urlscan.io logo urlscan.io
SecurityTrails logo

survey.questionstar.com Open in urlscan Pro
217.160.185.200  Public Scan

Go To Rescan Add Verdict Report
URL: https://survey.questionstar.com/d459de80/60844167
Submission: On July 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 10 domains to perform 26 HTTP transactions. The main IP is 217.160.185.200, located in Spain and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is survey.questionstar.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 10th 2020. Valid for: 3 months.
This is the only time survey.questionstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    217.160.185.200 (Spain)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: s21516412.onlinehome-server.info
survey.questionstar.com
external.questionstar.com
survey.questionstar.de
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
14 survey.questionstar.com survey.questionstar.com
6 mc.yandex.ru 1 redirects survey.questionstar.com
mc.yandex.ru
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 fonts.gstatic.com mc.yandex.ru
1 survey.questionstar.de survey.questionstar.com
1 external.questionstar.com survey.questionstar.com
1 fonts.googleapis.com survey.questionstar.com
1 www.google.de survey.questionstar.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com survey.questionstar.com
26 11

This site contains links to these domains. Also see Links.

Domain
www.questionstar.de
Subject Issuer Validity Valid
www.questionstar.de
Let's Encrypt Authority X3		 2020-07-10 -
2020-10-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://survey.questionstar.com/d459de80/60844167
Frame ID: 38F20BC1C74C17EFBEDBCBE48EF732BD
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

89 %
IPv6

10
Domains

11
Subdomains

7
IPs

4
Countries

744 kB
Transfer

2204 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=657811873&t=pageview&_s=1&dl=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&dp=%2FQuestionnaire%2FIndex&ul=en-us&de=UTF-8&dt=Best%C3%A4tigung%20Ihrer%20Anmeldung%20bei%20QUESTIONSTAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1247357386&gjid=2008912949&cid=1905018913.1595843283&tid=UA-120478415-3&_gid=108674836.1595843283&_r=1&gtm=2ou7f0&z=1477022754 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_gid=108674836.1595843283&gjid=2008912949&_v=j83&z=1477022754 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_v=j83&z=1477022754 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_v=j83&z=1477022754&slf_rd=1&random=2739082092
Request Chain 21
  • https://mc.yandex.ru/watch/64398961?wmode=7&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595843282789%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200727114803%3Aet%3A1595843284%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406453382367%3Arqn%3A1%3Arn%3A647883776%3Ahid%3A486687496%3Ads%3A58%2C69%2C258%2C1%2C0%2C0%2C0%2C217%2C1%2C%2C%2C%2C606%3Awn%3A28501%3Ahl%3A2%3Agdpr%3A14%3Av%3A1904%3Awv%3A2%3Arqnl%3A1%3Ast%3A1595843284%3Au%3A159584328446432053%3At%3ABest%C3%A4tigung%20Ihrer%20Anmeldung%20bei%20QUESTIONSTAR HTTP 302
  • https://mc.yandex.ru/watch/64398961/1?wmode=7&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595843282789%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200727114803%3Aet%3A1595843284%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406453382367%3Arqn%3A1%3Arn%3A647883776%3Ahid%3A486687496%3Ads%3A58%2C69%2C258%2C1%2C0%2C0%2C0%2C217%2C1%2C%2C%2C%2C606%3Awn%3A28501%3Ahl%3A2%3Agdpr%3A14%3Av%3A1904%3Awv%3A2%3Arqnl%3A1%3Ast%3A1595843284%3Au%3A159584328446432053%3At%3ABest%C3%A4tigung%20Ihrer%20Anmeldung%20bei%20QUESTIONSTAR

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 60844167
survey.questionstar.com/d459de80/ 		60 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5e0b79dc938eb9d2124746fb863769790280cc4adaba6a34fb2a7a106a275a39

Request headers

:method
GET
:authority
survey.questionstar.com
:scheme
https
:path
/d459de80/60844167
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-headers
Content-Type, Accept, Authorization
date
Mon, 27 Jul 2020 09:48:02 GMT
content-length
17063
splashsreen-css
survey.questionstar.com/Content/ 		940 B
742 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/Content/splashsreen-css?v=Uj6zngX3E8y5jyE034t-noSVNF06hiFeZshhe8KuwfI1
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9609331930527c3d3a865e0df5a9655ae07147c6d883b473378914ed7de69b50

