survey.contact Open in urlscan Pro
172.67.193.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://shorturl.at/sAILX
Effective URL:
https://survey.contact/cvshealthsurvey/
Submission: On September 03 via api (September 3rd 2023, 10:00:33 pm UTC) from IE — Scanned from AT

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 45 HTTP transactions. The main IP is 172.67.193.2, located in United States and belongs to CLOUDFLARENET, US. The main domain is survey.contact.
TLS certificate: Issued by E1 on August 22nd 2023. Valid for: 3 months.

This is the only time survey.contact was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	172.67.193.2 172.67.193.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
45	7

2 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shorturl.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.67.193.2 (United States)

ASN13335 (CLOUDFLARENET, US)

survey.contact	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	survey.contact survey.contact	433 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	399 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	9 KB
2	shorturl.at 2 redirects shorturl.at — Cisco Umbrella Rank: 79479 www.shorturl.at — Cisco Umbrella Rank: 93356	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1104 Failed	325 B
45	6

	Domain	Requested by
22	survey.contact	survey.contact
8	pagead2.googlesyndication.com	survey.contact pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.shorturl.at	1 redirects
1	shorturl.at	1 redirects
45	8

This site contains links to these domains. Also see Links.

Domain
survey.medallia.com

Subject Issuer	Validity	Valid
survey.contact E1	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://survey.contact/cvshealthsurvey/
Frame ID: 4D4DA4AA72A50B40F0CBBA39C005C7A8
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: 59AA0AF79ADC5E5B24DDD590EA927F86
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1693771228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693778428137&bpp=3&bdt=724&idt=258&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6875864860315&frm=20&pv=2&ga_vid=607695023.1693778428&ga_sid=1693778428&ga_hid=1268715790&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077327%2C31077372%2C31077523%2C31076997%2C44796700%2C20222283%2C21065725&oid=2&pvsid=2977271473722937&tmod=894929399&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: BDFC83C6BAB3598E8AAC40B065C6B8E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: BAF322D488CBDDAF78DC7510D54C5D5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1693771228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693778428724&bpp=3&bdt=232&idt=199&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7371747889286&frm=20&pv=2&ga_vid=28907616.1693778429&ga_sid=1693778429&ga_hid=517494254&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077526%2C44798934%2C31077549%2C21065724&oid=2&pvsid=1349017494311773&tmod=1663934634&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217
Frame ID: 0A0E555AF6CA4B7388A3175FB8B4BF50
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B90AB67BE61446987BE89859491C9E67
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F8AB01B043F184768261F87A0E7087E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CVSHealthSurvey.Com - CVS Survey To Win $1,000 Gift Card

Page URL History Show full URLs

https://shorturl.at/sAILX HTTP 301
https://www.shorturl.at/sAILX HTTP 302
https://survey.contact/cvshealthsurvey/ Page URL
https://survey.contact/cvshealthsurvey/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

84 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

842 kB
Transfer

2194 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://survey.medallia.com/?cvs-drivers&vr=1
Title: Click Here

Search URL Search Domain Scan URL

URL: https://survey.medallia.com/?feedless-cvs-drivers-300b9369d156ffdffe4e4c7dae7dea3a
Title: Spanish (Mexico)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://shorturl.at/sAILX HTTP 301
https://www.shorturl.at/sAILX HTTP 302
https://survey.contact/cvshealthsurvey/ Page URL
https://survey.contact/cvshealthsurvey/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://shorturl.at/sAILX HTTP 301
https://www.shorturl.at/sAILX HTTP 302
https://survey.contact/cvshealthsurvey/

45 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
survey.contact/cvshealthsurvey/
Redirect Chain

https://shorturl.at/sAILX
https://www.shorturl.at/sAILX
https://survey.contact/cvshealthsurvey/

76 KB
23 KB

290ms
204ms

Document
text/html

172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/cvshealthsurvey/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.22

