urlscan.io logo urlscan.io
SecurityTrails logo

www.umfrageonline.com Open in urlscan Pro
34.252.249.73  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.umfrageonline.com/c/9nkf4zik
Submission: On September 19 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 15 HTTP transactions. The main IP is 34.252.249.73, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.umfrageonline.com.
TLS certificate: Issued by Amazon on November 20th 2021. Valid for: a year.
This is the only time www.umfrageonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    34.252.249.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-249-73.eu-west-1.compute.amazonaws.com
www.umfrageonline.com
7    13.32.99.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-52.fra60.r.cloudfront.net
resources.surveyhero.com
1    2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.86.247.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-247-216.vie50.r.cloudfront.net
d1gtzhkuu831vg.cloudfront.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:238d:f800:18:8860:11c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2f1nx482ui1xj.cloudfront.net
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
7 surveyhero.com
resources.surveyhero.com — Cisco Umbrella Rank: 884754
102 KB
2 cloudfront.net
d1gtzhkuu831vg.cloudfront.net
d2f1nx482ui1xj.cloudfront.net
836 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
443 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
1 KB
1 umfrageonline.com
www.umfrageonline.com
6 KB
15 7
Domain Requested by
7 resources.surveyhero.com www.umfrageonline.com
resources.surveyhero.com
2 www.google-analytics.com resources.surveyhero.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d2f1nx482ui1xj.cloudfront.net www.umfrageonline.com
1 fonts.gstatic.com fonts.googleapis.com
1 d1gtzhkuu831vg.cloudfront.net www.umfrageonline.com
1 fonts.googleapis.com resources.surveyhero.com
1 www.umfrageonline.com
15 8

This site contains no links.

Subject Issuer Validity Valid
surveyhero.com
Amazon		 2021-11-20 -
2022-12-19		 a year crt.sh
resources.surveyhero.com
Amazon		 2022-05-22 -
2023-06-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.umfrageonline.com/c/9nkf4zik
Frame ID: BCBB7D642990594487743AB6EFBC16CB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LHH InfoSec Report 2023

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

1011 kB
Transfer

1316 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9nkf4zik
www.umfrageonline.com/c/ 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.umfrageonline.com/c/9nkf4zik
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.249.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-249-73.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
1e588182d6a6e8b0bec57d5c235a9e7ddd1251e2aaeb74e9e3c2e1e013721943
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5535
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 14:21:43 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
logo-umfrageonline.ed9b150.png
resources.surveyhero.com/assets/img/brand-specific/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.surveyhero.com/assets/img/brand-specific/logo-umfrageonline.ed9b150.png
Requested by
Host: www.umfrageonline.com
URL: https://www.umfrageonline.com/c/9nkf4zik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3857648a2e309d73e496fbc49cf3ae6a124539480c45b64f4fb910dc94158d14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.umfrageonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 05:11:49 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 14 Jun 2021 09:35:59 GMT
server
AmazonS3
age
15498595
etag
"f2f2a728aabac0b2065402f54b89a58a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
4639
x-amz-cf-id
GkGPIEM2Mo4dXkcBhNIihTUfNCZyongmmRsZorXDZBzcLHGl-3AH4g==
questionnaire.97195ec.js
resources.surveyhero.com/js/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.surveyhero.com/js/questionnaire.97195ec.js
Requested by
Host: www.umfrageonline.com
URL: https://www.umfrageonline.com/c/9nkf4zik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c629e2541e561813a27eeb021b1c42735569c8a8c007ceac0dbe09fc26f84220

Request headers

Referer
https://www.umfrageonline.com/
Origin
https://www.umfrageonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 13:20:27 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:47:56 GMT
server
AmazonS3
age
2768477
etag
W/"97195ec8f6bfc534e4ae4f16b8abbf02"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, no-transform, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
DzoX19wm7t_kZkNY7XddU9WNdCCCHFvBetW1YHTuSLzBzOYvuX8x7g==
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
ga.d1cb808.js
resources.surveyhero.com/js/ 		598 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.surveyhero.com/js/ga.d1cb808.js
Requested by
Host: www.umfrageonline.com
URL: https://www.umfrageonline.com/c/9nkf4zik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8bd4525e7d084b27461f5cc03d9537342c1dfba72967c5858a00bdd7e8450ac

