urlscan.io logo urlscan.io
SecurityTrails logo

cu-2.com Open in urlscan Pro
52.173.187.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.mta3.shspma.com/ls/click?upn=uCzhGL5lUTPzrQgJk2ljxcr8GoApuy7DuidgXo2vglsZBp43aS8-2F1FzrfK548kaTULpzgGPo7-2BvrUs0...
Effective URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY...
Submission: On April 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 21 domains to perform 95 HTTP transactions. The main IP is 52.173.187.93, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is cu-2.com.
TLS certificate: Issued by R3 on March 11th 2022. Valid for: 3 months.
This is the only time cu-2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.120 11377 (SENDGRID)
21 52.173.187.93 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 41 107.178.240.224 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 13.32.99.30 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 143.204.98.44 16509 (AMAZON-02)
1 151.101.194.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
6 10 52.49.47.139 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 4 185.33.220.244 29990 (ASN-APPNEX)
1 104.244.42.3 13414 (TWITTER)
1 2 18.156.0.31 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 216.58.212.162 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
95 22
1    167.89.115.120 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net
link.mta3.shspma.com
21    52.173.187.93 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cu-2.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
41    107.178.240.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com
koi-3qnfb3tuyw.marketingautomation.services
app-3qnfb3tuyw.marketingautomation.services
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net
lftracker.leadfeeder.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    143.204.98.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-44.fra50.r.cloudfront.net
tr.lfeeder.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
tag.perfectaudience.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    52.49.47.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
pixel-geo.prfct.co
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
4    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
4    2a00:1450:4001:82f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
41 marketingautomation.services
koi-3qnfb3tuyw.marketingautomation.services
app-3qnfb3tuyw.marketingautomation.services
561 KB
21 cu-2.com
cu-2.com
624 KB
10 prfct.co
pixel-geo.prfct.co — Cisco Umbrella Rank: 15817
4 KB
5 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 MB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
618 B
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 438
4 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
309 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
201 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
574 B
2 google.com
www.google.com — Cisco Umbrella Rank: 4
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
239 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 411
274 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 524
165 B
1 perfectaudience.com
tag.perfectaudience.com — Cisco Umbrella Rank: 17442
4 KB
1 lfeeder.com
tr.lfeeder.com — Cisco Umbrella Rank: 32988
294 B
1 leadfeeder.com
lftracker.leadfeeder.com — Cisco Umbrella Rank: 65155
10 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
38 KB
1 shspma.com
link.mta3.shspma.com
369 B
95 21
Domain Requested by
31 app-3qnfb3tuyw.marketingautomation.services 2 redirects koi-3qnfb3tuyw.marketingautomation.services
app-3qnfb3tuyw.marketingautomation.services
21 cu-2.com cu-2.com
10 pixel-geo.prfct.co 6 redirects cu-2.com
10 koi-3qnfb3tuyw.marketingautomation.services cu-2.com
koi-3qnfb3tuyw.marketingautomation.services
storage.googleapis.com
5 www.facebook.com cu-2.com
4 storage.googleapis.com koi-3qnfb3tuyw.marketingautomation.services
4 secure.adnxs.com 3 redirects cu-2.com
3 connect.facebook.net cu-2.com
connect.facebook.net
2 cm.g.doubleclick.net 2 redirects
2 ups.analytics.yahoo.com 1 redirects cu-2.com
2 www.gstatic.com www.google.com
2 www.google.com app-3qnfb3tuyw.marketingautomation.services
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com storage.googleapis.com
1 pixel.rubiconproject.com cu-2.com
1 us-u.openx.net cu-2.com
1 analytics.twitter.com cu-2.com
1 tag.perfectaudience.com koi-3qnfb3tuyw.marketingautomation.services
1 tr.lfeeder.com cu-2.com
1 stats.g.doubleclick.net www.google-analytics.com
1 lftracker.leadfeeder.com cu-2.com
1 maxcdn.bootstrapcdn.com cu-2.com
1 www.googletagmanager.com cu-2.com
1 link.mta3.shspma.com 1 redirects
95 25

This site contains links to these domains. Also see Links.

Domain
curesourcehub.com
pages.services
Subject Issuer Validity Valid
cu-2.com
R3		 2022-03-11 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.marketingautomation.services
Sectigo RSA Organization Validation Secure Server CA		 2020-03-12 -
2022-06-10		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.leadfeeder.com
Amazon		 2022-02-01 -
2023-03-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.lfeeder.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.perfectaudience.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2022-01-05 -
2023-02-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.prfct.co
Sectigo RSA Domain Validation Secure Server CA		 2021-11-02 -
2022-11-02		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Frame ID: 0AE8D965C7523E7D8EB26EDAF8D2247D
Requests: 48 HTTP requests in this frame

Frame: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Frame ID: DA7E31436C9262B3FC3E676F697C3803
Requests: 17 HTTP requests in this frame

Frame: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Frame ID: 9DAFB1957F68999ED9343E8BFF6E32EE
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4AC8DB51177A2BC549135B97C05BBFAA
Requests: 1 HTTP requests in this frame

Frame: https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
Frame ID: 55A0F79B1106E39AC2E636E4089FBE0C
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 40B1E2F069F444491D9866BAB1D50EF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking 2.0 Survey - Credit Union 2.0

Page URL History Show full URLs

  1. http://link.mta3.shspma.com/ls/click?upn=uCzhGL5lUTPzrQgJk2ljxcr8GoApuy7DuidgXo2vglsZBp43aS8-2F1FzrfK548... HTTP 302
    https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0M... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

95
Requests

92 %
HTTPS

43 %
IPv6

21
Domains

25
Subdomains

22
IPs

5
Countries

3162 kB
Transfer

8241 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.mta3.shspma.com/ls/click?upn=uCzhGL5lUTPzrQgJk2ljxcr8GoApuy7DuidgXo2vglsZBp43aS8-2F1FzrfK548kaTULpzgGPo7-2BvrUs0OhsqF3uXCziIqRpKOUY0FdBpy7JUzzvQQ1x4tf3v46AOzmO8vuAXOTVtwTRzIoorx7-2FRDOkEXbpGMTNzf75qvgxvKXgkPgpy9MFPpUv0dKM4-2BMwScm513fYkf1-2BZpBb9m0FTAsS1mTUUMB1Go18JwZ0x9Ntk-3D68PZ_jrUqf5zwH7FzSx1F7hMR70BwdCohGBNfqi8NslMNw41KcQRpGvPliBMimSwc3T9vzPZ0e-2B7qfKF7QGGux-2BhUTvQW-2BmrMvoe-2FJSonLhrp3GGa-2BAbvmWKQMU7GDq9qZ-2BtdmZoRTRhVcr6cVv4glRWDy-2FKh0FRCn85wt8P1wahvuHZtMmB31vgH857P5f1-2FUBwakQTxjqmeTmoErbfq3vnyPlWJuhpChuFHCR85Pks-2FBMQupE5bXtvgxNiB6RfczS3XzstmEvpsD6lM17FVZ9rKa8OGoM0yAM6MR5pkBe3exFnTj41xHBPrZ2fUf7qDBC4YZBXodWv1TxI-2F81F2cHMouRX2Y-2FOKhEfJU0rNoVbYTTwO4CbWOuAbbAMQj3XS8th76Ok3gBqSt4FAvfX2rtUK5nfWUBNKjL1G3YW-2F8GmJ2k8VfwAVzbF1sH9VoT9Oi57MI4IyyLgH7QarbeRdEA3Huw-3D-3D HTTP 302
    https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://app-3qnfb3tuyw.marketingautomation.services/prospector/form/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58 HTTP 302
  • https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Request Chain 32
  • https://app-3qnfb3tuyw.marketingautomation.services/prospector/form/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan HTTP 302
  • https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Request Chain 66
  • https://pixel-geo.prfct.co/tagjs?a_id=111160&source=js_tag HTTP 302
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=111160&source=js_tag
Request Chain 72
  • https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202204|62573cb91210d22c8e624709&pid=pa_Bd5kVtiiouQObH5Ik HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202204%7C62573cb91210d22c8e624709%26pid%3Dpa_Bd5kVtiiouQObH5Ik HTTP 302
  • https://pixel-geo.prfct.co/usermap/?xid=8095479511944140106&sid=202204|62573cb91210d22c8e624709&pid=pa_Bd5kVtiiouQObH5Ik
Request Chain 73
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Bd5kVtiiouQObH5Ik
Request Chain 74
  • https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Bd5kVtiiouQObH5Ik&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Bd5kVtiiouQObH5Ik&_origin=1&verify=true
Request Chain 75
  • https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Bd5kVtiiouQObH5Ik
Request Chain 76
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Bd5kVtiiouQObH5Ik
Request Chain 77
  • https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQmQ1a1Z0aWlvdVFPYkg1SWs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQmQ1a1Z0aWlvdVFPYkg1SWs&google_tc= HTTP 302
  • https://pixel-geo.prfct.co/cb?partnerId=goo
Request Chain 80
  • https://secure.adnxs.com/seg?t=2&add=21331603 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21331603

