urlscan.io logo urlscan.io
SecurityTrails logo

survey.contact Open in urlscan Pro
34.91.95.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/sakfcs
Effective URL: https://survey.contact/sakfcsurvey-com/
Submission: On December 29 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 34.91.95.185, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is survey.contact.
TLS certificate: Issued by R3 on November 22nd 2022. Valid for: 3 months.
This is the only time survey.contact was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:10::ac43:1e1 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
6    34.91.95.185 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 185.95.91.34.bc.googleusercontent.com
survey.contact
7    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
225 KB
6 survey.contact
survey.contact
280 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
5 KB
1 gstatic.com
csi.gstatic.com
327 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
698 B
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 23694
350 B
23 8
Domain Requested by
7 pagead2.googlesyndication.com survey.contact
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 survey.contact survey.contact
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 tinyurl.com 1 redirects
23 10

This site contains links to these domains. Also see Links.

Domain
sakfcsurvey.com
s.kfcvisit.com
Subject Issuer Validity Valid
*.survey.contact
R3		 2022-11-22 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://survey.contact/sakfcsurvey-com/
Frame ID: 601D99FA1766793E21DB3A5286BDF765
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 06F88D07EBB859B8509A34B4A07FCAAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1672344031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fsakfcsurvey-com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672344031556&bpp=6&bdt=1077&idt=378&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8497326423418&rume=1&frm=20&pv=2&ga_vid=639293803.1672344032&ga_sid=1672344032&ga_hid=1173686304&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C31071167%2C31071269%2C44780792%2C31061691%2C31061693&oid=2&pvsid=3993645808344754&tmod=2112061631&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=402
Frame ID: 413BC00475FA09F73145F6C176FD4ABA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3119E2DA2666532994E2A3657CAA735A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23510B759B982FA577852C6533FCA564
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SaKFCSurvey•Com - KFC South Africa Guest Experience Survey

Page URL History Show full URLs

  1. https://tinyurl.com/sakfcs HTTP 301
    https://survey.contact/sakfcsurvey-com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

23
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

514 kB
Transfer

1141 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/sakfcs HTTP 301
    https://survey.contact/sakfcsurvey-com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
survey.contact/sakfcsurvey-com/
Redirect Chain
  • https://tinyurl.com/sakfcs
  • https://survey.contact/sakfcsurvey-com/
54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.contact/sakfcsurvey-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.91.95.185 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
185.95.91.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2489dfdfac9de3ed8e37b832baf653a276bdd3d6b23061c267c35db5dc5d581a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Dec 2022 20:00:30 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://survey.contact/wp-json/>; rel="https://api.w.org/" <https://survey.contact/wp-json/wp/v2/posts/1103>; rel="alternate"; type="application/json" <https://survey.contact/?p=1103>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-cdn-c
static
x-httpd-modphp
1
x-pingback
https://survey.contact/xmlrpc.php
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:
x-sg-cdn
1

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status
DYNAMIC
cf-ray
78151f460ab69012-FRA
content-type
text/html; charset=UTF-8
date
Thu, 29 Dec 2022 20:00:29 GMT
location
https://survey.contact/sakfcsurvey-com/
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-powered-by
PHP/8.1.8
x-xss-protection
1; mode=block
siteground-optimizer-combined-css-4ba1cacae81028a482766a684456caaa.css
survey.contact/wp-content/uploads/siteground-optimizer-assets/ 		131 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.contact/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-4ba1cacae81028a482766a684456caaa.css
Requested by
Host: survey.contact
URL: https://survey.contact/sakfcsurvey-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.91.95.185 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
185.95.91.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
182df33866b4bcac77884c0b0d70828fb9292833823c6cc7db175175d1629ca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/sakfcsurvey-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Thu, 29 Dec 2022 20:00:31 GMT
content-encoding
gzip
expires
Fri, 29 Dec 2023 20:00:31 GMT
last-modified
Wed, 16 Nov 2022 18:44:48 GMT
server
nginx
etag
W/"63752fa0-20bc8"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150
Requested by
Host: survey.contact
URL: https://survey.contact/sakfcsurvey-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e60eba482e2d1e214efd947b5e579465994ab4ee025afb172dfa1a3a21fe5282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://survey.contact/
Origin
https://survey.contact
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49325
x-xss-protection
0
server
cafe
etag
11753586419170155274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 20:00:30 GMT
siteground-optimizer-combined-js-54d1399b1fafc5967b7645bf533e0469.js
survey.contact/wp-content/uploads/siteground-optimizer-assets/ 		118 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.contact/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-54d1399b1fafc5967b7645bf533e0469.js
Requested by
Host: survey.contact
URL: https://survey.contact/sakfcsurvey-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.91.95.185 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
185.95.91.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a9b6112cf92e1662a60a3feabfc71df720a82f9820f0623f5a29275ff8b9ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/sakfcsurvey-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Thu, 29 Dec 2022 20:00:31 GMT
content-encoding
gzip
expires
Fri, 29 Dec 2023 20:00:31 GMT
last-modified
Thu, 29 Dec 2022 13:33:11 GMT
server
nginx
etag
W/"63ad9717-1d6c7"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
055825f06e9d2f08993d6c3978a9f1716a9aafcf2ccfa8a5dc9fd5de84e6206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119966
x-xss-protection
0
server
cafe
etag
3995947876873343860
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 20:00:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 06F8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1751089763893150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://survey.contact/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 01:38:29 GMT
etag
10353107486223812946
expires
Thu, 12 Jan 2023 01:38:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a70cc61c7589d5278256126d8817f1be4c33abc395c224432477c13362d28d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 14:15:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
20711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21426
x-xss-protection
0
server
cafe
etag
2908216769304168259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jan 2023 14:15:20 GMT
cookie.js
partner.googleadservices.com/gampad/ 		395 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=survey.contact&callback=_gfp_s_&client=ca-pub-1751089763893150&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df56f7b2037f57f987fb193c2fab007077f43122e8971beb5e0bba7d425e2368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=survey.contact
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=survey.contact
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 413B 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1672344031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fsakfcsurvey-com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672344031556&bpp=6&bdt=1077&idt=378&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8497326423418&rume=1&frm=20&pv=2&ga_vid=639293803.1672344032&ga_sid=1672344032&ga_hid=1173686304&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C31071167%2C31071269%2C44780792%2C31061691%2C31061693&oid=2&pvsid=3993645808344754&tmod=2112061631&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=402
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://survey.contact/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 20:00:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sa-kfc-survey.webp
