quiz.rfatimeshareexit.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://quiz.rfatimeshareexit.com/
Submission: On April 24 via api (April 24th 2024, 10:15:33 am UTC) from US — Scanned from NL

Summary HTTP 36 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 6 domains to perform 36 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is quiz.rfatimeshareexit.com.
TLS certificate: Issued by GTS CA 1P5 on April 24th 2024. Valid for: 3 months.

This is the only time quiz.rfatimeshareexit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::681a:1f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.111.125.42 34.111.125.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2a00:1450:400... 2a00:1450:4001:802::201b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 5	44.197.223.117 44.197.223.117	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223d:f800:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.120.161.19 34.120.161.19	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	172.217.16.155 172.217.16.155	15169 (GOOGLE) (GOOGLE)
36	11

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

quiz.rfatimeshareexit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:1f0 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.125.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.125.111.34.bc.googleusercontent.com

flows.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.197.223.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-223-117.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:f800:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.161.19 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.161.120.34.bc.googleusercontent.com

fb.track.heyflow.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.155 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f27.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	heyflow.cloud fonts.heyflow.cloud — Cisco Umbrella Rank: 305202 flows.heyflow.cloud tracking.heyflow.cloud — Cisco Umbrella Rank: 382079 fb.track.heyflow.cloud	457 KB
12	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 361	109 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 26285 cdn.trustedform.com — Cisco Umbrella Rank: 31039	37 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	rfatimeshareexit.com quiz.rfatimeshareexit.com	9 KB
36	6

	Domain	Requested by
12	storage.googleapis.com	quiz.rfatimeshareexit.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	fonts.heyflow.cloud	quiz.rfatimeshareexit.com fonts.heyflow.cloud
4	flows.heyflow.cloud	quiz.rfatimeshareexit.com flows.heyflow.cloud
3	tracking.heyflow.cloud	flows.heyflow.cloud
2	fb.track.heyflow.cloud	flows.heyflow.cloud
2	cdn.trustedform.com	quiz.rfatimeshareexit.com api.trustedform.com
2	connect.facebook.net	quiz.rfatimeshareexit.com connect.facebook.net
1	www.facebook.com	quiz.rfatimeshareexit.com
1	quiz.rfatimeshareexit.com
36	10

This site contains links to these domains. Also see Links.

Domain
stonegatefirm.com

Subject Issuer	Validity	Valid
quiz.rfatimeshareexit.com GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh
heyflow.cloud GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
flows.heyflow.cloud GTS CA 1D4	`2024-03-04` - `2024-06-02`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-01` - `2024-05-01`	3 months	crt.sh
fb.track.heyflow.cloud GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://quiz.rfatimeshareexit.com/
Frame ID: 83B1C885DA7EDEE1FEC31543AE89C93B
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RFA Timeshare Exit Quiz V2

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

36
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

10
Subdomains

11
IPs

3
Countries

695 kB
Transfer

2150 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://stonegatefirm.com/?utm_source=Timeshare%20Exit%20Quiz%20V2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608 HTTP 301
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608

36 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
quiz.rfatimeshareexit.com/ 48 KB
9 KB 449ms
364ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quiz.rfatimeshareexit.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 24b2066a749b54f5851b6f3d194fe2069ba1164462afe983a4ce0179c80e27be

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 879555056a967752-AMS
content-encoding: br
content-type: text/html
date: Wed, 24 Apr 2024 10:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DghwfzurvFdYZ%2BZfHt8FDDMFqhKRbeujfepdILLV8tdlSFNF2uuf11AK%2FqlnSLCmUfB1fm6O%2F0ZWueewZK9MVVaf2cB4FhFV61aFSZ%2BoBEw48eiAFMoqqmp7sR7zx92T3YdrsPIMUovKFFBb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-cloud-trace-context: 02f30c6cb86037b67a7df0088130dc59
x-powered-by: Express