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cu-2.com/checking-survey/
Redirect Chain
  • http://link.mta3.shspma.com/ls/click?upn=uCzhGL5lUTPzrQgJk2ljxcr8GoApuy7DuidgXo2vglsZBp43aS8-2F1FzrfK548kaTULpzgGPo7-2BvrUs0OhsqF3uXCziIqRpKOUY0FdBpy7JUzzvQQ1x4tf3v46AOzmO8vuAXOTVtwTRzIoorx7-2FRDOk...
  • https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
55 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PHP/7.3.27 PleskLin
Resource Hash
58409d3c8275e7c6f4e2f9b5b534d791e9251e3ab09236835e6cd10ba0f42ad6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
11941
content-type
text/html; charset=UTF-8
date
Wed, 13 Apr 2022 21:12:24 GMT
server
nginx
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-powered-by
PHP/7.3.27 PleskLin

Redirect headers

Connection
keep-alive
Content-Length
204
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Apr 2022 21:12:23 GMT
Location
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Server
nginx
X-Robots-Tag
noindex, nofollow
5ugl8.js
cu-2.com/wp-content/cache/wpfc-minified/98e6ohuh/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/98e6ohuh/5ugl8.js
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b7fb64d841828fc7eae73d7f5cfc7e2f813e0dd9060dc20303b5c794ff5878ea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
last-modified
Thu, 27 Jan 2022 21:10:30 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f30a46-a563"
strict-transport-security
max-age=15768000
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-98429185-1
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98a4452bc9b51939e93a46147bfc1c703d38d6f6254a41f77ae02de3146c6306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38380
x-xss-protection
0
expires
Wed, 13 Apr 2022 21:12:24 GMT
abr4a.css
cu-2.com/wp-content/cache/wpfc-minified/dhpnjar1/ 		113 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/dhpnjar1/abr4a.css
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a35ac48de4e440215ccdf3ff3f17fa2b91e36cf17ec4f295fb2668b0619d25ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
last-modified
Mon, 31 Jan 2022 00:16:02 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f72a42-1c3e7"
strict-transport-security
max-age=15768000
content-type
text/css
abr4a.css
cu-2.com/wp-content/cache/wpfc-minified/1r3pdtss/ 		236 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/1r3pdtss/abr4a.css
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9051b87f64276116affb85fe3f7e4a4e9a3ab6f9f99a7203e8a1a091c486e178
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
last-modified
Mon, 31 Jan 2022 00:16:02 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f72a42-3b067"
strict-transport-security
max-age=15768000
content-type
text/css
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.9.3
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
696441
cdn-cachedat
03/12/2022 14:32:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a204f360736ba7506e860e59c1098545
cf-ray
6fb73322ef8d59cb-MXP
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
5ugl8.css
cu-2.com/wp-content/cache/wpfc-minified/eislraxs/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/eislraxs/5ugl8.css
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b871f742efc88a70288dd7e6faed6f33ed5446050de02eb2ea30879834eb29bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
last-modified
Thu, 27 Jan 2022 21:10:30 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f30a46-556b"
strict-transport-security
max-age=15768000
content-type
text/css
fc5it.js
cu-2.com/wp-content/cache/wpfc-minified/jyr35dxm/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/jyr35dxm/fc5it.js
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3916965a7e8887a9f17b49f04cd31d9d02915a95b77300ff41ccf0d362525895
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
last-modified
Fri, 01 Apr 2022 10:52:19 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6246d963-2ec3"
strict-transport-security
max-age=15768000
content-type
application/javascript
fc5it.js
cu-2.com/wp-content/cache/wpfc-minified/e777xxur/ 		109 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/e777xxur/fc5it.js
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a607b69f8a26f1525e49a347a47fd091b4869efe4ed7cd5b74d853b19910227d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
last-modified
Fri, 01 Apr 2022 10:52:19 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6246d963-1b5a4"
strict-transport-security
max-age=15768000
content-type
application/javascript
5ugl8.js
cu-2.com/wp-content/cache/wpfc-minified/1ou1cxce/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/1ou1cxce/5ugl8.js
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e02b01d0a3d0782c85d93d3b2206acfd57abb9647e6f3cedff7d41b4eb30bd33
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:24 GMT
content-encoding
br
last-modified
Thu, 27 Jan 2022 21:10:30 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f30a46-1132c"
strict-transport-security
max-age=15768000
content-type
application/javascript
CU2.0_Logo_RGB.svg
cu-2.com/wp-content/themes/cu2/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cu-2.com/wp-content/themes/cu2/images/CU2.0_Logo_RGB.svg
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e76cd90cc9433fbb1aa6c14e400ae340dda95730aa9a47e3d731324035733f56
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
last-modified
Wed, 07 Apr 2021 03:24:50 GMT
server
nginx
x-powered-by
PleskLin
etag
"606d2602-8d1"
strict-transport-security
max-age=15768000
content-type
image/svg+xml
accept-ranges
bytes
content-length
2257
form.js
koi-3qnfb3tuyw.marketingautomation.services/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/client/form.js?ver=2.0.1
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:30 GMT
server
openresty
etag
W/"6254806e-a49"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
5ugl8.css
cu-2.com/wp-content/cache/wpfc-minified/6ypeohz1/ 		64 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/cache/wpfc-minified/6ypeohz1/5ugl8.css
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fc59a368d0ae42ac3a3c4519703df8332cf37c433c7b082feab1b144b9e93552
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
br
last-modified
Thu, 27 Jan 2022 21:10:30 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61f30a46-fe58"
strict-transport-security
max-age=15768000
content-type
text/css
modal.min.js
cu-2.com/wp-content/plugins/podcast-subscribe-buttons/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/plugins/podcast-subscribe-buttons/assets/js/modal.min.js?ver=1.0.0
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ecf917978118862ae1fc715ef2f5d7cf541d22cf515bc480c07324037b8bba01
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 11:49:17 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"620ce4bd-13d6"
strict-transport-security
max-age=15768000
content-type
application/javascript
skip-link-focus-fix.js
cu-2.com/wp-content/themes/cu2/js/ 		745 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/themes/cu2/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
578f25aa8a72217bebfbf681a9d66d330e77a965eba6edcb3ed45d0adce8ac22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
etag
"2e9-5ae810bda1401-gzip"
last-modified
Fri, 04 Sep 2020 18:29:16 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
x-accel-version
0.01
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
424
cff-scripts.js
cu-2.com/wp-content/plugins/custom-facebook-feed/assets/js/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.js?ver=4.1.2
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
324b4935d4141d15c5e8334d0dd4d40161a800060beedffc42ac1cbe0fcec3e5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
br
last-modified
Wed, 16 Feb 2022 11:49:24 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"620ce4c4-d58a"
strict-transport-security
max-age=15768000
content-type
application/javascript
core.min.js
cu-2.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
br
last-modified
Wed, 23 Feb 2022 11:49:20 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"62161f40-50ea"
strict-transport-security
max-age=15768000
content-type
application/javascript
pum-site-scripts.js
cu-2.com/wp-content/uploads/pum/ 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1649155942&ver=1.16.7
