urlscan.io logo urlscan.io
SecurityTrails logo

qahmnknbi.supersurvey.com Open in urlscan Pro
2606:4700:3108::ac42:2b9c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://qahmnknbi.supersurvey.com/
Effective URL: https://qahmnknbi.supersurvey.com/
Submission: On January 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 16 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is qahmnknbi.supersurvey.com.
TLS certificate: Issued by GTS CA 1P5 on December 15th 2023. Valid for: 3 months.
This is the only time qahmnknbi.supersurvey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3108::ac42:2864 (United States)

ASN13335 (CLOUDFLARENET, US)
qahmnknbi.supersurvey.com
12    2606:4700:3108::ac42:2b9c (United States)

ASN13335 (CLOUDFLARENET, US)
qahmnknbi.supersurvey.com
take.supersurvey.com
www.supersurvey.com
8    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
consent.youtube.com
9    2606:4700:3108::ac42:2ae7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.quiz-maker.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:20::681a:5da (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.poll-maker.com
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
277 KB
13 supersurvey.com
qahmnknbi.supersurvey.com
take.supersurvey.com
www.supersurvey.com
943 KB
9 quiz-maker.com
www.quiz-maker.com — Cisco Umbrella Rank: 466506
75 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
45 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
47 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
88 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
consent.youtube.com — Cisco Umbrella Rank: 18474
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 6
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 poll-maker.com
cdn.poll-maker.com
33 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1695
252 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
71 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
80 KB
57 16
Domain Requested by
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 www.quiz-maker.com www.supersurvey.com
qahmnknbi.supersurvey.com
8 pagead2.googlesyndication.com qahmnknbi.supersurvey.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 qahmnknbi.supersurvey.com 1 redirects qahmnknbi.supersurvey.com
take.supersurvey.com
5 www.supersurvey.com qahmnknbi.supersurvey.com
take.supersurvey.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
2 www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net take.supersurvey.com
connect.facebook.net
2 take.supersurvey.com qahmnknbi.supersurvey.com
1 www.google.com tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.facebook.com connect.facebook.net
1 cdn.poll-maker.com qahmnknbi.supersurvey.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdnjs.cloudflare.com take.supersurvey.com
1 consent.youtube.com qahmnknbi.supersurvey.com
1 www.youtube.com 1 redirects
1 www.googletagmanager.com qahmnknbi.supersurvey.com
57 21

This site contains links to these domains. Also see Links.

Domain
www.supersurvey.com
Subject Issuer Validity Valid
supersurvey.com
GTS CA 1P5		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://qahmnknbi.supersurvey.com/
Frame ID: 2C31B7A8722ECE6D836A75A9DB088579
Requests: 33 HTTP requests in this frame

Frame: https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fplaylist%3Flist%3DPLmg1_jZJ8atDEv7Y6wBa-gSVjjzRXavoH%26cbrd%3D1&gl=DE&m=0&pc=yt&cm=2&hl=de&src=1
Frame ID: A7E9EAD24BE1836832C82C6DEB95983C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: D1D918FE9498419FD4ADE51178AF1D76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&adk=1812271804&adf=3025194257&lmt=1704164118&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117990&bpp=2&bdt=585&idt=358&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1898646008917&frm=20&pv=2&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=396
Frame ID: CF184A7A07333C32CD365ABBAB60A8A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Frame ID: 3C73554F49634148DBF4458DFC452F19
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 9E8A24A221942528FBAA8BE0A7F5E954
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 252E954F9363E2FA75D03778724043D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F9491308DACBA1DD115A5DDDEC2CD0E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GF Application (Reloaded)

Page URL History Show full URLs

  1. http://qahmnknbi.supersurvey.com/ HTTP 301
    https://qahmnknbi.supersurvey.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

57
Requests

98 %
HTTPS

95 %
IPv6

16
Domains

21
Subdomains

19
IPs

2
Countries

1726 kB
Transfer

3394 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qahmnknbi.supersurvey.com/ HTTP 301
    https://qahmnknbi.supersurvey.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.youtube.com/playlist?list=PLmg1_jZJ8atDEv7Y6wBa-gSVjjzRXavoH HTTP 302
  • https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fplaylist%3Flist%3DPLmg1_jZJ8atDEv7Y6wBa-gSVjjzRXavoH%26cbrd%3D1&gl=DE&m=0&pc=yt&cm=2&hl=de&src=1
Request Chain 45
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CjECrFnuTZZD2HK3G9u8Ph9-MyAyr3pCQdfS6s4vTEtGMuKQEEAEg9-2FI2CVgoCAsAegAd3wqsAqyAEJqAMByAPLBKoE_AFP0B0iE4BPRaafiQpzTBvO2Swkz-tj8uBnnQ4KPIoJ0wAU7w_0M0e9Uerp6G99ogrxsvf-ZWaYrodLD6mTSqbPJYITm6M8rvf_Fxf8Fl-QP5g8xuQz7ae_Ip4okhTMKvSoWPNhK9ioifp59_QJ6e_1etY9URwH6d_4p1vFtvQC_HsA31Ke4KUZFhAnA6sU-9f8eabYFcdB2lNtbJxr2ahYvWLWop83-9VUhe1UWQXVasE-hCwsyiKq-ZWXiV8JtR7V8ou7t6qpKmQy8jQtcYPwx6AVe42FSqwtrCsd9zl3KxhZ-KyL6PdLwwS7-4BywpO_ShL5hYEnW3oHAmHABLTApP3XBIgF4orxuk2SBQQIBBgBkgUECAUYBKAGLoAH3aj7nwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCI9C_SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMm2rofavYMDmgmWAWh0dHBzOi8vcGRmaXhlcnMuY29tL2Rvd25sb2FkUGFnZS5odG1sP2NhbXBhaWduX2lkPTIwNzkzMDE3Njk4JmFkZ3JvdXBfaWQ9MTYxMDU1NTgwMjEyJnBsYWNlbWVudF9pZD1xYWhtbmtuYmkuc3VwZXJzdXJ2ZXkuY29tJmNyZWF0aXZlX2lkPTY4NDQyMTU2MTU3MIAKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQK4E-QD2BMK0BUBmBYBgBcBshccChoIABIUcHViLTMyMTE2MjE1NDI2MTc0MzkYALIYAyIBAA&sigh=mIQmyF2By38&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_qyCv-oCLbt1Y3bg1RqecSPSkrS3jr7q9Dje6NN8zAa1kAu58of9K7yg61kkALX0tgyrIF8Rh597t8wD1-ij_TZXfmzl_5ybEi64YAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212636281013128508795%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222427619136652613473%22}&andc=true