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
last-modified
Mon, 27 Jul 2020 09:48:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
606
expires
Tue, 27 Jul 2021 09:48:03 GMT
qs-css
survey.questionstar.com/Content/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/Content/qs-css?v=qU71TQqxEpuuEYz0O87QetXxDxYFhM_WSI7UfxlsSIk1
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7d9c7be3443ff18e3198c47dee2db651cb84071b8a4bcaabd6bfb19a41517c7c

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
last-modified
Mon, 27 Jul 2020 09:48:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
3785
expires
Tue, 27 Jul 2021 09:48:03 GMT
polyfill.min.js
survey.questionstar.com/node_modules/babel-polyfill/dist/ 		96 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/node_modules/babel-polyfill/dist/polyfill.min.js
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da7bbca9d163f4033d5d177be44029dd744610a891a6b58be213cc858923d79d

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
etag
"4eda4a9e637ed51:0"
last-modified
Wed, 09 Oct 2019 05:37:19 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
41652
custom-elements-es5-adapter.js
survey.questionstar.com/node_modules/@webcomponents/webcomponentsjs/ 		954 B
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/node_modules/@webcomponents/webcomponentsjs/custom-elements-es5-adapter.js
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a938b29d41b6db51ad77e0ca4b71689cae58417b993749c4129dc678047ce993

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
etag
"c3f9755e3eedd51:0"
last-modified
Thu, 27 Feb 2020 07:20:20 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
621
webcomponents-loader.js
survey.questionstar.com/node_modules/@webcomponents/webcomponentsjs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/node_modules/@webcomponents/webcomponentsjs/webcomponents-loader.js
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
etag
"b09f379e637ed51:0"
last-modified
Wed, 09 Oct 2019 05:37:19 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
2477
survey-app
survey.questionstar.com/bundles/ 		854 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/bundles/survey-app?v=11ct2_8NIauP-P8AvEKFtpCsnmF3UGSxf8vFCDzX9f81
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c807e8536da08d24b168960953f1370e70799f965cb566fc7580d9bd9b735d7f

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
last-modified
Mon, 27 Jul 2020 09:48:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type, Accept, Authorization
expires
Tue, 27 Jul 2021 09:48:03 GMT
splashsreen
survey.questionstar.com/bundles/ 		309 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/bundles/splashsreen?v=YIXdGsfv9ILOs0m4V-QF30qkxy1HYd2fRYY6nuFR9Ig1
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
708263aa4ba119f0e44739700988fb56393719f10ee3b3a0d27b4736431b77c1

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
last-modified
Mon, 27 Jul 2020 09:48:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
347
expires
Tue, 27 Jul 2021 09:48:03 GMT
jquery
survey.questionstar.com/bundles/ 		172 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/bundles/jquery?v=7LsECqqkNvLhnJExVg76BaRnBkacHjsA0-ti7v73Gmc1
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
627a7ce3e283cbb1251189474ec1d0433964c44c15b54b818e81da2d49726345

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
last-modified
Mon, 27 Jul 2020 09:48:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type, Accept, Authorization
expires
Tue, 27 Jul 2021 09:48:03 GMT
qs-js
survey.questionstar.com/bundles/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/bundles/qs-js?v=qshFpcJ5FxdnxB-N9y0hO7wk6TFLz3ELx-04tF4RtCo1
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f7c44b9bc1a09f61ae7b423f38c86add7f799f4ed1323fdf2d0d782a87fcddeb

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
last-modified
Mon, 27 Jul 2020 09:48:03 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
2905
expires
Tue, 27 Jul 2021 09:48:03 GMT
js
www.googletagmanager.com/gtag/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-120478415-3
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
025032c81ae2c6ded2af29d16ea0a7ad0c49ffade38d27bafe933535a436fee5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:03 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34213
x-xss-protection
0
last-modified
Mon, 27 Jul 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Jul 2020 09:48:03 GMT
de.json
survey.questionstar.com/l10n/ 		212 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/l10n/de.json
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/bundles/survey-app?v=11ct2_8NIauP-P8AvEKFtpCsnmF3UGSxf8vFCDzX9f81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b68adfb1e003280180e7473dfc57f5a9526238808c6b6cb90eebe7651b183a19