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e1b8de3cad37f6872cf0e93fbbb2f40f97e48c18654ac9900cf8c941b6192b75
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
br
last-modified
Tue, 05 Apr 2022 10:52:22 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"624c1f66-1101b"
strict-transport-security
max-age=15768000
content-type
application/javascript
front_end_js.js
cu-2.com/wp-content/plugins/widget-countdown/includes/javascript/ 		2 KB
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/plugins/widget-countdown/includes/javascript/front_end_js.js?ver=5.9.3
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b61d9e3f2b9cb5c965c65109a820a249d72433c63c2a8c68f7f7b3005e12bfc2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
br
last-modified
Thu, 03 Feb 2022 11:49:16 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61fbc13c-96c"
strict-transport-security
max-age=15768000
content-type
application/javascript
thickbox.js
cu-2.com/wp-includes/js/thickbox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
br
last-modified
Mon, 15 Mar 2021 00:35:31 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"604eabd3-338a"
strict-transport-security
max-age=15768000
content-type
application/javascript
ss.js
koi-3qnfb3tuyw.marketingautomation.services/client/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/client/ss.js?ver=1.1.1
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:30 GMT
server
openresty
etag
W/"6254806e-2fc8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=604800, public
alt-svc
clear
expires
Wed, 20 Apr 2022 21:12:25 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98429185-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5855
date
Wed, 13 Apr 2022 19:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Apr 2022 21:34:50 GMT
homeTopMountains-e1497464824157.jpg
cu-2.com/wp-content/themes/cu2/images/ 		320 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cu-2.com/wp-content/themes/cu2/images/homeTopMountains-e1497464824157.jpg
Requested by
Host: cu-2.com
URL: https://cu-2.com/wp-content/cache/wpfc-minified/1r3pdtss/abr4a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
de37f649035ec7457643868f994d814d65e10c536b83d8152ddad73d0bf11fb2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/wp-content/cache/wpfc-minified/1r3pdtss/abr4a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
last-modified
Mon, 23 Oct 2017 14:25:00 GMT
server
nginx
x-powered-by
PleskLin
etag
"59edfbbc-50108"
strict-transport-security
max-age=15768000
content-type
image/jpeg
accept-ranges
bytes
content-length
327944
AvenirLTStd-Light.woff
cu-2.com/wp-content/themes/cu2/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cu-2.com/wp-content/themes/cu2/fonts/AvenirLTStd-Light.woff
Requested by
Host: cu-2.com
URL: https://cu-2.com/wp-content/cache/wpfc-minified/1r3pdtss/abr4a.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
08aa64f3df82bdcfa98ae744f3c2c7ba1b603e19bec42a6a80e412f5545212c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://cu-2.com/wp-content/cache/wpfc-minified/1r3pdtss/abr4a.css
Origin
https://cu-2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
last-modified
Mon, 23 Oct 2017 14:24:58 GMT
server
nginx
x-powered-by
PleskLin
etag
"59edfbba-41a8"
strict-transport-security
max-age=15768000
content-type
x-font/woff
accept-ranges
bytes
content-length
16808
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
K1ifCcuvaxQLwzMObzfgbKBez6sE+6YwlWDeJzzJt6DJnEFhdUemfCPVNOK5VMhiCw7tJsiuBplNmUoT4BvDgA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 13 Apr 2022 21:12:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
lftracker_v1_bElvO73DlDP4ZMqj.js
lftracker.leadfeeder.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lftracker.leadfeeder.com/lftracker_v1_bElvO73DlDP4ZMqj.js
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2e88bcadd5cd292ec93c6eb67f305ca3cd0ead39cc6c440b5072fa9d4df36be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
ZYGk0uK04GYcXpAO9MWrf9XM67dBH6iO
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 10:01:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"a798f68b8838ca203c9f27695ead0e91"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Wed, 13 Apr 2022 21:12:26 GMT
x-amz-cf-id
plfwTjmu0eVqoSO4ZO67dxGQqPi2S2bLNUSIiR0LJG6h5j-i0jyreg==
/
cu-2.com/checking-survey/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PHP/7.3.27, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.27, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000
content-length
11941
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=32520975&t=pageview&_s=1&dl=https%3A%2F%2Fcu-2.com%2Fchecking-survey%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DM7cwNzU0sjC0MLM0AAA%26sseid%3DMzIxMjY3NTSzMAIA%26jobid%3Dd05c5596-1ca2-4840-af5a-cba32a6665cd&ul=en-us&de=UTF-8&dt=Checking%202.0%20Survey%20-%20Credit%20Union%202.0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=23040795&gjid=840707173&cid=18670322.1649884345&tid=UA-98429185-1&_gid=127067649.1649884345&_r=1&gtm=2ou460&did=dNDMyYj&gdid=dNDMyYj&z=1406199706
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cu-2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 21:12:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cu-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1246836688791173
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1246836688791173?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac5d838b2df25b1c27e97d345bffbd85304e8fe6931113e3b8d1fe22c9f6029d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
gsyQKh0n4eY2N9Znlcf7nNy5CxVs6pyJ8Zy/mFWDXIRJIrFkTQiik2MBxLMrR3MERE3K6FQk6YGQqAWRgXWbMQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 13 Apr 2022 21:12:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98429185-1&cid=18670322.1649884345&jid=23040795&gjid=840707173&_gid=127067649.1649884345&_u=YEBAAUAAAAAAAC~&z=1484302806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cu-2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Apr 2022 21:12:25 GMT
content-type
text/plain
access-control-allow-origin
https://cu-2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1246836688791173&ev=PageView&dl=https%3A%2F%2Fcu-2.com%2Fchecking-survey%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DM7cwNzU0sjC0MLM0AAA%26sseid%3DMzIxMjY3NTSzMAIA%26jobid%3Dd05c5596-1ca2-4840-af5a-cba32a6665cd&rl=&if=false&ts=1649884345290&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649884345289.177902848&it=1649884345194&coo=false&exp=p1&rqm=GET
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 13 Apr 2022 21:12:25 GMT
/
tr.lfeeder.com/ 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.lfeeder.com/?sid=bElvO73DlDP4ZMqj&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTk4NDI5MTg1LTEiXSwiZ2FDbGllbnRJZHMiOlsiMTg2NzAzMjIuMTY0OTg4NDM0NSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjQzLjAifSwicGFnZVVybCI6Imh0dHBzOi8vY3UtMi5jb20vY2hlY2tpbmctc3VydmV5Lz91dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9c2hhcnBzcHJpbmcmc3NsaWQ9TTdjd056VTBzakMwTUxNMEFBQSZzc2VpZD1Nekl4TWpZM05UU3pNQUlBJmpvYmlkPWQwNWM1NTk2LTFjYTItNDg0MC1hZjVhLWNiYTMyYTY2NjVjZCIsInBhZ2VUaXRsZSI6IkNoZWNraW5nIDIuMCBTdXJ2ZXkgLSBDcmVkaXQgVW5pb24gMi4wIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI5ZTA1ODYxNzk2MDRjZTJmIiwiY2xpZW50VGltZXN0YW1wIjoiMjAyMi0wNC0xM1QyMToxMjoyNS4zMTlaIiwiY2xpZW50VGltZXpvbmUiOjAsInNjcmlwdElkIjoiYkVsdk83M0RsRFA0Wk1xaiIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuNjg1NWYwNjM4MGMzMDVhMC4xNjQ5ODg0MzQ1MzE4IiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZX0=
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-44.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
MdAySeHgk4qC8SVcOfAFaKqYbVehO686X__4VEVVQwI1FkKNnc5jIQ==
S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA
app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/ Frame DA7E
Redirect Chain
  • https://app-3qnfb3tuyw.marketingautomation.services/prospector/form/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
  • https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
48 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/client/form.js?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
05d6e23b3984bb5081f3402b578e3f7e3d456d168dc5c993a5ec56e6d57c28e0