GET
H2 200 icon
fonts.heyflow.cloud/ 472 B
847 B 107ms
47ms Stylesheet
text/css 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94096
cf-polished: origSize=571
x-powered-by: Express
last-modified: Tue, 23 Apr 2024 08:07:10 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcHftCColLorKoL8KwP0Gkgl%2B%2FpJyEuyMIZ9t%2B9M8PG6XESfu3OpzFJ7MV6Uc%2FKgZEZtxjbIk1wwgFfxZMMF7%2FVsALepI07j9n2juJhH1za2ybet67ZenRCX2Orh8kLnvnunE7IWA8qPpZeA%2FVnlCYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 53f615f35e44c16eeab7db7ade36d8e2
cache-control: private, max-age=604800
cf-ray: 879555082d8b1c8c-AMS

GET
H2 200 app.css
flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/ 174 KB
27 KB 146ms
75ms Stylesheet
text/css 34.111.125.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.css
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.125.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d329a51b5e2750ae3c6f7d3a9b04bf03dddb838b5ec5dbc23b44f634417279b8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
content-encoding: gzip
via: 1.1 google
x-guploader-uploadid: ABPtcPrR98XJjZYJR80XIA_NSKDTRJE0Jzl18Vmu3tuKc-oP1LrQCAz81hdOz5JRc4zWC2dRnYewTuDa3w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27369
last-modified: Wed, 24 Apr 2024 04:24:45 GMT
server: UploadServer
etag: "39bda811d6c5d7aeb09fec9b80e98c0e"
vary: Accept-Encoding
x-goog-generation: 1713932684998733
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=1NRRKA==, md5=Ob2oEdbF166wn+ybgOmMDg==
access-control-expose-headers: Content-Type
cache-control: no-store, max-age=0
x-goog-stored-content-length: 27369
accept-ranges: bytes
expires: Wed, 24 Apr 2024 10:15:26 GMT

GET
H2 200 app.js Show response
flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/ 952 KB
308 KB 147ms
77ms Script
application/javascript 34.111.125.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.js
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.125.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 70b9dc18fa8c8712271f09e925780ee465c356a1930f334e37ca9e6ef042b791

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Origin: https://quiz.rfatimeshareexit.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
content-encoding: gzip
via: 1.1 google
x-guploader-uploadid: ABPtcPoU8ERH2WNz73-_SL8b-J00dyxyoCQjfVk73pw21BUZHA7CsDFYGjINL3lqSFqOmvdSDg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314964
last-modified: Wed, 24 Apr 2024 04:24:45 GMT
server: UploadServer
etag: "be1f3cbf1a7ed36f231a649f4af3b555"
vary: Accept-Encoding
x-goog-generation: 1713932685312704
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=LXiK9A==, md5=vh88vxp+028jGmSfSvO1VQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-store, max-age=0
x-goog-stored-content-length: 314964
accept-ranges: bytes
expires: Wed, 24 Apr 2024 10:15:26 GMT

GET
H2 200 css
fonts.heyflow.cloud/ 44 KB
3 KB 158ms
99ms Stylesheet
text/css 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800|DM+Serif+Display:300,400,500,600,700,800&display=swap
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9b1cf043d4d78a67bca6db7d2ba7a2763f217618867b403450256f8e2e8cb0a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Apr 2024 10:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDeRuXqWWGgcBH7szTtYRIP58%2FZrxT6agf5d%2F33GMyFpyZDo0truHX46A2zIWHtkHaGfA3Z7n%2B1mjEoYa%2FV%2FaIXjGiGJyZKq59rjQTZtswzBxb%2F9kC4Mx%2B6IJQShv1GHAIjlKLC6oHAWbHHAGLjAl5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 34f990c9bc822564cc58774ba1ad43b8
cache-control: private, max-age=604800
cf-ray: 879555082d8c1c8c-AMS