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
etag
"c69e3f5a1b60d61:0"
last-modified
Wed, 22 Jul 2020 11:29:24 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
icons.json
survey.questionstar.com/icons/ 		26 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/icons/icons.json
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/bundles/survey-app?v=11ct2_8NIauP-P8AvEKFtpCsnmF3UGSxf8vFCDzX9f81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e82db1d3d3399c20489b5f523f1ca8f2b0d547e3338caa148bafc11242bc88f6

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
etag
"69e2598ea861d61:0"
last-modified
Fri, 24 Jul 2020 10:52:42 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
11359
tag.js
mc.yandex.ru/metrika/ 		363 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
04241e3c48be7d1a6a7ea39acf6355873bf683610242d1768cffb689d7748c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 27 Jul 2020 09:48:03 GMT
Content-Encoding
br
Last-Modified
Thu, 23 Jul 2020 09:49:05 GMT
Server
nginx/1.14.2
ETag
"5f195d11-17183"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
94595
Expires
Mon, 27 Jul 2020 10:48:03 GMT
en.json
survey.questionstar.com/l10n/ 		199 KB
58 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://survey.questionstar.com/l10n/en.json
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/bundles/survey-app?v=11ct2_8NIauP-P8AvEKFtpCsnmF3UGSxf8vFCDzX9f81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f1f5e9c94bfd647daa29ea426b5f69e2f886ea53e3450f7d164754233c30470

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
etag
"18d8405a1b60d61:0"
last-modified
Wed, 22 Jul 2020 11:29:24 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
59141
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120478415-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4461
date
Mon, 27 Jul 2020 08:33:42 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 27 Jul 2020 10:33:42 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=657811873&t=pageview&_s=1&dl=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&dp=%2FQuestionnaire%2FIndex&ul=en-us&de=UTF-8&dt=Bes...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_gid=108674836.1595843283&gjid=2008912949&_v=j83&z=1477022754
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_v=j83&z=1477022754
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_v=j83&z=1477022754&slf_rd=1&random=2739082092
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_v=j83&z=1477022754&slf_rd=1&random=2739082092
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jul 2020 09:48:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Jul 2020 09:48:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-120478415-3&cid=1905018913.1595843283&jid=1247357386&_v=j83&z=1477022754&slf_rd=1&random=2739082092
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:300|Quicksand|Raleway&display=swap
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/bundles/survey-app?v=11ct2_8NIauP-P8AvEKFtpCsnmF3UGSxf8vFCDzX9f81
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3e0ec484238e5d8de5a913df472c9b52b799bb589ebdfb9014c0c15105aa730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Jul 2020 09:48:03 GMT
server
ESF
date
Mon, 27 Jul 2020 09:48:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Jul 2020 09:48:03 GMT
60844167
external.questionstar.com/api/v1/KlickTipp/KlickTipps/Subscriber/ 		181 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://external.questionstar.com/api/v1/KlickTipp/KlickTipps/Subscriber/60844167
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/bundles/jquery?v=7LsECqqkNvLhnJExVg76BaRnBkacHjsA0-ti7v73Gmc1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96e61bf68d89f15d4c122f94e79f76d8a7d6c810e7ec1d20b284640815a4a9a8

Request headers

Accept
*/*
Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:04 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-length
249
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://survey.questionstar.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, Authorization
expires
-1
logo.svg
survey.questionstar.com/content/ 		9 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.questionstar.com/content/logo.svg
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5cdf4e0b4bb0926c9ce2987f0e7dd8fbd91b9e079f3c732ed511c4381e03d92e

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
content-encoding
gzip
etag
"7a852fe5ca1d51:0"
last-modified
Fri, 22 Nov 2019 17:48:05 GMT
server
Microsoft-IIS/10.0
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
5128
fb99505733154b7537e5ae113b3b8b63.jpg
survey.questionstar.de/uploads/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.questionstar.de/uploads/fb99505733154b7537e5ae113b3b8b63.jpg
Requested by
Host: survey.questionstar.com
URL: https://survey.questionstar.com/d459de80/60844167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.185.200 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s21516412.onlinehome-server.info
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
508744b5aa8b00ba6eda23a56b6c76ff33338ea11e033bf40a2fb1ca82987cbb

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 09:48:02 GMT
last-modified
Thu, 06 Sep 2018 20:12:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8021e3f01d46d41:0"
status
200
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, Authorization
content-length
24436
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d0c8.woff
fonts.gstatic.com/s/raleway/v17/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v17/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d0c8.woff
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28de69ec9ba2eb33c1ce75177316db9205598700254d0e3d54b0637be60792f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:300|Quicksand|Raleway&display=swap
Origin
https://survey.questionstar.com