Request headers

Referer
https://cu-2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
clear
cache-control
no-cache
content-length
48987
content-type
text/html
date
Wed, 13 Apr 2022 21:12:25 GMT
etag
"5d0260e6e057c358e4f201eb0735a072"
expires
Thu, 13 Apr 2023 21:12:25 GMT
last-modified
Wed, 13 Apr 2022 16:40:20 GMT
server
nginx/1.21.4
via
1.1 google
x-goog-generation
1649868019947058
x-goog-hash
crc32c=WiwZxg== md5=XQJg5uBXw1jk8gHrBzWgcg==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
48987
x-guploader-uploadid
ADPycduOr2whfzufH1N_iD3LPrS8zviw5p2nxDENCyIaVvi4NkK9-1llHyarTY0RATfdjy1hHlpUSehZ6VyiiRBP111k1MDp8LwD

Redirect headers

alt-svc
clear
content-type
text/html; charset=UTF-8
date
Wed, 13 Apr 2022 21:12:25 GMT
location
https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
pod-hostname
koi-5858757fbd-wjtv7
server
openresty
via
1.1 google
x-clacks-overhead
GNU Terry Pratchett
x-xss-protection
1; mode=block
MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B
app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/ Frame 9DAF
Redirect Chain
  • https://app-3qnfb3tuyw.marketingautomation.services/prospector/form/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
  • https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
37 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/client/form.js?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
1ead663e9ffa15ae9a04357db43447e15848f36aa2d194dd9da0f34269b6b444

Request headers

Referer
https://cu-2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
clear
cache-control
no-cache
content-length
37464
content-type
text/html
date
Wed, 13 Apr 2022 21:12:25 GMT
etag
"179efee4c18572493ea38aa05db3572f"
expires
Thu, 13 Apr 2023 21:12:25 GMT
last-modified
Wed, 29 Dec 2021 20:26:34 GMT
server
nginx/1.21.4
via
1.1 google
x-goog-generation
1640809594051807
x-goog-hash
crc32c=D3b09g== md5=F57+5MGFckk+o4qgXbNXLw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
37464
x-guploader-uploadid
ADPycduL9TvQZi_cM1LDpwfHJ3Ly2WMQp4U76D8a1lG4vPfpb3sJHB1CmSsZNwmBFT_bBhnvvZbmBWBIy1HOVscjlNXMlA

Redirect headers

alt-svc
clear
content-type
text/html; charset=UTF-8
date
Wed, 13 Apr 2022 21:12:25 GMT
location
https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
pod-hostname
koi-5858757fbd-tp56p
server
openresty
via
1.1 google
x-clacks-overhead
GNU Terry Pratchett
x-xss-protection
1; mode=block
koi
koi-3qnfb3tuyw.marketingautomation.services/ 		708 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/koi?rf=&hn=cu-2.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1649884345330&ac=KOI-41YGDBGLL4&ts=1649884345&pt=0&pl=0&loc=https%3A%2F%2Fcu-2.com%2Fchecking-survey%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DM7cwNzU0sjC0MLM0AAA%26sseid%3DMzIxMjY3NTSzMAIA%26jobid%3Dd05c5596-1ca2-4840-af5a-cba32a6665cd&tp=page&ti=Checking%202.0%20Survey%20-%20Credit%20Union%202.0
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
24351213137ec9d203952c47588122399c226125b2b72746e76fad8d601e0135
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
last-modified
Wed, 13 Apr 2022 21:12:25 GMT
server
openresty
vary
Accept-Encoding
p3p
CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
via
1.1 google
cache-control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname
koi-5858757fbd-wjtv7
content-type
application/javascript
alt-svc
clear
x-xss-protection
1; mode=block
expires
Sat, 26 Jul 1997 05:00:00 GMT
loadingAnimation.gif
cu-2.com/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cu-2.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.173.187.93 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
last-modified
Sat, 05 Sep 2020 22:12:28 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f540d4c-3b86"
strict-transport-security
max-age=15768000
content-type
image/gif
accept-ranges
bytes
content-length
15238
5e862d121d808acdf7006636.js
tag.perfectaudience.com/serve/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.perfectaudience.com/serve/5e862d121d808acdf7006636.js
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
e0cd12fa3c7b10a12607537a7f996b1ee457662e37d71d0a7fd1ba886329029f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
via
1.1 vegur, 1.1 varnish
x-content-type-options
nosniff
server
Cowboy
age
0
x-served-by
cache-hhn4057-HHN
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
content-encoding
gzip
cache-control
max-age=1800
accept-ranges
bytes
x-timer
S1649884346.670924,VS0,VE187
content-length
4339
x-cache-hits
0
formbasics.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/ Frame DA7E 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/formbasics.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:23:12 GMT
server
openresty
etag
W/"62548020-1c3d"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-whl29
alt-svc
clear
jquery-ui.min.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/ Frame DA7E 		31 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/jquery-ui.min.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:03 GMT
server
openresty
etag
W/"62547fdb-7d0a"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-xhkcg
alt-svc
clear
base.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/datepicker/ Frame DA7E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/datepicker/base.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:03 GMT
server
openresty
etag
W/"62547fdb-f70"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-ws8pm
alt-svc
clear
datetimepicker.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/ Frame DA7E 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/datetimepicker.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:23:12 GMT
server
openresty
etag
W/"62548020-237e"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-d9vsf
alt-svc
clear
jquery-3.6.0.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame DA7E 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-3.6.0.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
7781dbd4a9504b649e271a910b880339d0c1ee26a7b84b51a3b88e1fe0d6c821