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qahmnknbi.supersurvey.com/
Redirect Chain
  • http://qahmnknbi.supersurvey.com/
  • https://qahmnknbi.supersurvey.com/
60 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9f2cfd88a928c7bc8867450049ca9dfe3d601557c5e561f5321ce0f9af5c792e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83efb8e48c199186-FRA
content-encoding
br
content-type
text/html; Charset=utf-8
date
Tue, 02 Jan 2024 02:55:17 GMT
expires
Mon, 01 Jan 2024 02:55:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxggBbEcdPnuvbQKOLyEGNdrRRR%2FE8GE4NJeBNeankrVwTvZsjxtzsf1H%2FIkTyvz7n5RfLu%2Bhzi%2BtdgsXMtML1kFaQXu%2Fht%2BgF6Sb4BVWbgiP49FKsUmvwi%2FQTkrqCiPkao3IyaFNhmNxM6Wc1wNruiR5i19mzo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
83efb8e2bb7430d2-FRA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; Charset=utf-8
Date
Tue, 02 Jan 2024 02:55:17 GMT
Expires
Mon, 01 Jan 2024 02:55:16 GMT
Location
https://qahmnknbi.supersurvey.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilSwqjghR1ma7pdLIGHcRbOWZLodf7MGUyac77G7CFAmZae8LvMe%2BEMITaGcAk95Kh6eZn7vy4j%2FUYGr%2FwpwWzrSocR256UTvOCaxaJJGPPJK5ljtUmq7wVIxzTdNh4B%2Fdri6wgozOrQEkmtmuVVUaxkfhBDTBo%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
ASP.NET
3012-base-22-v289.css
take.supersurvey.com/styles/ 		197 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://take.supersurvey.com/styles/3012-base-22-v289.css
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7608625e82959c6d1bb8df8da290d720fe4c777587110f73d358678b36514c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Nov 2023 00:45:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
321188
etag
W/"3b2e6f906f1eda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcEGYugyRfo14%2F0bPP8Xd3b7McNyzdPT5CGl5fqlzPbZiCYbBKAajW6VlW32oBKRCEcvbDU2W4f7aQ2e30c0mMjAcFrScC2SeeRINOyRG7cMCHRsQ8r47EiN0l7qKCccRIP1BKfVhLR%2B0AuZmqnl%2FoaR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
83efb8e6dd549186-FRA
3012-base-22-v289.js
take.supersurvey.com/styles/ 		154 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://take.supersurvey.com/styles/3012-base-22-v289.js
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
98938926eb88fae63166402b464d2388d27e3b9ec6e9627d709842801abffcd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Nov 2023 00:45:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
192193
etag
W/"b69e4d906f1eda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojwgNNyOETvNzl3aZTMUemnZYXymaLEAxWT%2BWPmWvweTk%2F93Bon3Tl4Y5jlwGKXjZRrdd3ZTKkbwPyGShD67qJzhiAm4V9k7erqU%2FwYjNMJ2OOCytuGCsyZWG7pFkvYKlZn87ig7F1jBtdllfaOr3AOi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
83efb8e6dd559186-FRA
theme-142-v10.css
www.supersurvey.com/3025/CDN/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.supersurvey.com/3025/CDN/theme-142-v10.css
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
05608d1bb63826ac4c10b00d030a4239caa602329af0e662657e8e8c8fea892b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 04:10:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d779e012e6e9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24X%2ByJGXaEjS1bt6QiUuHWSYHVxyItR4hroqUkK7xBbPX%2BpozvbwLU%2BU1sUuNQ1hGaVYLVLRIsJqIb0IgTnAQt7tzlhGDFzQlhS20DNc0%2FU%2BBrVcfdrfFLjxnpcr7RfeQIr1zUzpt42S0O1kX%2FyQNQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
83efb8e5fcd59186-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3211621542617439
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d4eacdab5306b5dc693f01de6b69c2ffdc03e390e07d6825fb5bf64ec979b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Origin
https://qahmnknbi.supersurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51242
x-xss-protection
0
server
cafe
etag
7838683055042040001
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 02:55:17 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TPQGP6QWQQ
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f6352fcac543ec7e7dac1d195c38281019773e767a7bce3138e32ad155b67f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81297
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 02:55:17 GMT
3012-base-107-v2.js
qahmnknbi.supersurvey.com/styles/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qahmnknbi.supersurvey.com/styles/3012-base-107-v2.js
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dfa454bb78db0b0ced9fc27ac6d2c81ba245f52cb1b3b0c78f0c436a85cbb9fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Jun 2023 03:45:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1dc963dbca4d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJQkgnqWe%2BUgSXdXtDHeAnVSM0Em02MBh5hYO0MhGBofkZus9DELz%2FXMf3aOKWOf%2Fq8dJ26obrdwmo3Y1rYFTa07CsumkXDjk9mNcY9qx3g9rYVj2ykOke2EgfAzcH4uFdRHCoU8LyEmiMrY%2BggIIQuB%2BS5Scbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
83efb8e77dbb9186-FRA
m
consent.youtube.com/ Frame A7E9
Redirect Chain
  • https://www.youtube.com/playlist?list=PLmg1_jZJ8atDEv7Y6wBa-gSVjjzRXavoH
  • https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fplaylist%3Flist%3DPLmg1_jZJ8atDEv7Y6wBa-gSVjjzRXavoH%26cbrd%3D1&gl=DE&m=0&pc=yt&cm=2&hl=de&src=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fplaylist%3Flist%3DPLmg1_jZJ8atDEv7Y6wBa-gSVjjzRXavoH%26cbrd%3D1&gl=DE&m=0&pc=yt&cm=2&hl=de&src=1
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--Yru-xnQvuexjrvqm6dnqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/ConsentUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--Yru-xnQvuexjrvqm6dnqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/ConsentUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Tue, 02 Jan 2024 02:55:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
application/binary
cross-origin-opener-policy
same-origin-allow-popups; report-to="youtube_main"
date
Tue, 02 Jan 2024 02:55:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fplaylist%3Flist%3DPLmg1_jZJ8atDEv7Y6wBa-gSVjjzRXavoH%26cbrd%3D1&gl=DE&m=0&pc=yt&cm=2&hl=de&src=1
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Lavendar-02.svg