Response headers

date
Tue, 21 Jul 2020 15:03:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:51:29 GMT
server
sffe
age
499491
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19232
x-xss-protection
0
expires
Wed, 21 Jul 2021 15:03:12 GMT
1
mc.yandex.ru/watch/64398961/
Redirect Chain
  • https://mc.yandex.ru/watch/64398961?wmode=7&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595843282789%3As%3A1600x1200x24%3Ask%3A1%...
  • https://mc.yandex.ru/watch/64398961/1?wmode=7&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595843282789%3As%3A1600x1200x24%3Ask%3A...
171 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/64398961/1?wmode=7&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595843282789%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200727114803%3Aet%3A1595843284%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406453382367%3Arqn%3A1%3Arn%3A647883776%3Ahid%3A486687496%3Ads%3A58%2C69%2C258%2C1%2C0%2C0%2C0%2C217%2C1%2C%2C%2C%2C606%3Awn%3A28501%3Ahl%3A2%3Agdpr%3A14%3Av%3A1904%3Awv%3A2%3Arqnl%3A1%3Ast%3A1595843284%3Au%3A159584328446432053%3At%3ABest%C3%A4tigung%20Ihrer%20Anmeldung%20bei%20QUESTIONSTAR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
dbd35b6c460d7e770444c502e99b2d89c7bc1d22bdbfe5e486b02f8ce9245374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Jul 2020 09:48:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27-Jul-2020 09:48:03 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://survey.questionstar.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
X-XSS-Protection
1; mode=block
Expires
Mon, 27-Jul-2020 09:48:03 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Jul 2020 09:48:03 GMT
Last-Modified
Mon, 27-Jul-2020 09:48:03 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://survey.questionstar.com
Strict-Transport-Security
max-age=31536000
Location
/watch/64398961/1?wmode=7&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&charset=utf-8&browser-info=ti%3A10%3Ans%3A1595843282789%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200727114803%3Aet%3A1595843284%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A406453382367%3Arqn%3A1%3Arn%3A647883776%3Ahid%3A486687496%3Ads%3A58%2C69%2C258%2C1%2C0%2C0%2C0%2C217%2C1%2C%2C%2C%2C606%3Awn%3A28501%3Ahl%3A2%3Agdpr%3A14%3Av%3A1904%3Awv%3A2%3Arqnl%3A1%3Ast%3A1595843284%3Au%3A159584328446432053%3At%3ABest%C3%A4tigung%20Ihrer%20Anmeldung%20bei%20QUESTIONSTAR
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 27-Jul-2020 09:48:03 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 27 Jul 2020 09:48:03 GMT
Last-Modified
Mon, 06 Jul 2020 15:32:05 GMT
Server
nginx/1.14.2
ETag
"5f0343f5-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 27 Jul 2020 10:48:03 GMT
64398961
mc.yandex.ru/webvisor/ 		43 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/64398961?wmode=0&rn=586982789&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&wv-type=3&wv-hit=486687496&wv-part=1&browser-info=ti%3A8%3Aet%3A1595843284%3Aw%3A1600x1200%3Av%3A1904%3Az%3A120%3Ai%3A20200727114803%3Abt%3A1%3Ast%3A1595843286%3Au%3A159584328446432053
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 27 Jul 2020 09:48:06 GMT
Last-Modified
Mon, 27-Jul-2020 09:48:06 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://survey.questionstar.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 27-Jul-2020 09:48:06 GMT
64398961
mc.yandex.ru/webvisor/ 		43 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/64398961?wmode=0&rn=572865231&page-url=https%3A%2F%2Fsurvey.questionstar.com%2Fd459de80%2F60844167&wv-type=3&wv-hit=486687496&wv-part=1&browser-info=ti%3A8%3Aet%3A1595843284%3Aw%3A1600x1200%3Av%3A1904%3Az%3A120%3Ai%3A20200727114803%3Ast%3A1595843286%3Au%3A159584328446432053
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://survey.questionstar.com/d459de80/60844167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 27 Jul 2020 09:48:06 GMT
Last-Modified
Mon, 27-Jul-2020 09:48:06 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://survey.questionstar.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 27-Jul-2020 09:48:06 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| IS_SURVEY_APP string| ROOT_PATH object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| WebComponents function| getShadowRootRange function| identifyKey function| DataObject object| L10n object| User function| afterContentLoad function| getComposedActiveElement function| getComposedSelection object| Edit function| Folder function| Folders function| Resource function| Library function| Template function| Note function| Definition function| List function| Item function| Page function| Question function| Survey function| LogicSource function| RespondentFieldLogicSource function| DateLogicSource function| SurveyLogicSource function| UrlParameterLogicSource function| DeviceTypeLogicSource function| SurveyLogicTarget function| Condition function| SkipLogic function| PageSkipLogic function| DisplayLogic function| DisplayLogicSource function| JSCompiler_renameProperty object| API object| ReportAPI object| DataFlow object| DataStorage object| ComponentRegistry function| QuestionTypeMenu object| Modifier object| QS function| NotifyUi object| ShadyCSS function| _toConsumableArray function| $ function| jQuery function| qsINIT function| qsOtherTextHandlers function| qsCorrectVerticalScalesWidth function| qsStyleMatricies function| qsRadioUnchecker function| qsCheckboxUnchecker function| qsCheckboxUncheckerSimple function| qsPolymerSync function| postLoad function| qsInArray function| qsParseInt function| getOtherTextFill function| showLoadingPanel function| getQueryVariable string| qsStrOtherTextFill undefined| qsUserAgent boolean| qsBRetina boolean| isNavigated function| gtag object| dataLayer function| ym string| mode object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| KlickTippRadio function| KlickTippCheckbox function| SendTag function| SendUnTag function| updateInput function| updateFields function| DisabledButtons object| TEST_PAUSE_PROMISE object| Ya object| yaCounter64398961