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:22 GMT
server
openresty
etag
W/"62548066-15c46"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery.validate.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame DA7E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery.validate.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:27 GMT
server
openresty
etag
W/"6254806b-5e52"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
additional-methods.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame DA7E 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/additional-methods.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:14 GMT
server
openresty
etag
W/"6254805e-4230"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery.form.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame DA7E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery.form.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:23 GMT
server
openresty
etag
W/"62548067-3248"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery-ui.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/ Frame DA7E 		248 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/jquery-ui.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:04 GMT
server
openresty
etag
W/"62547fdc-3dee5"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
datetimepicker.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame DA7E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/datetimepicker.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:19 GMT
server
openresty
etag
W/"62548063-94d3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery.placeholder.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame DA7E 		2 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery.placeholder.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:24 GMT
server
openresty
etag
W/"62548068-7e4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
api.js
www.google.com/recaptcha/ Frame DA7E 		850 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fbd80be98baa936f714c6c05d1fd709e300fbafdf39b4d554066bee730d40e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 13 Apr 2022 21:12:25 GMT
conditional-form-fields.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/app/modules/ Frame DA7E 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/app/modules/conditional-form-fields.js
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2bf285471494d74f848b6db65650009a7ccf1e55c73b352b8a52582fff27f89f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:04 GMT
server
openresty
etag
W/"62547fdc-4a10"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
pod-hostname
app-7c85d7ff77-xhkcg
alt-svc
clear
formbasics.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/ Frame 9DAF 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/formbasics.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:23:12 GMT
server
openresty
etag
W/"62548020-1c3d"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-ws8pm
alt-svc
clear
jquery-ui.min.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/ Frame 9DAF 		31 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/jquery-ui.min.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:03 GMT
server
openresty
etag
W/"62547fdb-7d0a"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-whl29
alt-svc
clear
base.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/datepicker/ Frame 9DAF 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/jquery/datepicker/base.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:03 GMT
server
openresty
etag
W/"62547fdb-f70"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-ws8pm
alt-svc
clear
datetimepicker.css
app-3qnfb3tuyw.marketingautomation.services/includes/css/ Frame 9DAF 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/css/datetimepicker.css
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:23:12 GMT
server
openresty
etag
W/"62548020-237e"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-7c85d7ff77-ws8pm
alt-svc
clear
jquery-1.7.2.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame 9DAF 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:22 GMT
server
openresty
etag
W/"62548066-16fa7"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery.validate.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame 9DAF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery.validate.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:27 GMT
server
openresty
etag
W/"6254806b-5e52"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
additional-methods.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame 9DAF 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/additional-methods.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:14 GMT
server
openresty
etag
W/"6254805e-4230"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery.form.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame 9DAF 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery.form.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:23 GMT
server
openresty
etag
W/"62548067-3248"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery-ui.min.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/ Frame 9DAF 		248 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/jquery-ui.min.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:04 GMT
server
openresty
etag
W/"62547fdc-3dee5"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
datetimepicker.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame 9DAF 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/datetimepicker.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:19 GMT
server
openresty
etag
W/"62548063-94d3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
jquery.placeholder.js
app-3qnfb3tuyw.marketingautomation.services/includes/js/core/ Frame 9DAF 		2 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery.placeholder.js?ver=5.75-35
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:24 GMT
server
openresty
etag
W/"62548068-7e4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:25 GMT
api.js
www.google.com/recaptcha/ Frame 9DAF 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fbd80be98baa936f714c6c05d1fd709e300fbafdf39b4d554066bee730d40e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 13 Apr 2022 21:12:25 GMT
getChatbot
koi-3qnfb3tuyw.marketingautomation.services/ 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/getChatbot?rf=&hn=cu-2.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1649884345330&ac=KOI-41YGDBGLL4&ts=1649884346&pt=0&pl=0&loc=https%3A%2F%2Fcu-2.com%2Fchecking-survey%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DM7cwNzU0sjC0MLM0AAA%26sseid%3DMzIxMjY3NTSzMAIA%26jobid%3Dd05c5596-1ca2-4840-af5a-cba32a6665cd&tk=202204%7C62573cb91210d22c8e624709
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
b6649e595fb1323a3cbe21f0f569cdae853fca540b7ba051268b15150cac2fe6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
server
openresty
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
pod-hostname
app-pubapi-7f6959c664-hcm9v
alt-svc
clear
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ Frame 4AC8 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cu-2.com
Referer
https://cu-2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://cu-2.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 21:12:25 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
freeemailproviderlist.json
app-3qnfb3tuyw.marketingautomation.services/includes/js/app/ Frame DA7E 		75 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/app/freeemailproviderlist.json
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/S0s0MzW0TDTRNTQys9A1STJK0U1KMU7TNbdMNTBNszCzMEu2AAA?instance=ef3k58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:04 GMT
server
openresty
etag
W/"62547fdc-12aa5"
vary
Accept-Encoding
content-type
application/json
via
1.1 google
pod-hostname
app-7c85d7ff77-xhkcg
alt-svc
clear
freeemailproviderlist.json
app-3qnfb3tuyw.marketingautomation.services/includes/js/app/ Frame 9DAF 		75 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/includes/js/app/freeemailproviderlist.json
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/forms-proxy/MzawMDGzNDK0AAA/MzZJTktONjDWTUxMS9U1SbJI1rUwN7IEskwNDIwNUo2TTM0B?instance=vkpvan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:22:04 GMT
server
openresty
etag
W/"62547fdc-12aa5"
vary
Accept-Encoding
content-type
application/json
via
1.1 google
pod-hostname
app-7c85d7ff77-d9vsf
alt-svc
clear
613056426313481
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/613056426313481?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eacefe83bb159e4313981d0b511a2bb1ec39d8d2898a7394e59eb1ea6652a0b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
LgNuR1a/R2IRgwGnJe7aWihiHrcUxN0AAUhpZwlhCnQdHQgSdvudrwt/JSo2k6L2xsA8g2OShRkqkDZPap0+SQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Apr 2022 21:12:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tagjs
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/tagjs?a_id=111160&source=js_tag
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=111160&source=js_tag
125 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=111160&source=js_tag
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
HTTP/1.1
Server
52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
51dc5a6c0e58731110fed83e45eabaff65af8b6418053906247df32187f1dd2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
125
Content-Type
text/javascript