Resource Hash

a0855c99b2d0094860311a11978f2161fd0c92fcf3661bd7e09f844d208eded9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801144021d5137ca-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 03 Sep 2023 22:00:27 GMT
link: <https://survey.contact/wp-json/>; rel="https://api.w.org/" <https://survey.contact/wp-json/wp/v2/posts/1115>; rel="alternate"; type="application/json" <https://survey.contact/?p=1115>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHrmCXJKc8pGNSKaRImWuCelGQP2omuult0U2iTrvk0iVr6JcHIcAlT4LPFsSAB31Lgb0mZyKKU%2BmdWc7xTM2dIkbSP9GuIIzvR2%2B4wbGpPHB6dh1U4CmkVPK3%2FLKOkF5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-pingback: https://survey.contact/xmlrpc.php
x-powered-by: PHP/8.1.22
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 801143ff1e0937c6-FRA
content-type: text/html; charset=UTF-8
date: Sun, 03 Sep 2023 22:00:27 GMT
location: https://survey.contact/cvshealthsurvey/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztkCVg%2B5y6J4H1L46tPhdHVg4Hotv%2BqK7ioh1zNMZ11u%2B4veRq0pbSxG2Pm3kUpzGAW5BpbYpMxlN9G37VSgE%2B3ueDVIaa9azDvFI6M%2Bm8pDlfqs7VEuW4e0whWb1kFjpxQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 31ms
30ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Aug 2023 15:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e8c5a6-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMdWnyfCm7mm9ti6BCaWQ1maDM9M5MvTwYdGnVodmx9CrcsQlunuMFf4hIdQqINCToLnEK46tE8n416W4uVVF3z%2FI0Wn1AYKmCLt8%2FfkXILK06S5tveeWmd8q4un3LEFAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 801144037e8837ca-FRA
expires: Tue, 05 Sep 2023 22:00:27 GMT

GET
H2 200 49464fbc00851e9a29fd62f69eadb91a.css
survey.contact/wp-content/litespeed/css/ 174 KB
28 KB 196ms
196ms Stylesheet
text/css 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/css/49464fbc00851e9a29fd62f69eadb91a.css?ver=9d24a

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b31157bc16476af711511f478e039eb4fbbd7a1a59fba3891592d56dda0f4c75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:27 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Aug 2023 08:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WloJ5bwy%2BxGUNL2oX51epKdHNeCt5RTxJtW2TxwuY6h8lglbi0hRkBEqiNnYAcaRZ4QGBzZ0eHK3jDXTxMBEi3pAHQh3xv0hfIjeCoO342NRcQMWpdlYjMI%2Bz64kuf13%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 801144037e8937ca-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 Aug 2024 14:40:22 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 e78f96556ae2ff420f81b6b3fd2211ca.js Show response
survey.contact/wp-content/litespeed/js/ 1 KB
1 KB 167ms
167ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/e78f96556ae2ff420f81b6b3fd2211ca.js?ver=211ca

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e790fbad5cc67f76ab47ac86ac16237dbc1702214f9c4f28ed30f3c137e02ccd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:27 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 08:56:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3WbWYOobMCtr%2BvLa49e3bpXPNQohmvfF6lyCjmo70Wp%2BQkWiNToJ5hXtSjMR%2Fx8ZJdcDACMkcjn3ZNQScMw6TS8ujDiCGRjxKW5ukeQfag2jIoP88Zq%2BY0kgj%2FbzdQXIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 80114403fef94d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
DATA 200
OK truncated Show response
/ 35 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 041996b935232a6d291ea7928ab82b4c4ed37195baa13ac000a8fbcc0b36fb21

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 3f16d44304bc5382115f5c419599c6a9.js Show response
survey.contact/wp-content/litespeed/js/ 3 KB
2 KB 173ms
172ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/3f16d44304bc5382115f5c419599c6a9.js?ver=9c6a9

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec7a72cb9662825e0ebdbee45de1684f93ee963661b6de0d5e4fe99c8fc5c25a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:27 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 18:20:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3%2FybQraqqVjp2SIyVCm5VlnZ%2B2CRpznVRgUZCs1P2qduQGaiWhvKtOSYhjvZBf94DcPzv80%2F37Z%2F8FkWl2%2FJfxYBfiSTFPkVQQQzUgxOfemvgIo50MCtnM1z2rh%2Fuao3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 80114403fefb4d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Aug 2024 01:23:32 GMT

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4453228633bed808d8e9c207504149ffdea27dbb321334360a23154d8c7300c