GET
H2 200 fb4af1c0-c297-4314-9b4f-a487c565be0b.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 8 KB
8 KB 191ms
84ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/fb4af1c0-c297-4314-9b4f-a487c565be0b.png
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a7b42e29e4f6ac4e4e10fe13088bea6ff92e5441d6e19f9eee3c6d838bea55b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
x-guploader-uploadid: ABPtcPrZe9nHYm2T2kW0KYPTm5P74dobsD-sZ3y2SnWbH4Z-gnGC0LT8lAbSz92zP3M6r6oiwirlg2dORg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891443587
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=IFb8gA==, md5=iA4ffR/ksyWPTu9DL1Y7IA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 7885
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 0df4e375-ea2b-4b86-a3d2-e996dda9c037.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 6 KB
6 KB 173ms
66ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/0df4e375-ea2b-4b86-a3d2-e996dda9c037.png
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ba134ae90b9d4fd5d09e86d6d93e3e89c7da75f1b6da934037ed611d5fec5db4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
x-guploader-uploadid: ABPtcPrhRNIfhcK-ifzc4U46vh2kLFaXSpc6msW3Gcy0iMrh17BrN4IfnI6F80ZGIzQh9GZYPGCjn5T3mw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891365551
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=FXpSDg==, md5=Apbug0g+RhEgSzPIbR1nMA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 5996
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 b6f422cc-9c43-432c-af36-900a2a267aff.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 48 KB
48 KB 77ms
75ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/b6f422cc-9c43-432c-af36-900a2a267aff.png
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dba72a50b1e92892f184a71bba5b240d5be137f45ac9feacee0c792f35632c7a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
x-guploader-uploadid: ABPtcPoQUTUAC68o3hwvOxKotF-6zaJS20pom-46XhgfvTukhuZuwQK7Hmd9S-d13En9OTRTEQ25MqfHNQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891451099
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=pmatkA==, md5=RbyNq4BFAzh8BSFvGBc8/w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 45815
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 885ed6dd-539c-4765-b0ae-681547e8c79d.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 1 KB
1 KB 64ms
61ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/885ed6dd-539c-4765-b0ae-681547e8c79d.png
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ff699bbc54b8d092ad8034abcfa7d837dc9ff4cdd1a7634b099978d55baaaa50

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
x-guploader-uploadid: ABPtcPpaWlmd9hYUINk5VcNZDjkc9_d1LQ3LEmfsYZzrskcUSXWl6wMJBneAZQe_UBgSC2OLVjc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891456711
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=0cZ0lg==, md5=3uNUSpoZoBL3x7B0O4VBjw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 1281
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 96ms
25ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Apr 2024 10:15:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: p73okLnT7MvUYqYCQG8flxTblyzeLfR89MWl3AQX8JPeTr5HiFdgzsf6cfAEy1VNE/xuoxWVkZgvVsXz7k+3lQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608

8 KB
4 KB

315ms
257ms

Script
application/javascript

2600:9000:223d:f800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Server: 2600:9000:223d:f800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://quiz.rfatimeshareexit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Apr 2024 10:15:28 GMT
x-amz-version-id: wfT.1UDmcvoWxmr67CfqG4zKmfhVltQE
content-encoding: gzip
last-modified: Thu, 28 Mar 2024 21:16:57 GMT
server: AmazonS3
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: W/"e11406d1e7ba652ddbe0623e1207c210"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: knRnIPZyLOn48ci2p1CV_Jsmdugk540B7kdo-sv-Qgi0qxgHjmRyvg==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608
date: Wed, 24 Apr 2024 10:15:27 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 -nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.heyflow.cloud/s/dmserifdisplay/v15/ 24 KB
25 KB 98ms
52ms Font
font/woff2 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
Requested by: Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800|DM+Serif+Display:300,400,500,600,700,800&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800|DM+Serif+Display:300,400,500,600,700,800&display=swap
Origin: https://quiz.rfatimeshareexit.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 211379
x-powered-by: Express
content-length: 24768
last-modified: Sun, 21 Apr 2024 23:32:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9XRNezjIEbgDHV%2BzjhN5SjxdM9xJhmCvy2wrsbLTgeWH6xmVv%2FRyRbn5%2BAmDPK3iAHn7kYRmIjCDeN5Zx7KAJdKnwaskq9Pzudal4HbcYGvoc8uu71FDJCv8MNC5ClUbdXw%2F94LHiN8kJYR%2BsMQoGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 341b85b5acaa34ff2d5d5d1556c6e0e4
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 879555094c9b663a-AMS