Redirect headers

Location
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=111160&source=js_tag
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame DA7E 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app-3qnfb3tuyw.marketingautomation.services
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145703
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 14:29:34 GMT
fa6519a4-1268-4b2d-bd3f-79e05f8686c8
app-3qnfb3tuyw.marketingautomation.services/prospector/getFormData/MzawMDGzNDK0AAA/ Frame DA7E 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/prospector/getFormData/MzawMDGzNDK0AAA/fa6519a4-1268-4b2d-bd3f-79e05f8686c8?instance=ef3k58&rf__doc=https%3A%2F%2Fcu-2.com%2F
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-3.6.0.min.js?ver=5.75-35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
6a1751eb406b448c421c8f568934d45fb2379c1bde5f18b6a5af0b5efadcb521
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
server
openresty
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
via
1.1 google
pod-hostname
koi-5858757fbd-kgf6f
alt-svc
clear
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=613056426313481&ev=PageView&dl=https%3A%2F%2Fcu-2.com%2Fchecking-survey%2F%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DM7cwNzU0sjC0MLM0AAA%26sseid%3DMzIxMjY3NTSzMAIA%26jobid%3Dd05c5596-1ca2-4840-af5a-cba32a6665cd&rl=&if=false&ts=1649884346043&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649884345289.177902848&it=1649884345194&coo=false&exp=p1&rqm=GET
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Apr 2022 21:12:26 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 9DAF 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app-3qnfb3tuyw.marketingautomation.services
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 14:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145703
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 14:29:34 GMT
34cfcc03-aafe-4b8c-8729-4b50030e3b57
app-3qnfb3tuyw.marketingautomation.services/prospector/getFormData/MzawMDGzNDK0AAA/ Frame 9DAF 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app-3qnfb3tuyw.marketingautomation.services/prospector/getFormData/MzawMDGzNDK0AAA/34cfcc03-aafe-4b8c-8729-4b50030e3b57?instance=vkpvan&rf__doc=https%3A%2F%2Fcu-2.com%2F
Requested by
Host: app-3qnfb3tuyw.marketingautomation.services
URL: https://app-3qnfb3tuyw.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
d197a531ff7c5555b678ce4baa54723d5032f83dab664e4c262853819d635f16
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
server
openresty
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
via
1.1 google
pod-hostname
koi-5858757fbd-fr7rg
alt-svc
clear
x-xss-protection
1; mode=block
/
pixel-geo.prfct.co/usermap/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202204|62573cb91210d22c8e624709&pid=pa_Bd5kVtiiouQObH5Ik
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202204%7C62573cb91210d22c8e624709%26pid%3Dpa_Bd5kVtiiouQObH5Ik
  • https://pixel-geo.prfct.co/usermap/?xid=8095479511944140106&sid=202204|62573cb91210d22c8e624709&pid=pa_Bd5kVtiiouQObH5Ik
43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/usermap/?xid=8095479511944140106&sid=202204|62573cb91210d22c8e624709&pid=pa_Bd5kVtiiouQObH5Ik
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
HTTP/1.1
Server
52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 13 Apr 2022 21:12:26 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5cfcdf3d-5287-47f4-b03c-3dbcfc5527a7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pixel-geo.prfct.co/usermap/?xid=8095479511944140106&sid=202204|62573cb91210d22c8e624709&pid=pa_Bd5kVtiiouQObH5Ik
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsct
analytics.twitter.com/i/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Bd5kVtiiouQObH5Ik
0
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Bd5kVtiiouQObH5Ik
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
102
date
Wed, 13 Apr 2022 21:12:26 UTC
cache-control
no-cache, no-store, max-age=0
server
tsa_o
x-connection-hash
0768c1d61c5edca90a75da58dec9202dc0afc24fdaf89162cd4ff17cfd8dcf2d
content-length
0
strict-transport-security
max-age=631138519

Redirect headers

Location
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Bd5kVtiiouQObH5Ik
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=yah
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Bd5kVtiiouQObH5Ik&_origin=1
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Bd5kVtiiouQObH5Ik&_origin=1&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Bd5kVtiiouQObH5Ik&_origin=1&verify=true
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Bd5kVtiiouQObH5Ik&_origin=1&verify=true
date
Wed, 13 Apr 2022 21:12:26 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=opx
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Bd5kVtiiouQObH5Ik
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Bd5kVtiiouQObH5Ik
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 21:12:26 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Bd5kVtiiouQObH5Ik
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Bd5kVtiiouQObH5Ik
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Bd5kVtiiouQObH5Ik
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Bd5kVtiiouQObH5Ik
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cb
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=goo
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQmQ1a1Z0aWlvdVFPYkg1SWs
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfQmQ1a1Z0aWlvdVFPYkg1SWs&google_tc=
  • https://pixel-geo.prfct.co/cb?partnerId=goo
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
HTTP/1.1
Server
52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Apr 2022 21:12:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pixel-geo.prfct.co/seg/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/seg/?add=21331603&source=js_tag&a_id=111160
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.47.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-47-139.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif
tr
www.facebook.com/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=613056426313481&ev=ViewContent&cd[rtb_id]=21331603&noscript=1
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Apr 2022 21:12:26 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?t=2&add=21331603
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21331603
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21331603
Requested by
Host: cu-2.com
URL: https://cu-2.com/checking-survey/?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd
Protocol
HTTP/1.1
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cu-2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Apr 2022 21:12:26 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b0541e2-18e1-4f23-bb61-a6de4f5bbed6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Apr 2022 21:12:26 GMT
X-Proxy-Origin
217.64.151.7; 217.64.151.7; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f48482d2-6489-442c-9acc-7ecb853ad8cd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21331603
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publicChatbot
koi-3qnfb3tuyw.marketingautomation.services/ Frame 55A0 		2 KB
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/client/ss.js?ver=1.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
b1982962c8c9bfc0f93c45c8b4065807d983f1ea70e279faecc8c1dccdac3f48
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cu-2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
clear
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Apr 2022 21:12:26 GMT
pod-hostname
app-7c85d7ff77-ws8pm
server
openresty
vary
Accept-Encoding
via
1.1 google
x-clacks-overhead
GNU Terry Pratchett
x-xss-protection
1; mode=block
polyfill.min.js
koi-3qnfb3tuyw.marketingautomation.services/includes/js/dist/ Frame 55A0 		202 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/includes/js/dist/polyfill.min.js?ver=c4e4a41876-1
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
b9a6fca766ed9a201b3658950e9692b259d61f22b13e27b76cbc58d8fb5a4d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 19:24:11 GMT
server
openresty
etag
W/"6254805b-32984"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 13 May 2022 21:12:26 GMT
de.js
storage.googleapis.com/frontend-prod/i18next/master/ Frame 55A0 		730 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/frontend-prod/i18next/master/de.js
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da1b2d46fb852468891e754a71c4d20237d2ff69be7bfd7460f3c853314340e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 20:45:45 GMT
content-encoding
gzip
age
1601
x-guploader-uploadid
ADPycdvmwtpXzGRYIMpICqKRW3KjruQVQYAnZcQy-QIOTRii5at_msvXhfm__EMiRSlrfchhnIuvhq8WuppCUTSXzKzxFQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165372
last-modified
Wed, 13 Apr 2022 17:17:07 GMT
server
UploadServer
etag
"6c2fe9cbce9fa31fed388950456eeb34"
x-goog-hash
crc32c=QEPdVQ==, md5=bC/py86fox/tOIlQRW7rNA==
x-goog-generation
1649870227739216
cache-control
no-transform
x-goog-stored-content-length
165372
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 13 Apr 2023 20:45:45 GMT
antd.css
storage.googleapis.com/frontend-prod/fireant/7f67539c/style/ Frame 55A0 		439 KB
440 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/frontend-prod/fireant/7f67539c/style/antd.css
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
934ecb719a9eb78212ebfa8985f42d4242769b9b650622a1d6e16184378d8eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:09:05 GMT
x-goog-meta-goog-reserved-file-mtime
1640118138
age
201
x-guploader-uploadid
ADPycdsPlrDTm-7ioJVoh1fTk55yNvE6fLdsp3Fb5BNG7SUdfe8rD9i7zhJVcFO_PTfQFCQRjrgdcVIb5F7cUGLggNjeoduyt5tN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
449797
last-modified
Tue, 21 Dec 2021 20:50:54 GMT
server
UploadServer
etag
"79f1517ddc36a516ffbac1d4c1d47233"
x-goog-hash
crc32c=Joc7bg==, md5=efFRfdw2pRb/usHUwdRyMw==
x-goog-generation
1640119854776231
cache-control
public, max-age=3600
x-goog-stored-content-length
449797
accept-ranges
bytes
content-type
text/css
expires
Wed, 13 Apr 2022 22:09:05 GMT
en_US.main.css
storage.googleapis.com/frontend-prod/common/7e16c022/ Frame 55A0 		122 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/frontend-prod/common/7e16c022/en_US.main.css
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2abc10b98bfce0b592d37587d5e8eb1d3c76c6b5e6d549171b1670fa6dab832f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 20:23:02 GMT
content-encoding
gzip
age
2964
x-guploader-uploadid
ADPycduQaXsmgYt9zAFbhzUrToRTVRuslINP76-o0llB3VOdeUUGbjWdI9uKOUW2s1FUiu-e8-X0OqlMcsCgANbGo1ITVOyecSEY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64483
last-modified
Tue, 21 Dec 2021 15:53:55 GMT
server
UploadServer
etag
"85e642aba7acca59008f68a454d27b57"
x-goog-hash
crc32c=Z647nA==, md5=heZCq6esylkAj2ikVNJ7Vw==
x-goog-generation
1640102035706343
cache-control
public, max-age=31536000,no-transform
x-goog-stored-content-length
64483
accept-ranges
bytes
content-type
text/css
expires
Thu, 13 Apr 2023 20:23:02 GMT
en_US.main.js
storage.googleapis.com/frontend-prod/chatbot-client/938196f/ Frame 55A0 		2 MB
624 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/frontend-prod/chatbot-client/938196f/en_US.main.js
Requested by
Host: koi-3qnfb3tuyw.marketingautomation.services
URL: https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c0d02a2d5fb2ff349eb431128f04716877247f64c7b4b8dd96c06b63d6a0396d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 20:28:27 GMT
content-encoding
gzip
age
2639
x-guploader-uploadid
ADPycdsF8VwgKgbrHarozyyhnxkObwDYg6EqcgQ09jszO6bfCvlwl4eDU30X8Xt_n3nvW3uKvUfM-bXxxPp8S4gs_BHW8eXJ8mdV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
638171
last-modified
Wed, 13 Apr 2022 17:17:09 GMT
server
UploadServer
etag
"0a55f4302073fbd9de30fdb957ca3137"
x-goog-hash
crc32c=HO0lcA==, md5=ClX0MCBz+9neMP25V8oxNw==
x-goog-generation
1649870229754301
cache-control
no-transform
x-goog-stored-content-length
638171
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 13 Apr 2023 20:28:27 GMT
css
fonts.googleapis.com/ Frame 55A0 		3 KB
953 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/common/7e16c022/en_US.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5047f1e6270d0560e55a614449d6804eff807b631064d6a54fed4ec981cecd38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 20:53:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Apr 2022 21:12:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Apr 2022 21:12:26 GMT
/
www.facebook.com/tr/ Frame 40B1 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cu-2.com
Referer
https://cu-2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://cu-2.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 21:12:26 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
graphql-public
koi-3qnfb3tuyw.marketingautomation.services/ Frame 55A0 		11 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/938196f/en_US.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
0f11d21da4249d14ccd6503d87e32d95f8d2d14344d98fda32028b09f7c515dd