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 d83ff77ba9fb27f21528d43093deac75.js Show response
survey.contact/wp-content/litespeed/js/ 7 KB
3 KB 173ms
173ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/d83ff77ba9fb27f21528d43093deac75.js?ver=eac75

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4394e534bdaa0586652e40c6a1dcb88152093e6c06681a80470e5e59032ed740

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:27 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 08:56:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aM2wg0EywmIH8ITf%2B4NRqbya%2Fibvo0xdlH%2BUc7BiXugFLfs%2Fxg5lDFmQnoGWKVV5JwiI66BkTk8iTxftvYduIaNbimjiLjUFrsw1EEm0Y%2Fg6CFrSvlcheReFR1rgacEyyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 80114403feff4d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
DATA 200
OK truncated Show response
/ 132 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 123b8b41efe0128b4d83b394f6e8f497e410936fdf2b8a024a71131b926a50a1

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 158ms
90ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

85a83e0dd894c93ceea3095359bd4bd78220983ac731501231289b72efe8e9b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://survey.contact/
Origin: https://survey.contact
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51311
x-xss-protection: 0
server: cafe
etag: 16386661351855422224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 22:00:27 GMT

GET
DATA 200
OK truncated Show response
/ 324 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fcc84dd01e43e8542adabe3c8975dc3fe5eda85e5306fe98786978b93944e60

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 51b3ce7ad1eba375b949a4b8d9e892c7.js Show response
survey.contact/wp-content/litespeed/js/ 13 KB
5 KB 164ms
163ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/51b3ce7ad1eba375b949a4b8d9e892c7.js?ver=892c7

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9d0bd3c35f98a01d2b4d4bd298ec1e16c8bb0c5631b955e3e582f076944f6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:27 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 08:56:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEAwv6chhafwYT9rZufez5QA27SdVSIyo4nHdQvxa6q7p2IIUBQNRFS4qh9%2B9AaGqu77yA8d8Tvw12TkHBoKD17%2BbHsj%2Bck9RappDpxt07hhDw0b9kkm0X9wf%2B1mWdS6nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 801144040f004d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
H3 200 jquery.min.js Show response
survey.contact/wp-includes/js/jquery/ 88 KB
32 KB 567ms
566ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-includes/js/jquery/jquery.min.js

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Mar 2023 06:07:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLbn2BO%2FDwMY5npJfJNu9A2M5%2Fx5JbZOIgyxDu9h38qe61KY2LVA9FZvhQPyDaAw%2BVmzOb6WRWDvLVT0tcfQkDL7h%2Bz6ZI3kgBW%2FkpjR5jq6aeBIAzeFBQPuVFi1YOL4Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 801144040f024d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1718fc1a94669c6d19c371f1559c7651f0ddcd127e83c92ad9efbc1ea0d86e3

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H3 200 guest.vary.php
survey.contact/wp-content/plugins/litespeed-cache/ 16 B
625 B 185ms
185ms Fetch
text/html 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/plugins/litespeed-cache/guest.vary.php

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.22

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.22
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dt%2BxWZv183vS2vEoC2MvkizwpB5fjIPzv6wSeSxIWvV78wWJvBfjM1jLWBVi5XJJFar30Q90g6bseZ%2F%2Feyq9jJjJiJ3ALc%2BwA7yn06PLnRjvtTz43K2c3aogdWB2GEhtkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
x-turbo-charged-by: LiteSpeed
cf-ray: 80114407da7e4d84-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK ca4d73ea-0fa2-46c5-be45-548673fab5ca
https://survey.contact/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://survey.contact/ca4d73ea-0fa2-46c5-be45-548673fab5ca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 384 KB
130 KB 156ms
96ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133328
x-xss-protection: 0
server: cafe
etag: 15174771305808157069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 22:00:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame 59AA 10 KB
5 KB 103ms
32ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://survey.contact/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

age: 18589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 16:50:39 GMT
etag: 9878862242593084568
expires: Sun, 17 Sep 2023 16:50:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js
survey.contact/wp-includes/js/ 18 KB
5 KB 179ms
178ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 12:23:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXomYg4gFcutvi0ZFXTjN9jf3o4aSMXbcEVDBTm%2BGpfaO0LspINx031704qbk81Uu6Xl1eNoxznRHJRXoCdKoruafBxC98x2u5OeSRlnA2neU4g2k22NIBbQXJ7Yudzhyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 801144082ad84d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Jul 2024 12:39:31 GMT

