.com
btloader.com
cdn.confiant-integrations.net
cdn.jsdelivr.net
cdn.thisiswaldo.com
cmp.inmobi.com
pub.doubleverify.com
reports.newormedia.com
sdk4push.com
securepubads.g.doubleclick.net
so-gr3at3.com
survey.quizoracle.com
t.pubmatic.com
uidsync.net
vtrk.doubleverify.com
104.18.166.224
130.211.23.194
142.250.186.130
157.90.33.122
157.90.33.68
172.217.16.198
172.64.144.166
172.64.145.17
178.63.248.55
18.197.18.38
184.30.16.195
185.64.189.226
2600:9000:2156:a00:f:458e:2a80:93a1
2600:9000:275b:1800:1b:cadc:ef40:93a1
2606:4700:10::ac43:293c
2606:4700:20::ac43:4513
2606:4700:3031::ac43:d502
2a04:4e42:200::485
52.15.219.226
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0ab5390541f9a9429057224aa1f35128133e7327220900cf9bf56ba2829925ac
0af3dcbf2695e8b9ac3117f4a698bbb06121901b1d06e7a6377fa87d02d0d29e
0c55dd4b66cc7a5983136ced225944d8bcd74a559a1923cfe0595e76d38bb840
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
1251d242662e19bfbeba29346121b44a9a6c336d80b0330663361c8c1f848cd1
15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5
1d36878275fdebcd10c4e7b031c09a5e76999afea375eff8688bc6622b0b349b
2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d
36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91
39e8daed58dc5228196591c1c5687619aa2745a1c0b3805bd96ea3f08473e96e
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59
50e5514c7a7481c094fe5ad8dabf787e4f269790569d8cc125989b6df6ff3b51
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
642574900260f93c845d151a14b9301de5357c14e077dc7110739235da80c4af
64588485da7d470991fdba6c20a6d05c7ad39f92cca72769a95cbe3d873e8edc
65af40ec5fc59a1ded1cfeb4f0a9b071f150ba2cee2aaeeae97968933838f98f
698d413ddf6b2ec37acf0e982237d239bd912cb097e243cb355855ac2b8548d3
69f1af22af8e44222a678a83372b852d1b93810614c08c5105a4c2fe5f549fa3
88f30b8552d0ab928d895390b337a0049405f3b1e8446631e606ba787e1205e1
8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e
9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41
a35df0cc8723374ad7b9b6a99e7b07b23a32783d0ae1897fbf8dbc6e6ffe11d6
a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d
b25bba409082158604d0fcc83f07c89f3e1c24ce88e6fb638aa6773c8f19f84b
b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950
b67c789430a34ef43ddf63e9f621575f2462c3fbc96eb27ad4efbac05ab8f161
c2a9c1dec1a24dd650f7b3b74a5c8ab1f6b68b653deef124accbde1c8a24abf0
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdf1b8dcdce4e9b76157ce90e086ebafb100063eaeb091e97087d97f5d0fb50b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d387924bc09c48a8818ec9e419521c90c21fe89494461994d857a671d14b0737
d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d81da2c036d2cf292d90bdbd51407f2910f06fdeab69ac2fb6793cf3b60f570b
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dacf2b10a123ea70335bb2365bfd78e2d53e2f9e1634fbc8ba568534a15c0aff
de2eaa6c889400061e8927bebbd6d7a6c41f11d00cd09ede0c01d23af31cd187
de8a74a0dc1628de13229ad1c6b91f017bea67e449e62294a31a4e830c7bf5b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed17113509c017416d8bbdd7efc59107f6d318a5981fba5142bc7257ae44996
f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb
f3d7f4e228e094cb0bfa58d89b651b879602807366787d4ba3b9af0b357af34c
f57fc8287a3cd71b1434c298f33cc8d1b4c5cf7bc5b396f19ef636b12c7db35c
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
f91b1662285405dce2af5446855f3c6c4aea3ddd4fe238e7ef97c362afbe3ca2
f963ba524a68297aa10ec6b7128ea720e4af8ae0f7d7b5ef352a3a26d642dec0
ff80c98d5da8f52ac8b257bf3f1fffe556f29c0a44522a7919c06695d71ad0c9

so-gr3at3.com Open in urlscan Pro 178.63.248.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

58 Requests

100 %HTTPS

32 %IPv6

14 Domains

19 Subdomains

19 IPs

4 Countries

1127 kBTransfer

3272 kBSize

Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

so-gr3at3.com Open in urlscan Pro
178.63.248.55 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

32 %
IPv6

14
Domains

19
Subdomains

19
IPs

4
Countries

1127 kB
Transfer

3272 kB
Size

58 HTTP transactions
0 data transactions