Request headers

accept
*/*
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qnfb3tuyw.marketingautomation.services
alt-svc
clear
content-length
10782
x-kube-pod
api-64667d9c76-qcrp8
graphql-public
koi-3qnfb3tuyw.marketingautomation.services/ Frame 55A0 		30 B
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/938196f/en_US.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303

Request headers

accept
*/*
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Apr 2022 21:12:26 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qnfb3tuyw.marketingautomation.services
alt-svc
clear
content-length
30
x-kube-pod
api-64667d9c76-xglc9
graphql-public
koi-3qnfb3tuyw.marketingautomation.services/ Frame 55A0 		11 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/938196f/en_US.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
0f11d21da4249d14ccd6503d87e32d95f8d2d14344d98fda32028b09f7c515dd

Request headers

accept
*/*
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Apr 2022 21:12:27 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qnfb3tuyw.marketingautomation.services
alt-svc
clear
content-length
10782
x-kube-pod
api-64667d9c76-qcrp8
graphql-public
koi-3qnfb3tuyw.marketingautomation.services/ Frame 55A0 		30 B
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://koi-3qnfb3tuyw.marketingautomation.services/graphql-public
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/frontend-prod/chatbot-client/938196f/en_US.main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
/
Resource Hash
12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303

Request headers

accept
*/*
Referer
https://koi-3qnfb3tuyw.marketingautomation.services/publicChatbot?utm_medium=email&utm_source=sharpspring&sslid=M7cwNzU0sjC0MLM0AAA&sseid=MzIxMjY3NTSzMAIA&jobid=d05c5596-1ca2-4840-af5a-cba32a6665cd&requestedLanguage=en_US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Apr 2022 21:12:27 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://koi-3qnfb3tuyw.marketingautomation.services
alt-svc
clear
content-length
30
x-kube-pod
api-64667d9c76-9xj4z
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 55A0 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://koi-3qnfb3tuyw.marketingautomation.services
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:30:55 GMT
x-content-type-options
nosniff
age
6091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 19:30:55 GMT
truncated
/ Frame 55A0 		92 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e8d88f037e62776e9355c3264513f9dd9136a0c05a60a6f8b10df944166882

Request headers

Referer
Origin
https://koi-3qnfb3tuyw.marketingautomation.services
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
font/woff

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _ss function| List function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| ExactMetrics object| ExactMetricsObject object| exactmetrics_frontend undefined| $ function| jQuery object| ztajaxloader_ajaxobj function| ZTAjaxTestFilter function| ZTAjaxLoaderGetJSONQuery function| ZTAjaxLoaderSetQueryDataFromJSON function| ZTAjaxLoaderSetupPagination function| ZTAjaxLoaderSetupFilter string| ZTAjaxTempUrlParams function| ZTAjaxFilterGetStandardValueFromFormEl function| ZTAjaxLoaderChangePage function| PlainModal object| zotnipmodals object| zotnipmodalsshown function| ShowZotnipModal function| ForceShowZotnipModal function| SetZotnipModalToShowAfterScroll function| SetZotnipModalToShowAfterTime function| SetZotnipModalToShowOnExitIntent function| ZotnipPopupSetCookie function| ZotnipPopupGetCookie object| ldfdr function| fbq function| _fbq object| ss_form object| gaplugins object| gaGlobal object| gaData object| __gaConnectorEventsEmitted string| cffajaxurl string| cfflinkhashtags boolean| sharpspring_tracking_installed boolean| cff_js_exists undefined| cffAddMasonry function| cff_init function| checkConsent function| cffCmplzGetCookie function| addFullFeatures function| afterConsentToggled function| cffGetFeedLocatorDataArray function| locationGuess object| pum_vars object| pum_sub_vars object| pum_popups object| PUM object| PUM_Accessibility object| PUM_Analytics function| pm_cookie function| pm_cookie_json function| pm_remove_cookie undefined| pum_debug string| pum_debug_mode string| ajaxurl object| pum function| FormSerializer function| countdown_wpdevart_timer function| wpdevart_countdown_animated_element function| wpdevart_countdown_isScrolledIntoView object| thickboxL10n string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF string| mns number| stickyNavTop boolean| documentIsReady object| imgLoader object| _pa boolean| loadedBool boolean| chatbotLoadWrapperBool function| facebookEventsHelper function| googleAdsEventsHelper object| _pq object| ssChatbot object| ssChatbotLeadFields boolean| ssChatbotBranding