GET
H3 200 cvshealth-survey.webp
survey.contact/wp-content/uploads/2022/12/ 18 KB
19 KB 175ms
175ms Image
image/webp 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.contact/wp-content/uploads/2022/12/cvshealth-survey.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18866
last-modified: Sun, 11 Dec 2022 12:32:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qTdRHj56L8OnYhUv6zA%2FqyiKqfNwG3G84DPXLLMxi%2Faa4igPsaLUFHAVcZiFUheXiGFk25sh82Lcsgsgk7%2FoFZR8XTNM0m552CvQUs26bqOcA5COeNL%2F2f8FD%2Bt5ma9Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 801144082ada4d84-FRA
expires: Thu, 22 Aug 2024 14:40:23 GMT

GET cvs-pharmacy-sample-receipt.webp
survey.contact/wp-content/uploads/2022/12/ 0
0

GET
H3 200 Primary Request / Show response
survey.contact/cvshealthsurvey/ 75 KB
22 KB 185ms
184ms Document
text/html 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/cvshealthsurvey/

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.22

Resource Hash

ceea21000e458bf2c1b765e4877c814e2d7438b2917a00e54d2975ef4b769936

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://survey.contact/cvshealthsurvey/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80114408fb994d84-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 03 Sep 2023 22:00:28 GMT
link: <https://survey.contact/wp-json/>; rel="https://api.w.org/" <https://survey.contact/wp-json/wp/v2/posts/1115>; rel="alternate"; type="application/json" <https://survey.contact/?p=1115>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYGfNmVFA7dsJA4MJLjAoWZLgR6yuODkVYjmlo7aS%2BjWOKNhsYUfwc9d0Z1f68td6xnfdN1%2BsnqvCQ7KATpG1MqPkLWipttj0ssFcG0F%2FQD2jee4WrQqPGGbvCm5R6EnmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-pingback: https://survey.contact/xmlrpc.php
x-powered-by: PHP/8.1.22
x-turbo-charged-by: LiteSpeed

GET cookie.js
partner.googleadservices.com/gampad/ 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame BDFC 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 rocket-loader.min.js Show response
survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 32ms
32ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Aug 2023 15:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e8c5a6-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXmf4gAMgLqcP%2FUygpNsDtFQre9ZpkTM5JusjYa309mr5YdEuqhGTAT7C%2BYt8wQzmnhdZOjEQuSVdqd5k0e9L4mUBFUoaY84FMzAuS6HwbXjyX2AW45nRsXmIqghqtjDUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8011440a2cec4d84-FRA
expires: Tue, 05 Sep 2023 22:00:28 GMT

GET
H3 200 49464fbc00851e9a29fd62f69eadb91a.css
survey.contact/wp-content/litespeed/css/ 174 KB
28 KB 205ms
205ms Stylesheet
text/css 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/css/49464fbc00851e9a29fd62f69eadb91a.css?ver=9d24a

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b31157bc16476af711511f478e039eb4fbbd7a1a59fba3891592d56dda0f4c75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Aug 2023 08:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67F9nCWs0ce4iJbb%2FsS%2FZMuUn6FaJ2Z7EnfX4quVWJ06sWv02d%2Bgs5vvi8kJ0fp0jpn0jYV0lsS%2BIWCbNjzIaqey6PMJsLNVuhNhRIABhEqQFx3v%2BHVaQew5XrkE%2BQCChQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8011440a2cee4d84-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 Aug 2024 14:40:22 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 e78f96556ae2ff420f81b6b3fd2211ca.js Show response
survey.contact/wp-content/litespeed/js/ 1 KB
1 KB 36ms
36ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/e78f96556ae2ff420f81b6b3fd2211ca.js?ver=211ca