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.heyflow.cloud/s/roboto/v30/ 15 KB
16 KB 101ms
55ms Font
font/woff2 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800|DM+Serif+Display:300,400,500,600,700,800&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800|DM+Serif+Display:300,400,500,600,700,800&display=swap
Origin: https://quiz.rfatimeshareexit.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 581430
x-powered-by: Express
content-length: 15744
last-modified: Wed, 17 Apr 2024 16:44:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GoiscZgS13qgsuGx7dBcgKm3i5B0OXixsPSI4Uzve%2BHuN%2FTyl1XpOzrSl0yR05xuZazFXsoQcTJ%2FQantNEoSetQgltPUbzrqrjDD9FcV34SJMvDWCZAH3ZIs1ixknx8QhGpV%2BfGeyQkwAi4LdqSmmNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 699fd2a79c3bc3ccb68edbf1836e162b
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 879555094ca1663a-AMS

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.heyflow.cloud/s/roboto/v30/ 15 KB
16 KB 102ms
56ms Font
font/woff2 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.heyflow.cloud/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800|DM+Serif+Display:300,400,500,600,700,800&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800|DM+Serif+Display:300,400,500,600,700,800&display=swap
Origin: https://quiz.rfatimeshareexit.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 576330
x-powered-by: Express
content-length: 15860
last-modified: Wed, 17 Apr 2024 18:09:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T31lJe2pF7SkIDqXh6P7BekrloYB3dVSc%2BjwfMLo8%2BiUDgCETvNy8pMpcVOzLO9Adye%2FOzBALW8iXvtVmZE7871drmrAfa1zZLzrvvs2QSCWD8GOU%2BXlWAz5n7H%2Bd%2BdTy0u%2FSL6AZlqsPZ03KYqbFbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: bf4fe9c778e98407dc13e97ca1a2fd14
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 879555094c9e663a-AMS

GET
H2 200 05df53b4-729d-40a9-8af9-be74e641c5fd.svg
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 29 KB
9 KB 90ms
81ms Image
image/svg+xml 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/05df53b4-729d-40a9-8af9-be74e641c5fd.svg
Requested by: Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 33dc827053f0c7f5fcbbbab0a1283ec1e8c0d1a5d7525693a88078506fa50f52

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpj_HlL1GUPkYIithAlqw5bykkFnlSc2lXYnGdq-S1YKqo8ELEJY9mUaOuQkkA0dnJiWSK8vwUAcQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8662
last-modified: Thu, 11 Apr 2024 14:48:40 GMT
server: UploadServer
etag: "5873f3599c1c3b5656210825653ebeee"
vary: Accept-Encoding
x-goog-generation: 1712846920329826
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=SWLgBw==, md5=WHPzWZwcO1ZWIQglZT6+7g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 8662
accept-ranges: bytes
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 libphone.chunk.js Show response
flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/ 82 KB
22 KB 85ms
84ms Script
application/javascript 34.111.125.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/libphone.chunk.js
Requested by: Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.125.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0d143c215a21deb3a5370ea90169c24c9b46c970960111076b44ec192acfdcbe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Origin: https://quiz.rfatimeshareexit.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
content-encoding: gzip
via: 1.1 google
x-guploader-uploadid: ABPtcPoLunVxhOZfxGYjUshxgG4U7vy7iVRhVHpftgrjpEqO8ennrPpxCkDWxF0qzwU14CgnKHWdJEMSvA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22219
last-modified: Wed, 24 Apr 2024 04:24:45 GMT
server: UploadServer
etag: "5266c9cc44a624e603c94603ba87e000"
vary: Accept-Encoding
x-goog-generation: 1713932684997840
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=sXlf5g==, md5=UmbJzESmJOYDyUYDuofgAA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-store, max-age=0
x-goog-stored-content-length: 22219
accept-ranges: bytes
expires: Wed, 24 Apr 2024 10:15:27 GMT