www.quiz-maker.com/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quiz-maker.com/images/Lavendar-02.svg
Requested by
Host: www.supersurvey.com
URL: https://www.supersurvey.com/3025/CDN/theme-142-v10.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5164174471fbf4df6c9b0a6e0d545ad368c61639b418dc4c93af869c5bb6cfc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Nov 2021 22:23:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"bf79dd136fcfd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5r9t%2BUEv5R587loFKafF4d0Dh5uOhR5Eckja3%2FbvT7tCCVdLoH9eD%2F0qlBUtnFyV24kOHRm5OK9SIznBFoCiI%2Bw0qFkzARRqz5aKITwvr1rrgMXIOrJmWrc%2BX5u83eKJ3uWIDD3D6c3iJsDWefhjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=691200
cf-ray
83efb8e838909060-FRA
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: take.supersurvey.com
URL: https://take.supersurvey.com/styles/3012-base-22-v289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44f80f45c58f6e9b0e5988d747279a2d3beb42b3906722654192b1ed45c5e50d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 02:55:17 GMT
content-md5
J5wmDCaIR5vsA8NQqGxKNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
g3cZIN0b8mNTYkz/V0k76qc05VhJEyynQABWWhb0RfDj2dfg79ftHirVbZy3sGR8IzUDBnvNkOzrJ2+Jy8socw==
x-fb-content-md5
4ad7ddc4bd01fb4ba66201fbfee7c06d
cross-origin-opener-policy
same-origin-allow-popups
etag
"69a75a29e7381e69ca0851e13cf0fb8e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 02 Jan 2024 03:13:09 GMT
theme-142-v10.css
www.supersurvey.com/3025/CDN/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.supersurvey.com/3025/CDN/theme-142-v10.css
Requested by
Host: take.supersurvey.com
URL: https://take.supersurvey.com/styles/3012-base-22-v289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
05608d1bb63826ac4c10b00d030a4239caa602329af0e662657e8e8c8fea892b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 04:10:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"d779e012e6e9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7f%2FGp1mNUob1GpbuS2zObqjViIVKtS6ZUwucUNdiuTj4Xtad6u30Yr%2FamnOLDc0RSHVXylT8OADkvyBU%2B4aqflD7HcUkmYutjnRH9KMZZMhpeXoFQ9k2FtncchQi%2BOxNZoBzbW2oFHi3u4Lgf%2BeACr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
83efb8e78dc69186-FRA
3012-base-66-v9.js
qahmnknbi.supersurvey.com/styles/ 		161 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qahmnknbi.supersurvey.com/styles/3012-base-66-v9.js
Requested by
Host: take.supersurvey.com
URL: https://take.supersurvey.com/styles/3012-base-22-v289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1052eeb7df0d0c106e019d8d70d432ac1bab5e1e0c53e6e2f76c6bb1b9bb3458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 Nov 2023 22:43:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b6f3fc31cda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DLn0%2FkkCiQ2XpWsTeq1wzcoU%2FprbwFibi3xpFAIOZALCl%2F8Ba%2BnZ87zDRTBJVZeFpcShHCAvGG%2F4PYaYgXKtt2eY9ZyCGtx4QT7AP8SrttNpOIv87PIkFjF9KB2i2mt%2B6I%2Faj%2BYpABGxzCZHlibTK7y9kA%2Fiw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
83efb8e78dc99186-FRA
3012-base-66-v9.css
qahmnknbi.supersurvey.com/styles/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qahmnknbi.supersurvey.com/styles/3012-base-66-v9.css
Requested by
Host: take.supersurvey.com
URL: https://take.supersurvey.com/styles/3012-base-22-v289.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f5dd1753cf185e92b6622849e0d80f3223086a22a6c85411144666bfd9c7d02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 Nov 2023 22:43:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"276e5ec31cda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YUhlLmcEt9soDUK1iPkzoXLrDqJrJFuDOSsan8Vb0x4P2HI7fplFAOFkBsUppJHriuw%2BBZHHIxYThNMnMB%2BrFLrF3A%2Bl5JwALvmTo0k0er3yhF%2FLgPaqwSZnArUuyroZ65Jin722%2F%2FC6JGXIwUcw9827VxCX1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
83efb8e78dc79186-FRA
star-grey.png
www.quiz-maker.com/3012/CDN/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quiz-maker.com/3012/CDN/star-grey.png
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dc2fe2b89502cf2f03f1ebc4acb0d5d557be0846cfc077bfdb5f4d4b79fc92bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2017 01:21:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"11b4778d3edbd21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHv6SbyKrblvSAbcJrjgHKbwvH%2FN7E%2BXD1lo9T1akh98pJemhbK2XrXNBuq%2FWSL7cCSik2jkq%2Bkf70bH4EmetKth372aDNdyTMfJPFLHrakTA2UiUTNr8eWhOsgk3dbx5msDbJo%2B11nX5RYb%2Fk1YNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
83efb8e838979060-FRA
content-length
1837
emoji1.png
www.quiz-maker.com/3012/CDN/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quiz-maker.com/3012/CDN/emoji1.png
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
951b2379f253ac99fe35feb9739cd2d06b28226e3cae685dfc99813682ff1aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2019 02:33:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
292437
etag
"80fd8ca8eead41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68QRkrdftnUg3G1yNtQOrasS33wwNSlF%2FSxgXa%2FcJ9sDA5lAh7nJwdbU3O2Lr5FEc00HZuH%2FYPy69T4IR%2BjP4X%2BHc%2FPIZoEFtLIdRYvYZDUY0MAeEGs6ZmCMyGvab%2FXm91RYdM%2FIqdzjx2fwt%2BkULA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
83efb8e838989060-FRA
content-length
2509
emoji2.png
www.quiz-maker.com/3012/CDN/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quiz-maker.com/3012/CDN/emoji2.png
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90a442b1b7eeb6f1bc15e344764059ee1a209f9ec293c4ce12341c59c03ee0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2019 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0793fca8eead41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qswti0vIC32inh8iORHebnGb0EfURNFrdNXQz735iieDX9PR8v7ULOaQVhEGyuaI8EbFtEH1IwbR%2FxMwlnJqbF1ujtdZZ1JXDKWu20B8vcAIyZ95sOQn%2BVAnOp0%2BOSSrJ7ZIKcO4yYsBBHJscTpsaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
83efb8e838939060-FRA
content-length
2432
emoji3.png