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e790fbad5cc67f76ab47ac86ac16237dbc1702214f9c4f28ed30f3c137e02ccd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 08:56:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IGt8%2FOfJNHVyz1IyOWVdSryuTJVfXw8gfjLAC7LWPAvc4rGBaGFQH5JxEx%2BRdiPUcdyKJxxalaaCV7ynO14fMzAYeIqa%2FyaJcczeK%2BeHTZBdQ6B1nRHVNnv%2BCpy%2BK6tPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8011440a7d444d84-FRA
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
DATA 200
OK truncated Show response
/ 35 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 041996b935232a6d291ea7928ab82b4c4ed37195baa13ac000a8fbcc0b36fb21

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 3f16d44304bc5382115f5c419599c6a9.js Show response
survey.contact/wp-content/litespeed/js/ 3 KB
2 KB 39ms
39ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/3f16d44304bc5382115f5c419599c6a9.js?ver=9c6a9

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec7a72cb9662825e0ebdbee45de1684f93ee963661b6de0d5e4fe99c8fc5c25a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 18:20:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onPBBQETVGKoQ6EnIb639kcSL0qfsUfDuQbqv8QaFk7cQmzcjJRVzk6fTyQhyONX4hfyDg417HSMQamqwlRDCBevaNdxewVeoyubwkfZ7xlbG0mqgV81%2BIQD7dzuUMeFmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8011440a7d474d84-FRA
expires: Fri, 09 Aug 2024 01:23:32 GMT

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4453228633bed808d8e9c207504149ffdea27dbb321334360a23154d8c7300c

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 d83ff77ba9fb27f21528d43093deac75.js Show response
survey.contact/wp-content/litespeed/js/ 7 KB
3 KB 37ms
37ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/d83ff77ba9fb27f21528d43093deac75.js?ver=eac75

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4394e534bdaa0586652e40c6a1dcb88152093e6c06681a80470e5e59032ed740

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 08:56:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh95TRQEZrCTFSGmlgZuTV4vLWJumCUTSvIIiqGLmBdQvKwMG47cN9Jnjvp3steotGOrqn%2FMXGO8eD8VtbflYvUsluWFa%2BlKrOSqwHa1VHbmMGiXGQU1IJcgT%2BMcOc3xDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8011440a7d494d84-FRA
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
DATA 200
OK truncated Show response
/ 132 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 123b8b41efe0128b4d83b394f6e8f497e410936fdf2b8a024a71131b926a50a1

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

GET
DATA 200
OK truncated Show response
/ 324 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fcc84dd01e43e8542adabe3c8975dc3fe5eda85e5306fe98786978b93944e60

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 51b3ce7ad1eba375b949a4b8d9e892c7.js Show response
survey.contact/wp-content/litespeed/js/ 13 KB
5 KB 38ms
37ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-content/litespeed/js/51b3ce7ad1eba375b949a4b8d9e892c7.js?ver=892c7

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9d0bd3c35f98a01d2b4d4bd298ec1e16c8bb0c5631b955e3e582f076944f6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 08:56:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xYa4%2Bt%2BxQllGv95LKwrwNZ84gd8EZUQDqEDuWKSDqD2uRQi1%2BipeIK900UcvGogoOrnoTsSka16%2BgfZn9lzCQBB2iACeCF9c34S7PC9kn4vsBRXCjfl87pKLQ8nwz4iKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8011440a7d4a4d84-FRA
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
H3 200 jquery.min.js Show response
survey.contact/wp-includes/js/jquery/ 88 KB
32 KB 40ms
39ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-includes/js/jquery/jquery.min.js

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:07:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqXkogSdWe4hLCkvZmAYjovY6aAmjHt6i%2FQHs2qG4iJ4QWde%2FLT5qfPKBiz4c26hlP0zutrBjNSfEQx5Kjx22YPFN0oNDrkcs9MM5PDwEuWd0A5Eb5b8GiSk2kn7VmtMqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8011440a7d4b4d84-FRA
expires: Thu, 25 Apr 2024 14:56:42 GMT

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1718fc1a94669c6d19c371f1559c7651f0ddcd127e83c92ad9efbc1ea0d86e3

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71

Request headers

accept-language: de-AT,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 81ms
81ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150

Requested by

Host: survey.contact
URL: https://survey.contact/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

585be48e3215bbfb26528f438bb91e34aff6de6d3a2b07eda0f9e04da066625f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://survey.contact/
Origin: https://survey.contact
accept-language: de-AT,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51314
x-xss-protection: 0
server: cafe
etag: 13610012906472506984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 22:00:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 384 KB
130 KB 103ms
103ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31077549