OPTIONS
H2 200 /
tracking.heyflow.cloud/ 0
0 63ms
51ms Preflight
text/plain 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quiz.rfatimeshareexit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8795550b0e46663a-AMS
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 24 Apr 2024 10:15:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNJuuwVTmEWSjqpSQZoD8OCktAqEANGHjDjconWC%2BoiPgTyp3omhtw4lZ%2B0jSb5WwWxDwkRlPYtyZFVK%2Bj4kPodLfbFh%2FUoQRDW5Ywf8K8Vooql9K0j1Mn7obYyDitPq9kEEXj%2F2%2FlFbB%2FXBjhDtYmjrLPI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google, 1.1 google
x-cloud-trace-context: 21f77d267965b7d4cb1452e775d3dae6

POST
H2 200 / Show response
tracking.heyflow.cloud/ 2 B
314 B 108ms
107ms XHR
text/plain 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Requested by: Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://quiz.rfatimeshareexit.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
via: 1.1 google, 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, PUT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbfTnZQx5XyHgcZwGU7rJgeszU74UDJLUwhjtHvFgepc%2FcOfiFJwkQcVF2gbE%2FFGfyi2AnMtWZUczqbLCNdTVZfpOOimezEkJpynMl0PXKjyoF1pisJbXFMnRDpTPeHeCtqGQX99F1joXfgdFuiMEU1KN1Q%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 42a0e7d433b4307b2fdcd221172efbda
cf-ray: 8795550b5e9d663a-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

GET
H2 200 392076662869912 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 265ms
264ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/392076662869912?v=2.9.154&r=stable&domain=quiz.rfatimeshareexit.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f731a766b341031f85940c542d2880d5c6755798357fa6d736b914fb3cd85efe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Apr 2024 10:15:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=64, mss=1294, tbw=63205, tp=-1, tpl=-1, uplat=236, ullat=0
pragma: public
x-fb-debug: OKSbIl5hNym24frjQSDPoc73nBK/uMNLzuLhJ5KWJMoXBY+BqAcgcN5aD3d4k3nfs3kqQOOQqUb9lVBRgV4kRg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 index.chunk.js Show response
flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/ 151 KB
39 KB 94ms
94ms Script
application/javascript 34.111.125.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/index.chunk.js
Requested by: Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.125.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 813517071effc1ace364dd43bda40e33c4a43833ebe80fc7ec94f3bc3574021b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.js
Origin: https://quiz.rfatimeshareexit.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
content-encoding: gzip
via: 1.1 google
x-guploader-uploadid: ABPtcPob3srgA9ywcJcmDmaXo49wZw73DpKAjgbh8TQWhtC_0wb8tzvf_dFGrZcDKGmD4KYDsoTCWgAIYw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39897
last-modified: Wed, 24 Apr 2024 04:24:45 GMT
server: UploadServer
etag: "d1eee1ed22256b1152992bd72dbda429"
vary: Accept-Encoding
x-goog-generation: 1713932685001522
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=xgpHiQ==, md5=0e7h7SIlaxFSmSvXLb2kKQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-store, max-age=0
x-goog-stored-content-length: 39897
accept-ranges: bytes
expires: Wed, 24 Apr 2024 10:15:27 GMT

POST
H2 200 / Show response
tracking.heyflow.cloud/ 2 B
313 B 155ms
149ms XHR
text/plain 2606:4700:20::681a:1f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.heyflow.cloud/
Requested by: Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://quiz.rfatimeshareexit.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
via: 1.1 google, 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, PUT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1pVBK1S7Fw374uGm0HGa1PkP7B3arfoM1jgHX2okzWGgq3DT5%2FYBLK7Uw55JI1NKtAnxk0wxhDFEw5tYFUpd4kp%2Fe0t%2BgVC04tew6178Fn94jTvTQYru4Y6G6nrhLHHfAvt2Xt%2FqVX1cnv4yhKrRmCefA0%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 691ded44a97f44abe1befacae02d01e4
cf-ray: 8795550c1f51663a-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