Request headers

Referer
https://www.umfrageonline.com/
Origin
https://www.umfrageonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 05:34:40 GMT
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
age
13769224
x-cache
Hit from cloudfront
content-length
598
last-modified
Thu, 23 Apr 2020 08:12:07 GMT
server
AmazonS3
etag
"d1cb808a6e3d64fd19d6b7f2d6090ba6"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
ZPlARP5ujRKF0AFplLkkqA1sCZrcp7h2vsWiq7pzVoWp7JJfYHDXRQ==
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,700&display=swap
Requested by
Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.97195ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9683278c37e1582b09e04109e16b915d20c9771e2d07bc4ba0b0b2b9d2e4c480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.umfrageonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 13:15:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 14:21:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 14:21:43 GMT
anonymous-survey.2fc86b7.js
resources.surveyhero.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.surveyhero.com/js/anonymous-survey.2fc86b7.js
Requested by
Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.97195ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb1cab32cab945ed8a94d4525e98995a642759ccd6bd2cc584ff6bb545d01028

Request headers

Referer
https://www.umfrageonline.com/
Origin
https://www.umfrageonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 13:22:00 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 15:23:40 GMT
server
AmazonS3
age
2768384
etag
W/"2fc86b7443959e8546f7694d1d7c140e"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, no-transform, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Bb0_4dsBkjuRbQrAFoE5L3wDpbjvlKMnPBTmSVxDdYC2T0GQ3gJ1VA==
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
questionnaire-index.be36f16.js
resources.surveyhero.com/js/ 		210 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.surveyhero.com/js/questionnaire-index.be36f16.js
Requested by
Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.97195ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
115ce7cffeb4e35461e6327218dc8a91d6e8b739d3b77e297674387274f23e87

Request headers

Referer
https://www.umfrageonline.com/
Origin
https://www.umfrageonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 09:16:02 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 09:12:32 GMT
server
AmazonS3
age
2264742
etag
W/"be36f16edf92dd6dbbaa00a24246419e"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, no-transform, public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
iuqPb3SVOBnc4bL1h0D2sOlXlNXrZt7PqNBN8PwDiwYn3LVPu31ZaA==
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
questionnaire-index.aa69432.css
resources.surveyhero.com/css/ 		48 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.surveyhero.com/css/questionnaire-index.aa69432.css
Requested by
Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.97195ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f77cb3b73fc93a5babb5456d74d240406bd5a4e9250114397c49771746be82c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.umfrageonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 12:35:27 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 12:32:38 GMT
server
AmazonS3
age
2771177
etag
W/"6cc1af7fdbb62e8906fe3b14705b9a1a"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
K4s6whhhpLbNeKQarJ9lANCleNfdp9MOWe-JC9b5nQLuzylYn_3liw==
anonymous-survey-modal.f5f01be.css
resources.surveyhero.com/css/ 		603 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.surveyhero.com/css/anonymous-survey-modal.f5f01be.css
Requested by
Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/questionnaire.97195ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfc8c74b818802e74959d79032a5998bbd28311e0b3cb374ced90409a78a764a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.umfrageonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 07:16:53 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Sat, 02 Mar 2019 08:34:40 GMT
server
AmazonS3
age
8060691
etag
"f5f01bea0d1d60a36ee40083eb101c49"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=315360000, no-transform, public
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
603
x-amz-cf-id
fTDgHd5BwwyGscnXQLQddNErqd-x6fSSrKTzd6rUUoL4bGcKGMB0_w==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: resources.surveyhero.com
URL: https://resources.surveyhero.com/js/ga.d1cb808.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.umfrageonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3945
date
Mon, 19 Sep 2022 13:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 15:15:58 GMT
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1365449214&t=pageview&_s=1&dl=https%3A%2F%2Fwww.umfrageonline.com%2Fc%2F9nkf4zik&ul=en-us&de=UTF-8&dt=LHH%20InfoSec%20Report%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=269216872&gjid=1083638275&cid=1479810126.1663597303&tid=UA-71540326-1&_gid=1982996143.1663597303&_r=1&_slc=1&z=1214452796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.umfrageonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 14:21:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.umfrageonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
3-d3b87cfbd50f834430d71e2ae719eb05.jpg
d1gtzhkuu831vg.cloudfront.net/ 		267 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1gtzhkuu831vg.cloudfront.net/3-d3b87cfbd50f834430d71e2ae719eb05.jpg
Requested by
Host: www.umfrageonline.com
URL: https://www.umfrageonline.com/c/9nkf4zik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.247.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-247-216.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
818da32839bea4230c38a793bb0cad51eaff2d7cfd74b22ae4c8fcf2c9cd62e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.umfrageonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 06:01:26 GMT
via
1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
last-modified
Thu, 17 Sep 2020 09:05:53 GMT
server
AmazonS3
age
980418
etag
"b16e102aba4eb52a826582c4e5ecaadf"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
273055
x-amz-cf-id
zttM0ywLzKP0nIoB_d7l67aZv80hi_t2dRX3ZWmNF8z-zsK9BttiTg==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.umfrageonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 18:50:24 GMT
x-content-type-options
nosniff
age
588679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 18:50:24 GMT
4884028-1-nynrgkev09os28r9fv3m2oiko16dzdi6.png
d2f1nx482ui1xj.cloudfront.net/ 		568 KB
569 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2f1nx482ui1xj.cloudfront.net/4884028-1-nynrgkev09os28r9fv3m2oiko16dzdi6.png
Requested by
Host: www.umfrageonline.com
URL: https://www.umfrageonline.com/c/9nkf4zik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:f800:18:8860:11c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a95d15bf6d804fb1993a99e0bd3636bdfc3885d030f94b5ee1baf8a422277ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.umfrageonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 12:44:01 GMT
via
1.1 f5d6b2021b5a22554c0e7f5b20207324.cloudfront.net (CloudFront)
last-modified
Wed, 31 Aug 2022 18:42:41 GMT
server
AmazonS3
age
5863
etag
"22ab961ce54968a798b12c2731e6d906"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
AMS1-P1
accept-ranges
bytes
content-length
581370
x-amz-cf-id
c9oJpZWMvxv-EYC6FIIurO6yBH9vGXgm4-9KWo1Ul7aIvfFQooxCrA==
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71540326-1&cid=1479810126.1663597303&jid=269216872&gjid=1083638275&_gid=1982996143.1663597303&_u=YEBAAEAAAAAAAC~&z=1211478833
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.umfrageonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 14:21:43 GMT
content-type
text/plain
access-control-allow-origin
https://www.umfrageonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| GlobalAppContent function| $ function| jQuery function| loadScriptsInOrder function| Patience object| ready object| displayThemeService string| GoogleAnalyticsObject function| ga object| AnonymousSurveyModule function| $$ function| Spinner object| Theme undefined| initData undefined| sliderDefaultText undefined| survey_title undefined| can_navigate_back undefined| modal undefined| selected_option_color undefined| remove_powered_by undefined| scrollingService object| Project object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| jQuery112408569137579049069