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

9d6b59841456b32687c4177cfea771c1f2ea96749b08d222ba3bd81340466e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133329
x-xss-protection: 0
server: cafe
etag: 5606103038406526422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 22:00:28 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame BAF3 10 KB
4 KB 31ms
30ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://survey.contact/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

age: 18589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 16:50:39 GMT
etag: 9878862242593084568
expires: Sun, 17 Sep 2023 16:50:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js Show response
survey.contact/wp-includes/js/ 18 KB
5 KB 36ms
36ms Script
application/javascript 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.contact/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: survey.contact
URL: https://survey.contact/cvshealthsurvey/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Feb 2023 12:23:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BjwJkjaHK54LoWr8R2wE8l%2B2wfjgOt20fPbrxwJ9tqTSXrnc0GuOU1IgGs6IkvqbLAvogrRLUlrnAbrQf31%2BwkyM%2FkSpwUc64CorBtu0MduRzCT6LItlM1yxlbwjGDa3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 8011440bbe4b4d84-FRA
expires: Sun, 07 Jul 2024 12:39:31 GMT

GET
H3 200 cvshealth-survey.webp
survey.contact/wp-content/uploads/2022/12/ 18 KB
19 KB 37ms
36ms Image
image/webp 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.contact/wp-content/uploads/2022/12/cvshealth-survey.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bef071b5cac273e2b5be4df837de567ed81f3bf7d24465157834b4f3e55469a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 18866
last-modified: Sun, 11 Dec 2022 12:32:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7a6f3oTkfg0SjB2M%2B7%2FYVLL2YsE683tI8a5ra1fZWuk4Vc73WL0%2BSkRaFNExd3SufQdlB3twxA8iwO%2FgydfI3XUSbWzy1hlkFzjkagXpuf8njnLbNCRzKJ4DjaPBZGIZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8011440bde5a4d84-FRA
expires: Thu, 22 Aug 2024 14:40:23 GMT

GET
H3 200 cvs-pharmacy-sample-receipt.webp
survey.contact/wp-content/uploads/2022/12/ 188 KB
188 KB 40ms
40ms Image
image/webp 172.67.193.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://survey.contact/wp-content/uploads/2022/12/cvs-pharmacy-sample-receipt.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43178c2867909b0c4fcd679517e9936539be0935d4b0d0dbc96e28f8cce36717

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/cvshealthsurvey/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 192324
last-modified: Sun, 11 Dec 2022 12:44:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wozYo9Udq0sn1MSwSRJLQ9KE4yZBj%2FRyXR290muqBzOSpLDtee8iU1i%2FYUHdc3d5t1yxttBAPsmgj4DiwNYh6DaMomgQx9ru5Pz2%2FjxIAR2rkRgyStb5mjhWeZWt%2FFiObw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8011440bde5c4d84-FRA
expires: Thu, 22 Aug 2024 14:40:23 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
325 B 39ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=survey.contact&callback=_gfp_s_&client=ca-pub-1751089763893150

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31077549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c03c55c69536b4ea4a872c167e495d55ba583376049b7eb53731ccf654031089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A0E 603 B
67 B 338ms
337ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1693771228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693778428724&bpp=3&bdt=232&idt=199&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7371747889286&frm=20&pv=2&ga_vid=28907616.1693778429&ga_sid=1693778429&ga_hid=517494254&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077526%2C44798934%2C31077549%2C21065724&oid=2&pvsid=1349017494311773&tmod=1663934634&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://survey.contact/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 22:00:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 81ms
81ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