www.quiz-maker.com/3012/CDN/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quiz-maker.com/3012/CDN/emoji3.png
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2690de49ccb327ed8870665d4595bf070bb7f64b336807466fd000ba75504990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2019 02:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"80e2a6c98eead41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfK9XaPyZo1vNj%2F5EfCAMtAQuo7AQz52sHode%2FICKJDdMz7H%2Br8D%2BmybEsnmOcUaiiVUAGqIJM1CQ3LsxKv0b0gSdwdRF%2B%2BHBcNm4esm0LJderu65F6yctAOenjO6ijUaWCntwAQuO%2F3rR8s2JeGMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
83efb8e838969060-FRA
content-length
2285
emoji4.png
www.quiz-maker.com/3012/CDN/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quiz-maker.com/3012/CDN/emoji4.png
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
640c23fbd58b401d824d5e62942e8d004cde804915efd134642d58ee3b10f5d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2019 02:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"04cec98eead41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0AX50tAAY%2F7Ag1lN29w5pnB5t8zN4W8dyyNm1FA911BIIzdinkY4dnktcl281Dd4TBI3lSYvda6iJjt9U9B%2BEPirFYU2jLQwjGCJmvL5qCgUDFIIcCbf6zAFLKYb62ZwU5Vi0w3arEhsCQdT6ddjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
83efb8e838949060-FRA
content-length
2405
emoji5.png
www.quiz-maker.com/3012/CDN/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.quiz-maker.com/3012/CDN/emoji5.png
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c5e1213c17e7328def4d6178012e3437bc4f30a3afe01a20c2284202f5aa5fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2019 02:33:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0a670cb8eead41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lv75RKDW27ZAGcSRIpbmioEOoud%2B6ZzVsNZyyaz9Jb8fo2Edt3%2BleAUic3GYPwkZGge%2FU7EjjB2Ld%2FYzmRitHNZUPgDi41MDbJCbXh5EtpNl9VAFvL9MC5%2FcKPGsOj8uu7VESLnOavjNU17uXxbZ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
83efb8e838929060-FRA
content-length
2154
279371437-10160086448907148-8789061838163631428-n.png
www.supersurvey.com/3012/CDN/89-4353649/ 		335 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.supersurvey.com/3012/CDN/89-4353649/279371437-10160086448907148-8789061838163631428-n.png?sz=800
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
874dc5d95559e9a22577a1aba16202e7b87173fc89120ebfaf816fee6aac7d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb7Xvzn8VAtp9ZlGodZ1RwT6HMI1m5a%2BpZ44BIq%2FNF5mF5165SmANzrONF09C8C1%2BZMXKGDh3FNvXyco47ya7hkjnkmUqTzwHBFeHVwSt6aC2zjLjzMwQIm6Fmtj%2BXnFU46peOxFdeBqOBHzQZyjkBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=43200
content-disposition
filename=4353649-279371437-10160086448907148-8789061838163631428-n.png
cf-ray
83efb8e78dcb9186-FRA
f4f8acbc66969785.png
www.supersurvey.com/3012/CDN/89-4353666/ 		332 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.supersurvey.com/3012/CDN/89-4353666/f4f8acbc66969785.png?sz=800
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ea42ee044545030fe959758d1e3bea90a65cc3df4203ebe06224878ae040f8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBdNsZI4N0C%2ByKu%2BNhaS2oIHXAasLy7JagdpWajFB2tmObHWLFmpgGDTFT00K%2BVsQ84fdrNecZKZ8vOSZUTpopzC41n9j1PmFTR3%2BTFvr92M9v7LG5FZWohRjlTZ4LlJHkqE8eXmh7Oy3YN71q8nHiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=43200
content-disposition
filename=4353666-f4f8acbc66969785.png
cf-ray
83efb8e78dce9186-FRA
imonawhalebitch.jpg
www.supersurvey.com/3012/CDN/89-4353682/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.supersurvey.com/3012/CDN/89-4353682/imonawhalebitch.jpg?sz=800
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2eb702d257428aa6d98e345e9bdf1d84ad809abfc233d1c9fd12a11b640ebea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk%2BJKxQuFduDXrHHrkWrdlAW8H4NqRWn%2BYLuCEBy5VPc6TwA7qchjM%2BTkqjTkPmftF3UiAVgaP6t4LHbCPiIhOKdJpI1N6KsxVW4VzrKixfQ9WlOwUIfcDt7b9y9%2FMuHHTFNTVM847Imv3B51cF6LXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpg
cache-control
max-age=43200
content-disposition
filename=4353682-imonawhalebitch.jpg
cf-ray
83efb8e79ddb9186-FRA
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: take.supersurvey.com
URL: https://take.supersurvey.com/styles/3012-base-22-v289.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://take.supersurvey.com/
Origin
https://qahmnknbi.supersurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2756716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
71896
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-118d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD%2Bvxr9d6sXJajGW0iUy3t%2Bl%2B1VK791qbOcFUnYWMpRhuaPPp%2FvL%2FzYMTH4hzy1WazNusixSRGR8uY7LeMPaEnMvXNJt2O4jsjqPbmX3FC07xqPO5LvgTB0h1HX7rrLQSUAL1j0bRR5dP18Uj2XRAJHD"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83efb8e81a5f917a-FRA
expires
Sun, 22 Dec 2024 02:55:17 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0f486bb36554ff9eed28bc2c8fff09f7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
048c8ef206c8cf6ed7e7c71b4495cbd444be68e7c9111886ec667c278b96474e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Origin
https://qahmnknbi.supersurvey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 02:55:17 GMT
content-md5
OSL49oZQ3Bl9OjttX1XD/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86866
reporting-endpoints
x-fb-debug
pA4kafIlOC3gf+MnHvNWIniXNO41wy8kw3M2gHT2qD7k9K8FfI6mUT8mL2GoobkMx0tXZajO+I8hR6TQUkxaSQ==
x-fb-content-md5
5eb099b505c6a30029a4027ef0f3aaaa
cross-origin-opener-policy
same-origin-allow-popups
etag
"4cf13fa4ae8f71a74738d545167f7163"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Jan 2025 02:01:54 GMT
System.AB_Track&tt=1704164117872&utf=y
qahmnknbi.supersurvey.com/api/ 		8 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://qahmnknbi.supersurvey.com/api/System.AB_Track&tt=1704164117872&utf=y
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/styles/3012-base-107-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a4d89670c1a05ebf948034fd17bcf1a78be48741221e43cad9b0a3c76645d2ab

Request headers

Referer
https://qahmnknbi.supersurvey.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCVhLykZC5E%2F4RfDKTwYY55S%2Ftez5SD4bncqDI0EarRtYCA2qWe6pNd%2BMuYFgy%2BcrHZEn9AzGO9jRfzfZ2fhxl9gHQcGiSSa1A7AA1kZBiBE7Dj9gDDB9NWuERmXCQO%2FkhJqX7bLeieonGkZt%2FYtCgAM3eJ%2B7Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; Charset=utf-8
cache-control
private
cf-ray
83efb8e8de8a9186-FRA
expires
Mon, 01 Jan 2024 02:55:16 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TPQGP6QWQQ&gtm=45je3bt0v9119727220&_p=1704164117659&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=281710552.1704164118&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704164117&sct=1&seg=0&dl=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&dt=GF%20Application%20(Reloaded)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1081
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPQGP6QWQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 02:55:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://qahmnknbi.supersurvey.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Quiz.Country
www.quiz-maker.com/api/ 		2 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.quiz-maker.com/api/Quiz.Country
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/styles/3012-base-66-v9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiiZLaS%2FhcHq9GCG9Dtny6wvPPEOaQC1aNuKjKBtEKXzxK0wMF%2BiKT4i1jj3dAQ1qRadRjo3hMrZ59gAdD3fkaqtgkGP8AKGxvr5NegX5TFg5IvNqEFoezU3axmdlyz4ptwXAudmt4n90dPxynQNqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; Charset=windows-1252
access-control-allow-origin
*
cache-control
no-cache
cf-ray
83efb8e9ec2c5bf1-FRA
expires
Mon, 01 Jan 2024 02:55:18 GMT
quiz-libphonenumber.js
www.quiz-maker.com/3012/CDN/ 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.quiz-maker.com/3012/CDN/quiz-libphonenumber.js
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/styles/3012-base-66-v9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2ae7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
384a8e0044e46596d9edd3bf02b9f6e3cd041d70b91185bd13ef4923113be8f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359233
cf-polished
origSize=194543
x-powered-by
ASP.NET
cf-bgj
minify
last-modified
Fri, 10 Feb 2023 04:47:23 GMT
server
cloudflare
etag
W/"c5514cc4a3dd91:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn69xaxAONFRaHDQGtUfMrUWY%2BZzZjNNAJE%2Fr81v0TU1ag1GuETF2GDW9klxUoJ1MJGaB0JMFevWfNeiHfL1dnQhplVTN0DAGHmAndIyqFiSSnmyY5xYkI8hEgjLJAH9IyAt47ydZ%2Fa84KqIRRYBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
83efb8e958e79060-FRA
flags-30.png
cdn.poll-maker.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.poll-maker.com/flags-30.png
Requested by
Host: qahmnknbi.supersurvey.com
URL: https://qahmnknbi.supersurvey.com/styles/3012-base-66-v9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ebb027d83ea603479a4f7767798698bbadfff11198ed8345d9337b7d765a6ef6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
140464
cf-polished
origFmt=png, origSize=80146
x-powered-by
ASP.NET
content-disposition
inline; filename="flags-30.webp"
content-length
33436
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Feb 2020 05:34:22 GMT
server
cloudflare
etag
"bba746666ecd51:0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikjaNIm%2F2MX1ppy1jdhs%2Bz%2FolIzpmbWvmLSzabRVbtpb1Il5Cxez8xS8uDViJ%2FdURc4vSzLbyCOAwQHEOQw1c2V6DKQyLkPGSKBh0Q5m8AP9JtXRf4yXOymHW4c9TCV5dPOIKHP7mzQmuYHIP2UO7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
83efb8e9ede465c3-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3211621542617439&plah=qahmnknbi.supersurvey.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3211621542617439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beb3dcc36c1dd055a5e4fc7baff1d3effb466742343bbd5af60ba28441894034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137966
x-xss-protection
0
server
cafe
etag
4410964434556636492
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 02:55:18 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame D1D9 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3211621542617439
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 23:18:53 GMT
etag
5585625838579639069
expires
Mon, 15 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=273935076403776&input_token&origin=1&redirect_uri=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0f486bb36554ff9eed28bc2c8fff09f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security
max-age=15552000; preload
date
Tue, 02 Jan 2024 02:55:18 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
258N+T6eRIVM3s2lvAkTRtjkNNovnB0YFDrpFgFtlCrZeUBU07A5acUg0e6XewgdM1BQT/Z1MnN7OA2a4doucA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://qahmnknbi.supersurvey.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CF18 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&adk=1812271804&adf=3025194257&lmt=1704164118&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117990&bpp=2&bdt=585&idt=358&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1898646008917&frm=20&pv=2&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=396
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3211621542617439&plah=qahmnknbi.supersurvey.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 02:55:18 GMT
expires
Tue, 02 Jan 2024 02:55:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3C73 		120 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3211621542617439&plah=qahmnknbi.supersurvey.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7bc490759c325a79e1f18bef8534fb6d6effa7698ccda549abab1890f95930b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41047
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 02:55:19 GMT
expires
Tue, 02 Jan 2024 02:55:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 3C73 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 02:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 01:39:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 02:55:19 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3C73 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
19530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 21:29:49 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9119114932533656539/ Frame 3C73 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9119114932533656539/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81964aadd4e436a03b58c2f6597af6aa079f349d773bce3f7d1d229f4f6cd451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 30 Dec 2024 09:17:56 GMT
date
Sun, 31 Dec 2023 09:17:56 GMT
x-content-type-options
nosniff
age
149843
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11388
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 15:29:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/2914349705548515401/ Frame 3C73 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2914349705548515401/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 30 Dec 2024 09:00:29 GMT
date
Sun, 31 Dec 2023 09:00:29 GMT
x-content-type-options
nosniff
age
150890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2705
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:45:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 3C73 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
19529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 21:29:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3C73 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 10:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
57645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 10:54:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3C73 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
19530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 21:29:49 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3C73 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 02:55:19 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 3C73 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 09:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Mar 2024 09:13:33 GMT
truncated
/ Frame 3C73 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ebe9502955795f63ffb1c80f91bd3a2af0a6c74a8bfda1b4c9cbabf5c3399d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C73 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:38:05 GMT
x-content-type-options
nosniff
age
33434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 17:38:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C73 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
583270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:54:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 3C73
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CjECrFnuTZZD2HK3G9u8Ph9-MyAyr3pCQdfS6s4vTEtGMuKQEEAEg9-2FI2CVgoCAsAegAd3wqsAqyAEJqAMByAPLBKoE_AFP0B0iE4BPRaafiQpzTBvO2Swkz-tj8uBnnQ4KPIoJ0wAU7w_...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212636281013128508795%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212636281013128508795%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222427619136652613473%22}&andc=true
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:19 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12636281013128508795","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"2427619136652613473"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 Jan 2024 02:55:19 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 Jan 2024 02:55:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12636281013128508795","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"2427619136652613473"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3211621542617439&plah=qahmnknbi.supersurvey.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1119f21796a94faa2a6501f70ecde985799211f2276add319f70833de3e1d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12164
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 9E8A 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3211621542617439&output=html&h=280&slotname=3214140794&adk=2810083072&adf=1965706315&pi=t.ma~as.3214140794&w=1140&fwrn=4&fwrnh=100&lmt=1704164118&rafmt=1&format=1140x280&url=https%3A%2F%2Fqahmnknbi.supersurvey.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704164117992&bpp=1&bdt=586&idt=443&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1898646008917&frm=20&pv=1&ga_vid=281710552.1704164118&ga_sid=1704164118&ga_hid=961376652&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C42531705%2C44795922%2C95320884&oid=2&pvsid=3502732551659876&tmod=76361366&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
565563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 13:49:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212636281013128508795%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222427619136652613473%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 02:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3211621542617439&plah=qahmnknbi.supersurvey.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 02:55:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 252E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
123925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 31 Dec 2023 16:29:54 GMT
expires
Mon, 30 Dec 2024 16:29:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F94 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
12b3bd6e33be3dcb61af36bd9ae13dd23c595743d171d4ef21381e9a38744a7a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kz-K_O7dudDREG5cMOhS5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qahmnknbi.supersurvey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kz-K_O7dudDREG5cMOhS5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 02:55:19 GMT
expires
Tue, 02 Jan 2024 02:55:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 252E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 16:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
124614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Dec 2024 16:18:25 GMT
generate_204
tpc.googlesyndication.com/ Frame 252E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FWWPZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:55:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3502732551659876&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3502732551659876&bg=!s7ClsP_NAAY3kmNgF5I7ADQBe5WfOE_jCNAUhbV1-ZVibYYFPmyZRhKtbAj7fjMOsEllLbF5xSxOzUWAcxw9gY0Yt4RSAgAAADBSAAAAAmgBBwoAcFdgezySz1iMV6MVoZjn2wRblnsNpVR0Qx8JlSWScQWAJElX1lrSNAgg9lngnF9aiM8k19Zc8ZhxfRkD6rykCw3RW44wDJL5WIBTkmSBkUaS9RCzaBgMUhJhWDS6V7w8epx8J8f0bfkWuWem8GzBLOCZAwrweTXxR6BdnPhoMPhBRbl8wSCG4ekmHSbj9VAWYtfKl-doBQuQ8GLZ-yGTrKF60D1JJML8cE5Ral9Huphftcsv6lYzAqK85AqrzGCWyOpamMFp67WmA7-WSkYYofOH2fB7KAMqmjzsJil2wOafwk5MvPG6Y5CoaHOB2Zx8etxAecgP3vNpooHL-CQ1EQA42t2kCWcadvjmSXKqK8rbsZ-ep-3xudlfEL1S5kW4PnhPrr8vh1Jl2gE-30nQN2N19en8i9lLjrCOuAF9k4fHOwrQrr6EWvlIMtIaFhKCU8jAcivRnC68HDAusP7Ef1wAmxDlyWFLg-NkQKAuMp3EjsABUKduNrfA4Xdf5brJwkdwv1kOGQjp1fPT-_ntowWMqJii4EXy7Bvf6_RX23P_WvPKAKWloJNi18_cQK743dUOyvlhILYyxToOEBmZfUYoXr-yJ79moOYuvogIAi0_SGFq3nfj-BOIfY-D77PFzs6XMSFkdZCBdrAeMw2apI9EkVI-B4IEleLPKUSiB8PjenmSn99CfvDZO21iiJcuUJNajQp-BrjZeHLQNx3qjSuwpnz_gJdnEaD1MAiYzbfZr4J6MhBknvzHUq8IuRQbw5SoKVENuMqQn_j3gD8TvxuXxCIFlx-YMfeG7WIV9J6NFJVu3jF57etwXWhtDoDyWdbqWzT5vToFc15teQV7dHzx55h7VvZLpu9FwCZ2o-iZUVxqCY-qtGYb2cqQjyz7IDLmoW2e73Gb1sVNFGABV1bCwIFcJ2ewf2_2mokpJenHpL3SCxd1ZlIXLazC6mQSv-msjHEVfL3FHuVCRnMxo8XLIUl8EyYcrCs3jvDI1-tFPPA3euYCjMf7W0FfjXYiAhX4Yf3hAr8shmfqUgNzzhGcmBepPY1tBGhlgKVOUA-tKYUsTc8aF96vSMmY4CZzcHrdW-xIZnxVS3G5qWQcxMe_I9zNr31lTx5hee81xGHBmGlfcPZSWii_gAkeeKVu9P4kDTPxtn5viGVupf0Vb_RXTbfmy58mooJzb4z6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qahmnknbi.supersurvey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C73 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvv24PoN0SAWSMLWqkTmUu1K0_JvVXj8gi-e509yST9elfi-JzQtK45CAzRgpiWn76LrLb1xk5_E3u_mAv6wtigYCFWmc6lgdmLC_KwtWsMGKHFglyZ7sOuGBSbq1Xp_5H3Vca9uM00V-6nyy6wwVEjf4NH&sai=AMfl-YScspZr4rlfyrXtcfPYGS4J8QLrQRQhebHLR1l343ydJyZ8aED4C2rVuU8Vt-kLY9Ar3B8KIE1Noy7pjA8artXWbVpb56wYVVfmvm-BtznWu-KMkpMI3BAd_M7TJVrRr08KAIsvALxn0zFWsvbAlg&sig=Cg0ArKJSzO_BVOojrQy3EAE&cid=CAQSTwAvHhf_qyCv-oCLbt1Y3bg1RqecSPSkrS3jr7q9Dje6NN8zAa1kAu58of9K7yg61kkALX0tgyrIF8Rh597t8wD1-ij_TZXfmzl_5ybEi64YAQ&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2810083072&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704164118439&rpt=1094&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 02:55:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| gInitc function| gInitm function| obj function| setWait function| adsenseResize function| medianetResize function| contentSize function| setAttr function| getCookie function| setCookie function| aspError function| xTest function| iSend function| xSend function| xSave function| sTimeTrack function| eTimeTrack function| gEvent function| gEventS function| abTID function| tEventS function| tEvent function| qsV function| addBodyClass function| setEvents function| evtByTag function| attachE function| dettachE function| menuHover function| menuTouch function| menuTouchE function| mobileChange function| docWait function| objVis function| async function| asyncR function| asyncA function| asyncP function| setAB function| loadTextEdit function| loadTextEditCB function| mceEditLoaded function| mceBlankErrT function| mceBlankErr function| randomTestVersion function| getTestVersion function| setTestVersion function| findPos function| isIn function| stopProp function| jsRPT function| loadFB function| checkFBCMT function| tabClick function| toggleClick function| resSort function| pollRandom function| signupShow function| qpLogin function| loadTabs function| pollRemoved function| pollRemovedClose function| pollRemovedShow function| loadSocial object| gg undefined| map object| xerr object| qzfb object| iquiz object| quiz undefined| n function| gcpCallback function| Fingerprint function| hCand function| getIPs object| Placeholders function| fbAsyncInit object| adsbygoogle undefined| qc function| gtag object| dataLayer object| FB function| addExp function| mixExp function| mixExpS function| mixV1 function| abTrack function| elog object| abLog object| google_tag_manager object| google_tag_data object| gaGlobal function| utcDN function| fromUTCDN function| splitTime function| preventDefault function| clientXY function| checkSort function| copyObj function| copyObjO function| copyObjS function| cssRule function| scrollRoot function| easeScroll function| focusEnd function| easeScrollTo function| onYouTubeIframeAPIReady number| sysInit object| sys function| strCPT object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer object| libphonenumber function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
qahmnknbi.supersurvey.com/ Name: ASPSESSIONIDCQBCCQCD
Value: LOLBHOHBINODAFPHEOGNIABG
qahmnknbi.supersurvey.com/ Name: ASPSESSIONIDCUBCCQCD
Value: MOLBHOHBECNLBNLHCGHFLPPB
.youtube.com/ Name: YSC
Value: 6qoRywU_m5M
.supersurvey.com/ Name: _ga_TPQGP6QWQQ
Value: GS1.1.1704164117.1.0.1704164117.0.0.0
.supersurvey.com/ Name: _ga
Value: GA1.1.281710552.1704164118
qahmnknbi.supersurvey.com/ Name: abtid
Value: 90284744
www.supersurvey.com/ Name: ASPSESSIONIDCUBCCQCD
Value: POLBHOHBPMCNOLCPBGBGDLJF
.supersurvey.com/ Name: __gads
Value: ID=adc821d9a2e40241:T=1704164118:RT=1704164118:S=ALNI_MYBTdM6xPa4L8AEIlk4HmBGVurVyA
.supersurvey.com/ Name: __gpi
Value: UID=00000d32bf1a70e2:T=1704164118:RT=1704164118:S=ALNI_Ma5Wc6Pj4KrKWezcNexOi2Ss_Uaww
.doubleclick.net/ Name: IDE
Value: AHWqTUlUOwXAUxjCv2Z1XYsi5G5D-P-ZuLuzEXGYECQCb2mrTR3B6qNYCi3JfugThKc
.googleadservices.com/ Name: ar_debug
Value: 1

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://consent.youtube.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.poll-maker.com
cdnjs.cloudflare.com
connect.facebook.net
consent.youtube.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
qahmnknbi.supersurvey.com
region1.google-analytics.com
take.supersurvey.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.quiz-maker.com
www.supersurvey.com
www.youtube.com
142.250.181.226
2001:4860:4802:34::36
2606:4700:20::681a:5da
2606:4700:3108::ac42:2864
2606:4700:3108::ac42:2ae7
2606:4700:3108::ac42:2b9c
2606:4700::6811:180e
2a00:1450:4001:800::2003
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
048c8ef206c8cf6ed7e7c71b4495cbd444be68e7c9111886ec667c278b96474e
05608d1bb63826ac4c10b00d030a4239caa602329af0e662657e8e8c8fea892b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1052eeb7df0d0c106e019d8d70d432ac1bab5e1e0c53e6e2f76c6bb1b9bb3458
12b3bd6e33be3dcb61af36bd9ae13dd23c595743d171d4ef21381e9a38744a7a
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2690de49ccb327ed8870665d4595bf070bb7f64b336807466fd000ba75504990
2eb702d257428aa6d98e345e9bdf1d84ad809abfc233d1c9fd12a11b640ebea1
2f6352fcac543ec7e7dac1d195c38281019773e767a7bce3138e32ad155b67f7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
384a8e0044e46596d9edd3bf02b9f6e3cd041d70b91185bd13ef4923113be8f1
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44f80f45c58f6e9b0e5988d747279a2d3beb42b3906722654192b1ed45c5e50d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
5164174471fbf4df6c9b0a6e0d545ad368c61639b418dc4c93af869c5bb6cfc0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640c23fbd58b401d824d5e62942e8d004cde804915efd134642d58ee3b10f5d2
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6ebe9502955795f63ffb1c80f91bd3a2af0a6c74a8bfda1b4c9cbabf5c3399d5
7608625e82959c6d1bb8df8da290d720fe4c777587110f73d358678b36514c87
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
81964aadd4e436a03b58c2f6597af6aa079f349d773bce3f7d1d229f4f6cd451
874dc5d95559e9a22577a1aba16202e7b87173fc89120ebfaf816fee6aac7d17
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
90a442b1b7eeb6f1bc15e344764059ee1a209f9ec293c4ce12341c59c03ee0ea
951b2379f253ac99fe35feb9739cd2d06b28226e3cae685dfc99813682ff1aed
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98938926eb88fae63166402b464d2388d27e3b9ec6e9627d709842801abffcd8
9f2cfd88a928c7bc8867450049ca9dfe3d601557c5e561f5321ce0f9af5c792e
a4d89670c1a05ebf948034fd17bcf1a78be48741221e43cad9b0a3c76645d2ab
a7d4eacdab5306b5dc693f01de6b69c2ffdc03e390e07d6825fb5bf64ec979b0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
beb3dcc36c1dd055a5e4fc7baff1d3effb466742343bbd5af60ba28441894034
c5e1213c17e7328def4d6178012e3437bc4f30a3afe01a20c2284202f5aa5fd1
d7bc490759c325a79e1f18bef8534fb6d6effa7698ccda549abab1890f95930b
dc2fe2b89502cf2f03f1ebc4acb0d5d557be0846cfc077bfdb5f4d4b79fc92bf
dfa454bb78db0b0ced9fc27ac6d2c81ba245f52cb1b3b0c78f0c436a85cbb9fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea42ee044545030fe959758d1e3bea90a65cc3df4203ebe06224878ae040f8cc
ebb027d83ea603479a4f7767798698bbadfff11198ed8345d9337b7d765a6ef6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1119f21796a94faa2a6501f70ecde985799211f2276add319f70833de3e1d30
f5dd1753cf185e92b6622849e0d80f3223086a22a6c85411144666bfd9c7d02f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390