survey.contact/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.contact/wp-content/uploads/2022/12/sa-kfc-survey.webp
Requested by
Host: survey.contact
URL: https://survey.contact/sakfcsurvey-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.91.95.185 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
185.95.91.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d25ad7edbddec42afb4588d31648d2ced076ed02485bdd07042edaf32f227e07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/sakfcsurvey-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Thu, 29 Dec 2022 20:00:32 GMT
expires
Fri, 29 Dec 2023 20:00:32 GMT
last-modified
Sat, 10 Dec 2022 06:07:56 GMT
server
nginx
etag
"6394223c-2968"
x-proxy-cache-info
0 NC:000000 UP:
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
10600
x-cdn-c
static
x-sg-cdn
1
sakfcsurvey-receipt.webp
survey.contact/wp-content/uploads/2022/12/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.contact/wp-content/uploads/2022/12/sakfcsurvey-receipt.webp
Requested by
Host: survey.contact
URL: https://survey.contact/sakfcsurvey-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.91.95.185 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
185.95.91.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
925d925ad59b02334a9cf259f3edac74966ecbd3b782bed01ef9bf901fac59d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/sakfcsurvey-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Thu, 29 Dec 2022 20:00:33 GMT
expires
Fri, 29 Dec 2023 20:00:32 GMT
last-modified
Sat, 10 Dec 2022 10:06:42 GMT
server
nginx
etag
"63945a32-b400"
x-proxy-cache-info
0 NC:000000 UP:
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
46080
x-cdn-c
static
x-sg-cdn
1
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65629ec7adf3c7f305fa7c6b2680b69da429c4fb3fdb6510db78ab337583dc45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11139
x-xss-protection
0
sakfcsurvey-homepage.webp
survey.contact/wp-content/uploads/2022/12/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.contact/wp-content/uploads/2022/12/sakfcsurvey-homepage.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.91.95.185 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
185.95.91.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
148d8c56abc529c6d37645233b4a1bb93c146557859e0a49064117c70ca7eedd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/sakfcsurvey-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache
MISS
date
Thu, 29 Dec 2022 20:00:34 GMT
expires
Fri, 29 Dec 2023 20:00:34 GMT
last-modified
Sat, 10 Dec 2022 10:10:17 GMT
server
nginx
etag
"63945b09-22160"
x-proxy-cache-info
0 NC:000000 UP:
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
139616
x-cdn-c
static
x-sg-cdn
1
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1751089763893150&plah=survey.contact&bust=31071167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 29 Dec 2022 20:00:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3119 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://survey.contact/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
81086
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 21:29:07 GMT
expires
Thu, 28 Dec 2023 21:29:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2351 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5fbf0271d7b08526622a36151d32d95e3db5b85dbd027d55959f30cc975e75f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FbEzt-CKxYv98zuiPqk_AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://survey.contact/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-FbEzt-CKxYv98zuiPqk_AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 20:00:33 GMT
expires
Thu, 29 Dec 2022 20:00:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 3119 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 21:35:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2351 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3993645808344754&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3119 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XxsvRA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 