67801f8f0589b66ed5c4a078997cf7e88ad990b214653895be9b120752f0ddc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11722
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 124ms
39ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 22:00:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B90A 13 KB
5 KB 34ms
31ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://survey.contact/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

accept-ranges: bytes
age: 2177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 21:24:12 GMT
expires: Mon, 02 Sep 2024 21:24:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F8A 829 B
1 KB 110ms
40ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

b9edcb4ff20eb99b3642cbe8af9c74ab2862698389eeeac9b17c1f9d0c48d0a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3VlOcaEnzWXVBLiYrW-bFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://survey.contact/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-AT,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-3VlOcaEnzWXVBLiYrW-bFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 22:00:29 GMT
expires: Sun, 03 Sep 2023 22:00:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js Show response
pagead2.googlesyndication.com/bg/ Frame B90A 37 KB
14 KB 31ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 20:22:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Aug 2024 20:22:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F8A 0
0 63ms
63ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=1349017494311773&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B90A 0
10 B 30ms
30ms Image
text/plain 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rqvqfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 22:00:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=1349017494311773&bg=!nZ6lntHNAAYHwnCgJ8I7ADQBe5WfOLEpk9W67_pP5BDzmfDQw1Q0kY-HZaP9bSIXjvDWRSBZQU2QgVY1UMXgejqJ1R71AgAAAFxSAAAACGgBBwoAevvlWgcrbUZfA_m6-o_LFG7KTF6OvbVs4tBtVNKcGU2gfZ6wSSyM6hydUNcnLwScgQ9m01wy9_ckf3LGdtjEL_ztceDIGexUilQ_QmVluCFzLwXG2_T89Tx6L19IGe388iW9-vkZqKTyNtpHA4yqmMNIhZFrqDTZ0aL9mQK1VF3xQYGqfw7mAXAZE-8yeaR_tGQlB16yj4BcldZARJfo1KV8e3f8tQbkPBS0dNqsE53FJ5-sk1DWUnD6990hJDUcFzb8Zqqc2Pq4s7vU7k4zzF1DOPex8E2jhSnYxS7DkPjoXcZ5cB1z36dnRYJ-szfG-M4sn5zzDuMOWk-Nnr_odjMIjcEfCrWXHn1fnbZ9efaGd5lsEfd9uqK6f4AOaCmt-GnxxKLgJRZbEUde6cj4Rfuanb9gksxEpyifqi5awvJwCH05funIjtO8yg-vVRLGud04vqsjdTX6RPgs6eBjOeLdE2dY0BOrC9-IKSOdLkoSbYdrfZBuNuMD9kvZCaJUPUP-uO9oWbQHJrAYEBrcLnyxXezktXS5RnarZe1Z0FXkoVQWfokFQ6nwrFlPwymeWKUIdgMfvjRK6eR6ql7OcG1_jOHZ78_8eUl2wJ3h943BHBYbi4d_VEcBPzgYiooMGjgejoLJCh57P2rJPC_MWL4eQND78Vso8cYib2rLK95oyJjbp0gk9FxQCF5BGoq1VmK-dlrPVkcYCKDVLcyL5lTfnxOWVXp4JNvJhD0ZsAd7haMjz58nwKjV6suQ0wcJNrbYMgV111Jj32nAApjfu2d3fyIoCKiNOwae4QcpTLrgLEu0BDFOIHA8c6MITe5pCYw_c05B6J2BuGSNUFuXX4fqRZjCK_ffVo55kW1yEb4BjbsS67gMTiHpV9FAgspuJSBT1VJpY-NP0FeuwWQocCBnJfPd2KZ4nOEQNXoTJP8UurWW52u-7SIDERc7rf67WcAuzdEbmnn6t7q6gfvMSe1lu0KclytyXsrNYCvEmDWwDoPGxBDBolPksuG_8VtYj10HR70ZA8NGkNdRzGJ-LPViJr4Jclfe70x6kkIjZHTqB-lY5PW1VsSOIBPUQcEPNyip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-AT,de;q=0.9
Referer: https://survey.contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: survey.contact
URL: https://survey.contact/wp-content/uploads/2022/12/cvs-pharmacy-sample-receipt.webp

Domain: partner.googleadservices.com
URL: https://partner.googleadservices.com/gampad/cookie.js?domain=survey.contact&callback=_gfp_s_&client=ca-pub-1751089763893150

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1693771228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693778428137&bpp=3&bdt=724&idt=258&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6875864860315&frm=20&pv=2&ga_vid=607695023.1693778428&ga_sid=1693778428&ga_hid=1268715790&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077327%2C31077372%2C31077523%2C31076997%2C44796700%2C20222283%2C21065725&oid=2&pvsid=2977271473722937&tmod=894929399&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=282