5 Cookies

Domain/Path Name / Value
.umfrageonline.com/c Name: C963773
Value: 7x6d3w5y1h0aa2ntqd17sznbrt9nk4iankfns45a1c36rdqsq4
www.umfrageonline.com/ Name: PHPSESSID
Value: 73lrtt37aldttqk31sk0h1gbrf
.umfrageonline.com/ Name: _ga
Value: GA1.2.1479810126.1663597303
.umfrageonline.com/ Name: _gid
Value: GA1.2.1982996143.1663597303
.umfrageonline.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1gtzhkuu831vg.cloudfront.net
d2f1nx482ui1xj.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
resources.surveyhero.com
stats.g.doubleclick.net
www.google-analytics.com
www.umfrageonline.com
13.32.99.52
2001:4860:4802:36::178
2600:9000:238d:f800:18:8860:11c0:21
2a00:1450:4001:829::2003
2a00:1450:400c:c06::9a
2a00:1450:400e:80f::200a
34.252.249.73
99.86.247.216
115ce7cffeb4e35461e6327218dc8a91d6e8b739d3b77e297674387274f23e87
1e588182d6a6e8b0bec57d5c235a9e7ddd1251e2aaeb74e9e3c2e1e013721943
3857648a2e309d73e496fbc49cf3ae6a124539480c45b64f4fb910dc94158d14
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
818da32839bea4230c38a793bb0cad51eaff2d7cfd74b22ae4c8fcf2c9cd62e8
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9683278c37e1582b09e04109e16b915d20c9771e2d07bc4ba0b0b2b9d2e4c480
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a95d15bf6d804fb1993a99e0bd3636bdfc3885d030f94b5ee1baf8a422277ec7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bfc8c74b818802e74959d79032a5998bbd28311e0b3cb374ced90409a78a764a
c629e2541e561813a27eeb021b1c42735569c8a8c007ceac0dbe09fc26f84220
cb1cab32cab945ed8a94d4525e98995a642759ccd6bd2cc584ff6bb545d01028
f77cb3b73fc93a5babb5456d74d240406bd5a4e9250114397c49771746be82c2
f8bd4525e7d084b27461f5cc03d9537342c1dfba72967c5858a00bdd7e8450ac