pandacreck.ch Open in urlscan Pro
194.150.248.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pandacreck.ch/
Submission: On February 01 via api (February 1st 2024, 3:14:30 am UTC) from CH — Scanned from CH

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 194.150.248.68, located in Switzerland and belongs to NOVATREND-AS, CH. The main domain is pandacreck.ch.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time pandacreck.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	194.150.248.68 194.150.248.68	35206 (NOVATREND-AS) (NOVATREND-AS)
2	108.138.36.7 108.138.36.7	16509 (AMAZON-02) (AMAZON-02)
1	52.211.39.184 52.211.39.184	16509 (AMAZON-02) (AMAZON-02)
8	18.173.187.2 18.173.187.2	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
13	5

1 194.150.248.68 (Switzerland)

ASN35206 (NOVATREND-AS, CH)
PTR: b3.tophost.ch

pandacreck.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-7.muc50.r.cloudfront.net

embed-cdn.surveyhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.39.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-39-184.eu-west-1.compute.amazonaws.com

www.umfrageonline.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.173.187.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-2.muc50.r.cloudfront.net

resources.surveyhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	surveyhero.com embed-cdn.surveyhero.com — Cisco Umbrella Rank: 319986 resources.surveyhero.com — Cisco Umbrella Rank: 662204	156 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	umfrageonline.ch www.umfrageonline.ch	5 KB
1	pandacreck.ch pandacreck.ch	418 B
13	4

	Domain	Requested by
8	resources.surveyhero.com	www.umfrageonline.ch resources.surveyhero.com
2	embed-cdn.surveyhero.com	pandacreck.ch embed-cdn.surveyhero.com
1	www.google-analytics.com	resources.surveyhero.com
1	www.umfrageonline.ch	embed-cdn.surveyhero.com
1	pandacreck.ch
13	5

This site contains no links.

Subject Issuer	Validity	Valid
pandacreck.ch R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
embed-cdn.surveyhero.com Amazon RSA 2048 M03	`2023-12-18` - `2025-01-14`	a year	crt.sh
surveyhero.com Amazon RSA 2048 M02	`2023-12-21` - `2025-01-18`	a year	crt.sh
resources.surveyhero.com Amazon RSA 2048 M02	`2023-04-22` - `2024-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pandacreck.ch/
Frame ID: 9D94DECD17CEC2155000D2D7FFC661A0
Requests: 3 HTTP requests in this frame

Frame: https://www.umfrageonline.ch/e/ai7gqnzc?url=https%3A%2F%2Fpandacreck.ch%2F
Frame ID: 2C7498156B482054CF8F04C87F7FADB6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

13
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

182 kB
Transfer

492 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pandacreck.ch/ 182 B
418 B 104ms
18ms Document
text/html 194.150.248.68
NOVATREND-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pandacreck.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.150.248.68 , Switzerland, ASN35206 (NOVATREND-AS, CH),
Reverse DNS: b3.tophost.ch
Software: LiteSpeed /
Resource Hash: 66fa44ee0795a9bab00cff603d8b22a75aac7fdf8cd2402751fc59b7fad38a38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 182
content-type: text/html
date: Thu, 01 Feb 2024 03:14:26 GMT
last-modified: Fri, 18 Mar 2022 07:47:42 GMT
server: LiteSpeed

GET
H2 200 embed.ai7gqnzc.js Show response
embed-cdn.surveyhero.com/js/user/ 1 KB
1 KB 267ms
190ms Script
application/javascript 108.138.36.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cdn.surveyhero.com/js/user/embed.ai7gqnzc.js
Requested by: Host: pandacreck.ch
URL: https://pandacreck.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-7.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df64f7e531ac39c5b3cbb9f757444ba5575308807b664664266b5e0785362444

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:14:27 GMT
content-encoding: gzip
via: 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
x-amz-version-id: Tgwqp21V2tqFYE3ET4GSkf.tpcgtWcuI
last-modified: Fri, 18 Mar 2022 07:35:37 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: W/"1e156bffa66b9517a5a9d3df5ee86161"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: 7Qx4b_GgAbuP9swmf9AAb0Ztt-gGzJBHy_Js8koNuoabOo3Q0nToFQ==

GET
H2 200 main.js Show response
embed-cdn.surveyhero.com/js/core/ 15 KB
5 KB 157ms
157ms Script
application/javascript 108.138.36.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cdn.surveyhero.com/js/core/main.js
Requested by: Host: embed-cdn.surveyhero.com
URL: https://embed-cdn.surveyhero.com/js/user/embed.ai7gqnzc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-7.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc6e96aec41a8d9a70425546a4e2442e885260cf50173cf87752d1a2b7b579d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: kwX_8L1gwzZf.FOMCNbrgPl0WJvMYvJo
content-encoding: gzip
via: 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
date: Thu, 01 Feb 2024 03:14:27 GMT
last-modified: Thu, 03 Feb 2022 20:29:04 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: W/"ed19f57a1e60619df6e95ef2a21f358a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600, no-transform, public
x-amz-cf-id: jQ4bT5-jROtfNaNqFVxDiMKODuT3edVeiRXpIHFze6SXP7hfaGj6DQ==