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.064&mls=0.064&nls=1&cas=0.000&nas=0&was=0.000&wls=0.064&tls=1909.400&lcp=1919&lcps=44604&cbt=0&mbt=0&nlt=0&nif=1&ifi=1&eid=44759876%2C44759927%2C44759842%2C31077327%2C31077372%2C31077523%2C31076997%2C44796700%2C20222283%2C21065725&top=1&pvsid=2977271473722937

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
survey.contact/	1970-01-20 14:32:31	Name: _lscache_vary Value: 841ad7e4af9fb4be855f5cf7bd3fbd82
.survey.contact/	1970-01-20 23:51:14	Name: __gads Value: ID=f1a3055e5d503ef8-2237bfec66de00f4:T=1693778428:RT=1693778428:S=ALNI_MZlap8ejL_qA-n-HlnN0nIjJQG10w
.survey.contact/	1970-01-20 23:51:14	Name: __gpi Value: UID=00000c6edf377a51:T=1693778428:RT=1693778428:S=ALNI_MYQjYImOTeZ8WKgfSpgvzpwj4kKCw
.doubleclick.net/	1970-01-20 14:29:39	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1693771228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693778428724&bpp=3&bdt=232&idt=199&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7371747889286&frm=20&pv=2&ga_vid=28907616.1693778429&ga_sid=1693778429&ga_hid=517494254&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077370%2C31077526%2C44798934%2C31077549%2C21065724&oid=2&pvsid=1349017494311773&tmod=1663934634&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Fsurvey.contact%2Fcvshealthsurvey%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
shorturl.at
survey.contact
tpc.googlesyndication.com
www.google.com
www.shorturl.at
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
survey.contact
142.250.186.130
142.250.186.161
142.250.186.98
172.217.16.130
172.217.16.196
172.67.193.2
188.114.97.3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041996b935232a6d291ea7928ab82b4c4ed37195baa13ac000a8fbcc0b36fb21
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
123b8b41efe0128b4d83b394f6e8f497e410936fdf2b8a024a71131b926a50a1
2fcc84dd01e43e8542adabe3c8975dc3fe5eda85e5306fe98786978b93944e60
43178c2867909b0c4fcd679517e9936539be0935d4b0d0dbc96e28f8cce36717
4394e534bdaa0586652e40c6a1dcb88152093e6c06681a80470e5e59032ed740
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585be48e3215bbfb26528f438bb91e34aff6de6d3a2b07eda0f9e04da066625f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67801f8f0589b66ed5c4a078997cf7e88ad990b214653895be9b120752f0ddc2
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71
85a83e0dd894c93ceea3095359bd4bd78220983ac731501231289b72efe8e9b6
9d6b59841456b32687c4177cfea771c1f2ea96749b08d222ba3bd81340466e70
9d9d0bd3c35f98a01d2b4d4bd298ec1e16c8bb0c5631b955e3e582f076944f6f
a0855c99b2d0094860311a11978f2161fd0c92fcf3661bd7e09f844d208eded9
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b31157bc16476af711511f478e039eb4fbbd7a1a59fba3891592d56dda0f4c75
b9edcb4ff20eb99b3642cbe8af9c74ab2862698389eeeac9b17c1f9d0c48d0a0
bef071b5cac273e2b5be4df837de567ed81f3bf7d24465157834b4f3e55469a2
c03c55c69536b4ea4a872c167e495d55ba583376049b7eb53731ccf654031089
c4453228633bed808d8e9c207504149ffdea27dbb321334360a23154d8c7300c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3
ceea21000e458bf2c1b765e4877c814e2d7438b2917a00e54d2975ef4b769936
e1718fc1a94669c6d19c371f1559c7651f0ddcd127e83c92ad9efbc1ea0d86e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e790fbad5cc67f76ab47ac86ac16237dbc1702214f9c4f28ed30f3c137e02ccd
ec7a72cb9662825e0ebdbee45de1684f93ee963661b6de0d5e4fe99c8fc5c25a

survey.contact Open in urlscan Pro 172.67.193.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

84 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

842 kBTransfer

2194 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

survey.contact Open in urlscan Pro
172.67.193.2 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

84 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

842 kB
Transfer

2194 kB
Size

4
Cookies

45 HTTP transactions
14 data transactions