21 Cookies

Domain/Path Name / Value
.cu-2.com/ Name: _ga
Value: GA1.2.18670322.1649884345
.cu-2.com/ Name: _gid
Value: GA1.2.127067649.1649884345
.cu-2.com/ Name: _gat_gtag_UA_98429185_1
Value: 1
.cu-2.com/ Name: _fbp
Value: fb.1.1649884345289.177902848
.cu-2.com/ Name: _lfa
Value: LF1.1.6855f06380c305a0.1649884345318
.facebook.com/ Name: fr
Value: 0VK3XR6bMoFMo9qnu..BiVzy5...1.0.BiVzy5.
cu-2.com/ Name: __ss
Value: 1649884345330
cu-2.com/ Name: __ss_referrer
Value: https%3A//cu-2.com/checking-survey/%3Futm_medium%3Demail%26utm_source%3Dsharpspring%26sslid%3DM7cwNzU0sjC0MLM0AAA%26sseid%3DMzIxMjY3NTSzMAIA%26jobid%3Dd05c5596-1ca2-4840-af5a-cba32a6665cd
.marketingautomation.services/ Name: koitk
Value: 202204%7C62573cb91210d22c8e624709
cu-2.com/ Name: __ss_tk
Value: 202204%7C62573cb91210d22c8e624709
.prfct.co/ Name: pa_uid
Value: pa_Bd5kVtiiouQObH5Ik
.prfct.co/ Name: pa_twitter_ts
Value: 1649884346091
.prfct.co/ Name: pa_yahoo_ts
Value: 1649884346124
.prfct.co/ Name: pa_openx_ts
Value: 1649884346155
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In6j)AiT!]tbP6j2F-XstGt!@E#q$zGY'
.prfct.co/ Name: pa_google_ts
Value: 1649884346157
.prfct.co/ Name: pa_rubicon_ts
Value: 1649884346157
.yahoo.com/ Name: A3
Value: d=AQABBLo8V2ICEMWrXM_Yw2obfTYcbPRvIa4FEgEBAQGOWGJhYgAAAAAA_eMAAA&S=AQAAAvgZ2RCi07Kb2GjdstV7sW8
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z4~24b9
.adnxs.com/ Name: uuid2
Value: 8095479511944140106
.doubleclick.net/ Name: IDE
Value: AHWqTUnnUhmxJTIMjscJuL7GLeo26Y8GzWzpsN-7jxVJb0wjPN3SuiFBZXQwlB9vZZI

1 Console Messages

Source Level URL
Text
network error URL: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Bd5kVtiiouQObH5Ik
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
app-3qnfb3tuyw.marketingautomation.services
cm.g.doubleclick.net
connect.facebook.net
cu-2.com
fonts.googleapis.com
fonts.gstatic.com
koi-3qnfb3tuyw.marketingautomation.services
lftracker.leadfeeder.com
link.mta3.shspma.com
maxcdn.bootstrapcdn.com
pixel-geo.prfct.co
pixel.rubiconproject.com
secure.adnxs.com
stats.g.doubleclick.net
storage.googleapis.com
tag.perfectaudience.com
tr.lfeeder.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.244.42.3
107.178.240.224
13.32.99.30
143.204.98.44
151.101.194.217
167.89.115.120
18.156.0.31
185.33.220.244
216.58.212.162
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2010
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.244.159.8
52.173.187.93
52.49.47.139
69.173.144.139
05d6e23b3984bb5081f3402b578e3f7e3d456d168dc5c993a5ec56e6d57c28e0
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08aa64f3df82bdcfa98ae744f3c2c7ba1b603e19bec42a6a80e412f5545212c8
0f11d21da4249d14ccd6503d87e32d95f8d2d14344d98fda32028b09f7c515dd
103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bbcbfac99d1e2f8e6bec9b217e77bb2b783f9668baab027923f3924403f303
14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85
1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a
1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0
1ead663e9ffa15ae9a04357db43447e15848f36aa2d194dd9da0f34269b6b444
24351213137ec9d203952c47588122399c226125b2b72746e76fad8d601e0135
2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2abc10b98bfce0b592d37587d5e8eb1d3c76c6b5e6d549171b1670fa6dab832f
2bf285471494d74f848b6db65650009a7ccf1e55c73b352b8a52582fff27f89f
2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae
3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a
324b4935d4141d15c5e8334d0dd4d40161a800060beedffc42ac1cbe0fcec3e5
3916965a7e8887a9f17b49f04cd31d9d02915a95b77300ff41ccf0d362525895
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbd80be98baa936f714c6c05d1fd709e300fbafdf39b4d554066bee730d40e6
5047f1e6270d0560e55a614449d6804eff807b631064d6a54fed4ec981cecd38
51dc5a6c0e58731110fed83e45eabaff65af8b6418053906247df32187f1dd2a
578f25aa8a72217bebfbf681a9d66d330e77a965eba6edcb3ed45d0adce8ac22
58409d3c8275e7c6f4e2f9b5b534d791e9251e3ab09236835e6cd10ba0f42ad6
6a1751eb406b448c421c8f568934d45fb2379c1bde5f18b6a5af0b5efadcb521
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98
7781dbd4a9504b649e271a910b880339d0c1ee26a7b84b51a3b88e1fe0d6c821
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9051b87f64276116affb85fe3f7e4a4e9a3ab6f9f99a7203e8a1a091c486e178
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0
934ecb719a9eb78212ebfa8985f42d4242769b9b650622a1d6e16184378d8eb4
98a4452bc9b51939e93a46147bfc1c703d38d6f6254a41f77ae02de3146c6306
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a35ac48de4e440215ccdf3ff3f17fa2b91e36cf17ec4f295fb2668b0619d25ba
a607b69f8a26f1525e49a347a47fd091b4869efe4ed7cd5b74d853b19910227d
ac5d838b2df25b1c27e97d345bffbd85304e8fe6931113e3b8d1fe22c9f6029d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1982962c8c9bfc0f93c45c8b4065807d983f1ea70e279faecc8c1dccdac3f48
b2e88bcadd5cd292ec93c6eb67f305ca3cd0ead39cc6c440b5072fa9d4df36be
b61d9e3f2b9cb5c965c65109a820a249d72433c63c2a8c68f7f7b3005e12bfc2
b6649e595fb1323a3cbe21f0f569cdae853fca540b7ba051268b15150cac2fe6
b7fb64d841828fc7eae73d7f5cfc7e2f813e0dd9060dc20303b5c794ff5878ea
b871f742efc88a70288dd7e6faed6f33ed5446050de02eb2ea30879834eb29bf
b9a6fca766ed9a201b3658950e9692b259d61f22b13e27b76cbc58d8fb5a4d86
c0d02a2d5fb2ff349eb431128f04716877247f64c7b4b8dd96c06b63d6a0396d
ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0
d197a531ff7c5555b678ce4baa54723d5032f83dab664e4c262853819d635f16
da1b2d46fb852468891e754a71c4d20237d2ff69be7bfd7460f3c853314340e2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de37f649035ec7457643868f994d814d65e10c536b83d8152ddad73d0bf11fb2
e02b01d0a3d0782c85d93d3b2206acfd57abb9647e6f3cedff7d41b4eb30bd33
e0cd12fa3c7b10a12607537a7f996b1ee457662e37d71d0a7fd1ba886329029f
e0e8d88f037e62776e9355c3264513f9dd9136a0c05a60a6f8b10df944166882
e1b8de3cad37f6872cf0e93fbbb2f40f97e48c18654ac9900cf8c941b6192b75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76cd90cc9433fbb1aa6c14e400ae340dda95730aa9a47e3d731324035733f56
eacefe83bb159e4313981d0b511a2bb1ec39d8d2898a7394e59eb1ea6652a0b3
ecf917978118862ae1fc715ef2f5d7cf541d22cf515bc480c07324037b8bba01
f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9
fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326
fc59a368d0ae42ac3a3c4519703df8332cf37c433c7b082feab1b144b9e93552