5 Cookies

Domain/Path Name / Value
.questionstar.com/ Name: _ym_d
Value: 1595843284
.questionstar.com/ Name: _ym_uid
Value: 159584328446432053
.questionstar.com/ Name: _gat_gtag_UA_120478415_3
Value: 1
.questionstar.com/ Name: _gid
Value: GA1.2.108674836.1595843283
.questionstar.com/ Name: _ga
Value: GA1.2.1905018913.1595843283

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

external.questionstar.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
stats.g.doubleclick.net
survey.questionstar.com
survey.questionstar.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
217.160.185.200
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:818::2003
2a00:1450:400c:c0a::9c
2a02:6b8::1:119
025032c81ae2c6ded2af29d16ea0a7ad0c49ffade38d27bafe933535a436fee5
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
04241e3c48be7d1a6a7ea39acf6355873bf683610242d1768cffb689d7748c83
28de69ec9ba2eb33c1ce75177316db9205598700254d0e3d54b0637be60792f0
508744b5aa8b00ba6eda23a56b6c76ff33338ea11e033bf40a2fb1ca82987cbb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5cdf4e0b4bb0926c9ce2987f0e7dd8fbd91b9e079f3c732ed511c4381e03d92e
5e0b79dc938eb9d2124746fb863769790280cc4adaba6a34fb2a7a106a275a39
627a7ce3e283cbb1251189474ec1d0433964c44c15b54b818e81da2d49726345
708263aa4ba119f0e44739700988fb56393719f10ee3b3a0d27b4736431b77c1
7d9c7be3443ff18e3198c47dee2db651cb84071b8a4bcaabd6bfb19a41517c7c
9609331930527c3d3a865e0df5a9655ae07147c6d883b473378914ed7de69b50
96e61bf68d89f15d4c122f94e79f76d8a7d6c810e7ec1d20b284640815a4a9a8
9f1f5e9c94bfd647daa29ea426b5f69e2f886ea53e3450f7d164754233c30470
a938b29d41b6db51ad77e0ca4b71689cae58417b993749c4129dc678047ce993
b3e0ec484238e5d8de5a913df472c9b52b799bb589ebdfb9014c0c15105aa730
b68adfb1e003280180e7473dfc57f5a9526238808c6b6cb90eebe7651b183a19
c807e8536da08d24b168960953f1370e70799f965cb566fc7580d9bd9b735d7f
da7bbca9d163f4033d5d177be44029dd744610a891a6b58be213cc858923d79d
dbd35b6c460d7e770444c502e99b2d89c7bc1d22bdbfe5e486b02f8ce9245374
e82db1d3d3399c20489b5f523f1ca8f2b0d547e3338caa148bafc11242bc88f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c44b9bc1a09f61ae7b423f38c86add7f799f4ed1323fdf2d0d782a87fcddeb
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955