GET
H2 200 ai7gqnzc Show response
www.umfrageonline.ch/e/ Frame 2C74 13 KB
5 KB 241ms
119ms Document
text/html 52.211.39.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.umfrageonline.ch/e/ai7gqnzc?url=https%3A%2F%2Fpandacreck.ch%2F

Requested by

Host: embed-cdn.surveyhero.com
URL: https://embed-cdn.surveyhero.com/js/core/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.211.39.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-39-184.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

cba01ea50a31066d50431d74ee2a71e7702b1aa83ea50d99bc9647902c476bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pandacreck.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 01 Feb 2024 03:14:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 logo-white-umfrageonline.9f47d9d.png
resources.surveyhero.com/assets/img/brand-specific/ Frame 2C74 4 KB
5 KB 101ms
28ms Image
image/png 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.surveyhero.com/assets/img/brand-specific/logo-white-umfrageonline.9f47d9d.png
Requested by: Host: www.umfrageonline.ch
URL: https://www.umfrageonline.ch/e/ai7gqnzc?url=https%3A%2F%2Fpandacreck.ch%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bfd26ac5ae5decb42684043ae162899318e800aed46e383419711b3beaa99c4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:48:01 GMT
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
last-modified: Mon, 14 Jun 2021 09:35:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21518786
etag: "bdbf4b353ab74ae8d70b4995e584b458"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
content-length: 4212
x-amz-cf-id: LICzoO6z58-hk_OFFqzqQl5_94oJpBbN5o8yK5VITG-APjjKmyOUrg==

GET
H2 200 questionnaire.9b41d66.js Show response
resources.surveyhero.com/js/ Frame 2C74 97 KB
34 KB 104ms
30ms Script
application/javascript 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.surveyhero.com/js/questionnaire.9b41d66.js
Requested by: Host: www.umfrageonline.ch
URL: https://www.umfrageonline.ch/e/ai7gqnzc?url=https%3A%2F%2Fpandacreck.ch%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a8b479772f4dda5270faf2a3f09824578158f2a5720bb5e6764d1bc9fedba1e

Request headers

Referer: https://www.google.ch/
Origin: https://www.umfrageonline.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 17:30:13 GMT
content-encoding: gzip
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 19647854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 23 Feb 2023 11:57:21 GMT
server: AmazonS3
etag: W/"9b41d66d3ace8a57cea8510341069f01"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: RbjfJ-b8Np1BMrO-yZsTGw5RfbW45md4PeFsT6f9Zukr4oObVV-x6A==

GET
H2 200 ga.dee91b5.js Show response
resources.surveyhero.com/js/ Frame 2C74 598 B
1 KB 96ms
31ms Script
application/javascript 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.surveyhero.com/js/ga.dee91b5.js
Requested by: Host: www.umfrageonline.ch
URL: https://www.umfrageonline.ch/e/ai7gqnzc?url=https%3A%2F%2Fpandacreck.ch%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b155e240e6de748a67fec9b7f82769ac3f05d3fa2d2f83c25f4e2d305fbf82a9

Request headers

Referer: https://www.google.ch/
Origin: https://www.umfrageonline.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 21 May 2023 20:15:04 GMT
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 22057163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 598
last-modified: Thu, 23 Feb 2023 11:57:15 GMT
server: AmazonS3
etag: "dee91b5182cdb3165cbb261d0ea1af30"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: m0jkHYtHgHOCrek4v0t9uodzYWZdKgBLv2zf4GcyMvgzqXm0cKlYfg==

GET
H2 200 questionnaire-index.9cc31b5.js Show response
resources.surveyhero.com/js/ Frame 2C74 210 KB
50 KB 31ms
31ms Script
application/javascript 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.surveyhero.com/js/questionnaire-index.9cc31b5.js
Requested by: Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.9b41d66.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cffc9177b4763969e6d145d2b1480d7b592ee36bc18247abca4b4e4824b82398

Request headers

Referer: https://www.google.ch/
Origin: https://www.umfrageonline.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:45:42 GMT
content-encoding: gzip
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 6074926
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 Nov 2023 19:39:12 GMT
server: AmazonS3
etag: W/"9cc31b52fcec5902956ee480b473275c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: ox62a7HpULwapKVkLxdyl2I_Dib0EoYH6bYOPkSkjagJqbrogjYmig==

GET
H2 200 questionnaire-index.7a4907d.css
resources.surveyhero.com/css/ Frame 2C74 49 KB
10 KB 30ms
30ms Stylesheet
text/css 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.surveyhero.com/css/questionnaire-index.7a4907d.css
Requested by: Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.9b41d66.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74cb78cdd8e976ee9ba5ebcf3460f61476646bfebbef94ad46bc1f071fc0ea84