20:00:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lc9ighn3&c=3993645808344754&e=44759876%2C44759927%2C44759842%2C44777506%2C31071167%2C44780792%2C31061691%2C31061693&ctx=1&met.3=1001.1wf_1__1~164.1wi_1~165.1wd_6~166.1vv_14~1032.26v~326.26x_2~832.270~868.270~216.26u_7~215.26u_7~843.26t_8~779.272~889.27h~639.27m~112.2aw_2~629.2d5_1~243.374_1~113.373_2&met.7=CBsQCMAB3JyR6Q0~CBsQByDrCjiFCMABv8LHxAQ~CAEQChgBIOsKKOsKMKMNOLgCQOwKSO0KUO0KWOELYJsLaOELcN4MeNmDA4ABrYEDiAHQ_AiwAQG4AQPAAd6Ov5sB~CBsQCiDrCjiADMABzIaNOA~CAMQChgBIJ8TKJ8TMIQWOOYCUJ8TWIAUYJ8TaIEUcPsUeMqrB4ABnqkHiAGHoRawAQG4AQPAAZKlkKsL~CAwQBRgBILITKLITMN4UOKsBQLQTSLQTULQTWK0UYOITaK4UcNwUeL4jgAGSIYgBrEywAQG4AQPAAbrR5nw~CBwQChgBIJsWKJsWMM4WODRonBZwyxZ43qkBgAGypwGIAcq5A7ABAbgBA8AB2b2N4gU~CBsQChgBIKAWKKAWMPYXONYBQKAWSKEWUKEWWKQXYM8WaK4XcPUXeKkEgAH9AYgBiwOwAQG4AQPAAeSq4PAC~CC8QBxgBIKkWKKkWMPcXOM4BQKkWSKoWUKoWWKkXYNgWaK4XcPYXeJADgAFkiAFrsAEBuAEDwAHttbKwCg~CC8QBxgBIKkWKKkWMPUXOMwBQKoWSKoWUKoWWKsXYNgWaK4XcPQXeJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CAUQBRgBILEWKLEWMOcYOLYCQKQXSKUXUKUXWIYYYKUXaIcYcOMYeNoCgAEuiAHbBLABAbgBA8ABkMey8Ag~CBsQBiD4FjjMBsABg4zxzA4~CBsQBiD4Fji0CcABxtXpxg0~CBsQCDiuIMAB3JyR6Q0~CCcQDRgBIK0gKK0gMPMhOMYBUK4gWI0hYK4gaI0hcOoheK9ZgAGDV4gBpXOwAQG4AQPAAfPyy64L~CCcQChgBIPQhKPQhMNsjOOcBwAHiwZvaBQ~CCcQBRgBIO8jKO8jMIwlOJ0BwAGZlZ-gCw~CBsQBRgBIPMjKPMjMLQlOMIBwAHPxtriAQ&met.1=1.lc9igfc7~6.dn~7.dp~8.dq~9.dq~10.f8~11.e6~12.f8~13.12c~14.12d~15.12g~16.1xa~17.29i~18.29i~19.371~20.371~21.372~22.1w0~23.1w0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 20:00:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3993645808344754&bg=!9Pel97PNAAYgquz3AKo7ACkAdvg8WvWTZaKsGOpINmRvPj2D-c6j0O_SnomGUNMdHDdxkxLNAt2L8gIAAAB8UgAAAANoAQeZAtp8aBFkQYGN4BvVmvDLCQXhXB9PTwVF_GcBBtoiZsTkWUE09B_phdnE9C4Aly5VB6SYDo7Y5N2X1Ompfwl0UowJZacururFClwzkehUs2wkCHjw2XZTomOQwkFItRvkBVebB18a-HeZZLcjyZC9b6YHlyZnC36xSDNkjZM2bUs5XMINodjWst4vpKHwF8CgipSFuwwsx91pEwrAbsHlsG9JzX8zhyDHCEONH5RKBV14LkuaoWt2itWzBvH4JPnqdiXhxgSZuG0f1CPMwxFNvkCsXc6uG-6cqFNog0eTWCKhB3PToNoqRBNGP8K6GlHt6WYxEAwci0Djijo2rhMSEEpC77AAuLBV8GCPoviSxOtMinRrmLAmxR2I2JMLK-3R_M7yhHSsj2Ah8tWL9eYx0wSHUcMNX489pcta3pVIi76afDxSeyXBYmxv06nJDfn3EcOP4eRFdsmURUInXn1I2iDeU92GZgRzBjVTs7HYdABEuFHORbH2Wai1_htCEoMdgIBmCGVVguV-QNRGRD1OrqnWeC1qc2VXwmCqWUXiU7JBzeQfPFOBZu9ycYW5cmStIcODMmTeZ7KSHlc72JUq5__GEU4X_xTwCcY1buD_wHnWQCHB0W0L0-9nwMCG_SFcJ6KaILX5P2MDNxFC-G7D8dl02Ro3T4WpuibYd16sZJBMpE3wc72xmHnrOthGEmbzGGN2Tn2fLr5v8C8IA2ObPD5PZUL8tE5URK3fJq39igdP-A7mUa8Nqxi1F2oee5CLV83QXVmbPq63VTY8I0olm1Ea3JYPOmY-KrX7wyz5okGm89CJwdvSrGPatqRLCDydu9kIawY_gJpC6ZoKSoNLMcECgGKKTF_XFQCUZigB0zN7YUob825JTGYnKvbilr_yDPf07V1XkBdTyZQsZ_I_W0X9NGMIlJi_hw0EokyZSRjpfNL5BJ2hMYACe5LgQzN4No7yXqkagx_XffBh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.contact/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| NeveProperties function| google_sa_impl object| google_rum_config object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| html string| theme object| variants function| setCurrentTheme object| observer undefined| $ function| jQuery object| lazySizes object| addComment object| _google_rum_ns_ object| HFG undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.survey.contact/ Name: __gads
Value: ID=91a0627b2a82cffa-22c9cdaf74da007d:T=1672344032:RT=1672344032:S=ALNI_MZsqZ0OdomLHa7T6OqLpE-mli-JOQ
.survey.contact/ Name: __gpi
Value: UID=00000b99b37fbfbd:T=1672344032:RT=1672344032:S=ALNI_MZR-IjPRSBlj9dR-M_PkKnh85JTgw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1751089763893150&output=html&adk=3105533540&adf=2621220088&lmt=1672344031&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fsurvey.contact%2Fsakfcsurvey-com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672344031556&bpp=6&bdt=1077&idt=378&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8497326423418&rume=1&frm=20&pv=2&ga_vid=639293803.1672344032&ga_sid=1672344032&ga_hid=1173686304&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777506%2C31071167%2C31071269%2C44780792%2C31061691%2C31061693&oid=2&pvsid=3993645808344754&tmod=2112061631&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=402
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
csi.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
survey.contact
tinyurl.com
tpc.googlesyndication.com
www.google.com
2001:4860:4802:32::3
2606:4700:10::ac43:1e1
2a00:1450:400d:804::2002
2a00:1450:400d:806::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80d::2002
34.91.95.185
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
055825f06e9d2f08993d6c3978a9f1716a9aafcf2ccfa8a5dc9fd5de84e6206e
148d8c56abc529c6d37645233b4a1bb93c146557859e0a49064117c70ca7eedd
182df33866b4bcac77884c0b0d70828fb9292833823c6cc7db175175d1629ca3
2489dfdfac9de3ed8e37b832baf653a276bdd3d6b23061c267c35db5dc5d581a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fbf0271d7b08526622a36151d32d95e3db5b85dbd027d55959f30cc975e75f8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65629ec7adf3c7f305fa7c6b2680b69da429c4fb3fdb6510db78ab337583dc45
7a9b6112cf92e1662a60a3feabfc71df720a82f9820f0623f5a29275ff8b9ca4
925d925ad59b02334a9cf259f3edac74966ecbd3b782bed01ef9bf901fac59d8
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70cc61c7589d5278256126d8817f1be4c33abc395c224432477c13362d28d7e
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d25ad7edbddec42afb4588d31648d2ced076ed02485bdd07042edaf32f227e07
df56f7b2037f57f987fb193c2fab007077f43122e8971beb5e0bba7d425e2368
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60eba482e2d1e214efd947b5e579465994ab4ee025afb172dfa1a3a21fe5282
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629