POST
H2 200 / Show response
fb.track.heyflow.cloud/ 101 B
205 B 491ms
472ms XHR
application/json 34.120.161.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fb.track.heyflow.cloud/
Requested by: Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/rfa-timeshare-exit-quiz-v2/www/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.161.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.161.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 51cc95a36bb773adc16a90f92bcd50bf7ec89b563516d596654b66a1e70f4b5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://quiz.rfatimeshareexit.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: GET, POST, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: acfba2cda34b571e9f58c183d28895ba
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 /
fb.track.heyflow.cloud/ 0
0 120ms
65ms Preflight
text/plain 34.120.161.19
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fb.track.heyflow.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.161.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 19.161.120.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://quiz.rfatimeshareexit.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 24 Apr 2024 10:15:27 GMT
server: Google Frontend
via: 1.1 google, 1.1 google
x-cloud-trace-context: 2fb03b8b6c35b148ce7f09a3de8db0ee

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 119ms
31ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=392076662869912&ev=PageView&dl=https%3A%2F%2Fquiz.rfatimeshareexit.com%2F%23resort&rl=&if=false&ts=1713953727483&cd[event]=PageView&cd[flow_id]=rfa-timeshare-exit-quiz-v2&cd[host]=quiz.rfatimeshareexit.com&cd[path]=%2F&cd[origin]=https%3A%2F%2Fquiz.rfatimeshareexit.com&cd[title]=RFA%20Timeshare%20Exit%20Quiz%20V2&cd[hash]=%23resort&cd[referrer]=&cd[screen_width]=1600&cd[screen_height]=1200&cd[user_id]=_m86bhf&cd[screen_id]=screen-810ea872&cd[session_id]=c8bvj4&cd[ab_variant_id]=nJTJyxEeo6SPp8uUxqHY&cd[is_embedded]=false&cd[widget_version]=3.0.6&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713953727480.471873102&cs_est=true&ler=empty&cdl=API_unavailable&it=1713953727201&coo=false&eid=a1293s6w70cn&rqm=GET

Requested by

Host: quiz.rfatimeshareexit.com
URL: https://quiz.rfatimeshareexit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1294, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 24 Apr 2024 10:15:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 305ms
102ms XHR
application/json 44.197.223.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.197.223.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-223-117.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 1c10cd1bd09aaf52cbb2bf7e1b278ab91caedd27d483a256d0cc0dfc03d2278a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H3 200 b47fc4a1-2637-4c8c-a07c-6d313ecf6079.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 37 KB
37 KB 80ms
77ms Other
image/png 172.217.16.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/b47fc4a1-2637-4c8c-a07c-6d313ecf6079.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f27.1e100.net
Software: UploadServer /
Resource Hash: cb3edfc2a935b8141d72e390668219f0009b36fb9832cb365b0a2d0391911e2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
x-guploader-uploadid: ABPtcPphnkxaQCVhEV8nPV-R26ouCnhOJzg2frFeOEw4LBaKiv1DFcrfSNb6fGYnYI7FafncuGk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 22 Apr 2024 22:25:49 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1713824749593710
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=34EzVg==, md5=Cz2L2uTooDdJuLyzzha/NQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 31438
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:27 GMT

GET
H3 200 b47fc4a1-2637-4c8c-a07c-6d313ecf6079.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 37 KB
12 B 26ms
26ms Other
image/png 172.217.16.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/b47fc4a1-2637-4c8c-a07c-6d313ecf6079.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f27.1e100.net
Software: UploadServer /
Resource Hash: cb3edfc2a935b8141d72e390668219f0009b36fb9832cb365b0a2d0391911e2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:27 GMT
age: 0
x-guploader-uploadid: ABPtcPphnkxaQCVhEV8nPV-R26ouCnhOJzg2frFeOEw4LBaKiv1DFcrfSNb6fGYnYI7FafncuGk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 22 Apr 2024 22:25:49 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1713824749593710
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=34EzVg==, md5=Cz2L2uTooDdJuLyzzha/NQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 31438
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:27 GMT

GET
H2 200 trustedform-1.9.4.js Show response
cdn.trustedform.com/ 84 KB
33 KB 32ms
32ms Script
application/javascript 2600:9000:223d:f800:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=1713953726847.8608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:f800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 99pp4qPmo76AUtojH7nmQZ_9ll2PZAe4
content-encoding: gzip
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
date: Wed, 24 Apr 2024 10:15:27 GMT
last-modified: Thu, 28 Mar 2024 21:16:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 19
etag: W/"f46641519eee44fe450f02ae72e64a74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: r9okTNS0AXoV5Ey9W8sUatGIx2P6uXYkN-zqN-EChoSlf0i-b77G2g==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/f304dade09cc070b57a4d2e8c5338181b3e96f94/ 0
159 B 207ms
206ms XHR
text/plain 44.197.223.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f304dade09cc070b57a4d2e8c5338181b3e96f94/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.197.223.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-223-117.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 24 Apr 2024 10:15:28 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/f304dade09cc070b57a4d2e8c5338181b3e96f94/ 0
159 B 191ms
183ms XHR
text/plain 44.197.223.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f304dade09cc070b57a4d2e8c5338181b3e96f94/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.197.223.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-223-117.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 24 Apr 2024 10:15:28 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 05df53b4-729d-40a9-8af9-be74e641c5fd.svg
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 29 KB
12 B 36ms
34ms Image
image/svg+xml 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/05df53b4-729d-40a9-8af9-be74e641c5fd.svg
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 33dc827053f0c7f5fcbbbab0a1283ec1e8c0d1a5d7525693a88078506fa50f52

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
content-encoding: gzip
age: 2
x-guploader-uploadid: ABPtcPpj_HlL1GUPkYIithAlqw5bykkFnlSc2lXYnGdq-S1YKqo8ELEJY9mUaOuQkkA0dnJiWSK8vwUAcQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8662
last-modified: Thu, 11 Apr 2024 14:48:40 GMT
server: UploadServer
etag: "5873f3599c1c3b5656210825653ebeee"
vary: Accept-Encoding
x-goog-generation: 1712846920329826
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=SWLgBw==, md5=WHPzWZwcO1ZWIQglZT6+7g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 8662
accept-ranges: bytes
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 fb4af1c0-c297-4314-9b4f-a487c565be0b.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 8 KB
12 B 37ms
34ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/fb4af1c0-c297-4314-9b4f-a487c565be0b.png
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a7b42e29e4f6ac4e4e10fe13088bea6ff92e5441d6e19f9eee3c6d838bea55b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
age: 2
x-guploader-uploadid: ABPtcPrZe9nHYm2T2kW0KYPTm5P74dobsD-sZ3y2SnWbH4Z-gnGC0LT8lAbSz92zP3M6r6oiwirlg2dORg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891443587
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=IFb8gA==, md5=iA4ffR/ksyWPTu9DL1Y7IA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 7885
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 0df4e375-ea2b-4b86-a3d2-e996dda9c037.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 6 KB
12 B 36ms
34ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/0df4e375-ea2b-4b86-a3d2-e996dda9c037.png
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ba134ae90b9d4fd5d09e86d6d93e3e89c7da75f1b6da934037ed611d5fec5db4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
age: 2
x-guploader-uploadid: ABPtcPrhRNIfhcK-ifzc4U46vh2kLFaXSpc6msW3Gcy0iMrh17BrN4IfnI6F80ZGIzQh9GZYPGCjn5T3mw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891365551
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=FXpSDg==, md5=Apbug0g+RhEgSzPIbR1nMA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 5996
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 b6f422cc-9c43-432c-af36-900a2a267aff.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 48 KB
12 B 37ms
31ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/b6f422cc-9c43-432c-af36-900a2a267aff.png
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dba72a50b1e92892f184a71bba5b240d5be137f45ac9feacee0c792f35632c7a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
age: 2
x-guploader-uploadid: ABPtcPoQUTUAC68o3hwvOxKotF-6zaJS20pom-46XhgfvTukhuZuwQK7Hmd9S-d13En9OTRTEQ25MqfHNQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891451099
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=pmatkA==, md5=RbyNq4BFAzh8BSFvGBc8/w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 45815
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
H2 200 885ed6dd-539c-4765-b0ae-681547e8c79d.png
storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/ 1 KB
12 B 37ms
31ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/builder.zenflow.de/rfa-timeshare-exit-quiz-v2/www/assets/885ed6dd-539c-4765-b0ae-681547e8c79d.png
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ff699bbc54b8d092ad8034abcfa7d837dc9ff4cdd1a7634b099978d55baaaa50

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 10:15:26 GMT
age: 2
x-guploader-uploadid: ABPtcPpaWlmd9hYUINk5VcNZDjkc9_d1LQ3LEmfsYZzrskcUSXWl6wMJBneAZQe_UBgSC2OLVjc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 11 Apr 2024 14:48:11 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712846891456711
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=0cZ0lg==, md5=3uNUSpoZoBL3x7B0O4VBjw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=0, s-maxage=31104000
x-goog-stored-content-length: 1281
accept-ranges: none
expires: Sat, 19 Apr 2025 10:15:26 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 204 events
api.trustedform.com/certs/f304dade09cc070b57a4d2e8c5338181b3e96f94/ 0
159 B 117ms
115ms Ping
text/plain 44.197.223.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/f304dade09cc070b57a4d2e8c5338181b3e96f94/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.197.223.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-223-117.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://quiz.rfatimeshareexit.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 24 Apr 2024 10:15:33 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rfatimeshareexit.com/	1970-01-20 22:15:29	Name: _fbp Value: fb.1.1713953727480.471873102

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/392076662869912?v=2.9.154&r=stable&domain=quiz.rfatimeshareexit.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
connect.facebook.net
fb.track.heyflow.cloud
flows.heyflow.cloud
fonts.heyflow.cloud
quiz.rfatimeshareexit.com
storage.googleapis.com
tracking.heyflow.cloud
www.facebook.com
172.217.16.155
188.114.96.3
2600:9000:223d:f800:1c:7f1a:6680:93a1
2606:4700:20::681a:1f0
2a00:1450:4001:802::201b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.111.125.42
34.120.161.19
44.197.223.117
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
0d143c215a21deb3a5370ea90169c24c9b46c970960111076b44ec192acfdcbe
1c10cd1bd09aaf52cbb2bf7e1b278ab91caedd27d483a256d0cc0dfc03d2278a
24b2066a749b54f5851b6f3d194fe2069ba1164462afe983a4ce0179c80e27be
33dc827053f0c7f5fcbbbab0a1283ec1e8c0d1a5d7525693a88078506fa50f52
35cbf6a6e5e7ff72ebb142669e1727de048df4fc13fc9fb5d9bd2d8334de7a71
51cc95a36bb773adc16a90f92bcd50bf7ec89b563516d596654b66a1e70f4b5d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
70b9dc18fa8c8712271f09e925780ee465c356a1930f334e37ca9e6ef042b791
813517071effc1ace364dd43bda40e33c4a43833ebe80fc7ec94f3bc3574021b
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
a7b42e29e4f6ac4e4e10fe13088bea6ff92e5441d6e19f9eee3c6d838bea55b2
b9b1cf043d4d78a67bca6db7d2ba7a2763f217618867b403450256f8e2e8cb0a
ba134ae90b9d4fd5d09e86d6d93e3e89c7da75f1b6da934037ed611d5fec5db4
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d
cb3edfc2a935b8141d72e390668219f0009b36fb9832cb365b0a2d0391911e2a
d329a51b5e2750ae3c6f7d3a9b04bf03dddb838b5ec5dbc23b44f634417279b8
daec1d32a4f211884695930cbc2443467f28e7bd1b1ae1afb7f2eb16349aacfe
dba72a50b1e92892f184a71bba5b240d5be137f45ac9feacee0c792f35632c7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f731a766b341031f85940c542d2880d5c6755798357fa6d736b914fb3cd85efe
ff699bbc54b8d092ad8034abcfa7d837dc9ff4cdd1a7634b099978d55baaaa50

quiz.rfatimeshareexit.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

50 %IPv6

6 Domains

10 Subdomains

11 IPs

3 Countries

695 kBTransfer

2150 kBSize

1 Cookies

1 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

quiz.rfatimeshareexit.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

10
Subdomains

11
IPs

3
Countries

695 kB
Transfer

2150 kB
Size

1
Cookies

36 HTTP transactions
1 data transactions