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:28:55 GMT
content-encoding: gzip
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jul 2023 10:37:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 4524333
etag: W/"4d6806dac792785aa80c2a68df1f49e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 5Ya27Mxj8-01hg_O6sGvY7nH33-o_JBiOVyDHKls1ZPQgbSIE8HC5Q==

GET
H2 200 embed-auto.c88d59e.css
resources.surveyhero.com/css/ Frame 2C74 1 KB
900 B 28ms
27ms Stylesheet
text/css 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.surveyhero.com/css/embed-auto.c88d59e.css
Requested by: Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.9b41d66.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 208f0d895ccf5181b719e8e64c65224cf23ade3a4ca0964b97a4484de4e4aaf9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:37:14 GMT
content-encoding: gzip
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
last-modified: Fri, 30 Jul 2021 15:50:11 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 20842634
etag: W/"c88d59e56ab55320e2f56e5fb8f32b02"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: w9Bhwi9Lwr93XjpCylOSCfNXrU5HuT9wbNQAAW13a0nUkXnVHY9H_w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2C74 52 KB
21 KB 65ms
16ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/ga.dee91b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Feb 2024 03:06:46 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 01 Feb 2024 05:06:46 GMT

GET
H2 200 open-sans-v34-latin-300-400-600-700.fcda1ea.woff2
resources.surveyhero.com/assets/fonts/open-sans/ Frame 2C74 44 KB
44 KB 32ms
32ms Font
font/woff2 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.surveyhero.com/assets/fonts/open-sans/open-sans-v34-latin-300-400-600-700.fcda1ea.woff2
Requested by: Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/css/questionnaire-index.7a4907d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Request headers

Referer: https://www.google.ch/
Origin: https://www.umfrageonline.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 00:29:42 GMT
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 10550686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 44856
last-modified: Wed, 12 Oct 2022 18:46:29 GMT
server: AmazonS3
etag: "565ce506190ad3af920b40baf1794cec"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: i291kzZl2UogOQgSFWTf7o-RIylQ7pxNUgIWvLXlN53h_Xw4mew8Vw==

GET
H2 200 logo-umfrageonline.ed9b150.png
resources.surveyhero.com/assets/img/brand-specific/ Frame 2C74 5 KB
5 KB 28ms
28ms Image
image/png 18.173.187.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.surveyhero.com/assets/img/brand-specific/logo-umfrageonline.ed9b150.png
Requested by: Host: www.umfrageonline.ch
URL: https://www.umfrageonline.ch/e/ai7gqnzc?url=https%3A%2F%2Fpandacreck.ch%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-2.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3857648a2e309d73e496fbc49cf3ae6a124539480c45b64f4fb910dc94158d14

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 04:32:26 GMT
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
last-modified: Mon, 14 Jun 2021 09:35:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 9758522
etag: "f2f2a728aabac0b2065402f54b89a58a"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
content-length: 4639
x-amz-cf-id: ZfuXjYjydmvHCvXTwXK0-wWpK32eCCLIyG0l-GircrEdShSjS0VmVg==

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| SurveyHero

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

embed-cdn.surveyhero.com
pandacreck.ch
resources.surveyhero.com
www.google-analytics.com
www.umfrageonline.ch
108.138.36.7
18.173.187.2
194.150.248.68
2001:4860:4802:32::178
52.211.39.184
208f0d895ccf5181b719e8e64c65224cf23ade3a4ca0964b97a4484de4e4aaf9
2bfd26ac5ae5decb42684043ae162899318e800aed46e383419711b3beaa99c4
3857648a2e309d73e496fbc49cf3ae6a124539480c45b64f4fb910dc94158d14
66fa44ee0795a9bab00cff603d8b22a75aac7fdf8cd2402751fc59b7fad38a38
74cb78cdd8e976ee9ba5ebcf3460f61476646bfebbef94ad46bc1f071fc0ea84
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9a8b479772f4dda5270faf2a3f09824578158f2a5720bb5e6764d1bc9fedba1e
b155e240e6de748a67fec9b7f82769ac3f05d3fa2d2f83c25f4e2d305fbf82a9
bc6e96aec41a8d9a70425546a4e2442e885260cf50173cf87752d1a2b7b579d1
cba01ea50a31066d50431d74ee2a71e7702b1aa83ea50d99bc9647902c476bb8
cffc9177b4763969e6d145d2b1480d7b592ee36bc18247abca4b4e4824b82398
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df64f7e531ac39c5b3cbb9f757444ba5575308807b664664266b5e0785362444

pandacreck.ch Open in urlscan Pro 194.150.248.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

182 kBTransfer

492 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

pandacreck.ch Open in urlscan Pro
194.150.248.68 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

182 kB
Transfer

492 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions