URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Submission Tags: falconsandbox
Submission: On August 25 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 18.235.31.171, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is survey.qwary.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 17th 2023. Valid for: a year.
This is the only time survey.qwary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18.235.31.171 14618 (AMAZON-AES)
1 18.66.204.207 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 108.156.2.18 16509 (AMAZON-02)
1 52.216.218.216 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
6 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
18 9
Apex Domain
Subdomains
Transfer
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 485
p.typekit.net — Cisco Umbrella Rank: 610
196 KB
6 qwary.com
survey.qwary.com
static.qwary.com
5 MB
1 geoip-js.com
geoip-js.com — Cisco Umbrella Rank: 15539
1 KB
1 amazonaws.com
s3.amazonaws.com
34 KB
1 maxmind.com
js.maxmind.com — Cisco Umbrella Rank: 22778
2 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1724
12 KB
18 6
Domain Requested by
6 use.typekit.net survey.qwary.com
3 static.qwary.com survey.qwary.com
static.qwary.com
3 survey.qwary.com survey.qwary.com
www.datadoghq-browser-agent.com
1 p.typekit.net static.qwary.com
1 geoip-js.com www.datadoghq-browser-agent.com
1 s3.amazonaws.com survey.qwary.com
1 js.maxmind.com survey.qwary.com
1 www.datadoghq-browser-agent.com survey.qwary.com
18 8

This site contains links to these domains. Also see Links.

Domain
www.qwary.com
Subject Issuer Validity Valid
*.qwary.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-14 -
2024-01-16
a year crt.sh
*.maxmind.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-19 -
2023-10-19
a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2023-07-10 -
2024-06-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-17 -
2024-05-16
a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh

This page contains 1 frames:

Primary Page: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Frame ID: DB8F1ED5897D7BC3CCC25B104D069C9F
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Project Feedback

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

18
Requests

94 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

5199 kB
Transfer

5824 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
survey.qwary.com/form/
698 KB
87 KB
Document
General
Full URL
https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.31.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-31-171.compute-1.amazonaws.com
Software
/
Resource Hash
762ba24a29626f52f510c37c490fd5ac85c07e614db6ae4eb377b69213954d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Fri, 25 Aug 2023 18:57:51 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
datadog-logs-us.js
www.datadoghq-browser-agent.com/
33 KB
12 KB
Script
General
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.204.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-204-207.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ef43fd8aa0d64cceb10d6c478c94ef2e4049f165ac5edae88854cea85333230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.qwary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:09 GMT
content-encoding
br
via
1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jul 2021 15:01:21 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P1
age
46
etag
W/"db11d410d4863029081228535272ffd9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
QvePGlF_tb3A1cQKGhhrTcRHu6AMHaAUrY9QGqYBqa9BZd-nx1V31Q==
geoip2.js
js.maxmind.com/js/apis/geoip2/v2.1/
3 KB
2 KB
Script
General
Full URL
https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.qwary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Aug 2023 18:18:41 GMT
server
cloudflare
age
934
etag
W/"64e79f01-da4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
7fc61028bdb335df-FRA
expires
Fri, 25 Aug 2023 22:57:51 GMT
template.bundle.v24.min.js
static.qwary.com/resources/assets/v24/min-js/theme/
4 MB
4 MB
Script
General
Full URL
https://static.qwary.com/resources/assets/v24/min-js/theme/template.bundle.v24.min.js
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-18.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58bdb88b59bcf576e14ed2962a453a641bc53164a1a127892554e3637dd3ae6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.qwary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
JBG3NNXRmJondido_zyTcuVfjuDSMQDw
date
Fri, 25 Aug 2023 06:30:05 GMT
via
1.1 2abd42a5440238034539228ee64b9adc.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 14:07:46 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P4
age
44867
x-amz-server-side-encryption
AES256
etag
"fb5c8b71a6900ea755a4b46772a6d9ee"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4592008
x-amz-cf-id
rpcp2E96Wy-SemGdLJVIFc1y203EaqWJgZKLVK_cV6Faif0hTbFvGw==
pinotnoir.v24.css
static.qwary.com/resources/assets/v24/min-css/themes/
292 KB
293 KB
Stylesheet
General
Full URL
https://static.qwary.com/resources/assets/v24/min-css/themes/pinotnoir.v24.css
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-18.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caaeb6dd942aa8a3ce582384c8d54d679fd04f87c90c1159b210607e90ff6a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.qwary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
x-amz-version-id
jjHUryBaedr7zMdfkbj7OA5p6F1yF8pi
via
1.1 2abd42a5440238034539228ee64b9adc.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 14:05:47 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P4
etag
"9a2663e35f051b2c43b48a5047e6ac4b"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
298840
x-amz-cf-id
WhCnBL5NQn411mikiwMjrm2GMcOAKs9vm71QBwqXuE6o-fHI1bAfTA==
proxima-nova.css
survey.qwary.com/themes/styles/fonts/
7 KB
7 KB
Stylesheet
General
Full URL
https://survey.qwary.com/themes/styles/fonts/proxima-nova.css
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.31.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-31-171.compute-1.amazonaws.com
Software
/
Resource Hash
509cbe0f9c87d0b0d96d1faa4b38f268326e68da4337039f62bb8c61f84dddd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:51 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 29 Jul 2023 21:13:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/css
cache-control
max-age=3600
accept-ranges
bytes
content-length
6954
x-xss-protection
1; mode=block
1675368538454_MicrosoftTeams-image%20(15).png
s3.amazonaws.com/qwary/6001/images/
34 KB
34 KB
Image
General
Full URL
https://s3.amazonaws.com/qwary/6001/images/1675368538454_MicrosoftTeams-image%20(15).png
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.218.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cfec061d8a9eb70f970093228bd05d250604e2a982a60b0a866bee9855f3f895

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.qwary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 18:57:53 GMT
Last-Modified
Thu, 02 Feb 2023 20:08:59 GMT
Server
AmazonS3
x-amz-request-id
B7MAMMDKF7VSZ6BQ
ETag
"f1c32249fe0c788de9a398d79e074c89"
x-amz-server-side-encryption
AES256
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
34666
x-amz-id-2
WSGIQkLwGHaXyusaXCksb6v1gXKUD7d4DKrffTX1IsPI6fXRF7LdRbZsDhgNp/dK2YTMIu9M7hY=
0892e9a1-ed49-4aef-94c3-f6fbb2e151da
https://survey.qwary.com/
31 B
0
Other
General
Full URL
blob:https://survey.qwary.com/0892e9a1-ed49-4aef-94c3-f6fbb2e151da
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
me
geoip-js.com/geoip/v2.1/city/
1013 B
1 KB
XHR
General
Full URL
https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fsurvey.qwary.com
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:216e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed0a9ed062600cd557a926f0cd80829a5417bf99c7a583c1f25de8f196fdcaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey.qwary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/vnd.maxmind.com-city+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
7fc6102cac993667-FRA
content-length
1013
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/
33 KB
33 KB
Font
General
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/themes/styles/fonts/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
https://survey.qwary.com/
Origin
https://survey.qwary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/
32 KB
32 KB
Font
General
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/themes/styles/fonts/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
https://survey.qwary.com/
Origin
https://survey.qwary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/
34 KB
34 KB
Font
General
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/themes/styles/fonts/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629

Request headers

Referer
https://survey.qwary.com/
Origin
https://survey.qwary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
server
nginx
etag
"98ea2e3888e90196090ca6bc7ddc5345e1871a7a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34380
metadata
survey.qwary.com/link/collector/
2 KB
1 KB
XHR
General
Full URL
https://survey.qwary.com/link/collector/metadata
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.31.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-31-171.compute-1.amazonaws.com
Software
/
Resource Hash
233869d86e91c57cd806821a9ea63abd03f989f38b1bfe00e98dbcee91637305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://survey.qwary.com/form/S_wSzSPnasH9Wc_FT15X0J1BuEcPl5gI7n7rw1UTr4o=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 18:57:52 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=hpz1ony&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162&a=3638106&app=typekit&e=css
Requested by
Host: static.qwary.com
URL: https://static.qwary.com/resources/assets/v24/min-css/themes/pinotnoir.v24.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.qwary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
last-modified
Fri, 14 Jul 2023 12:44:32 GMT
server
nginx
etag
"64b14330-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/
32 KB
33 KB
Font
General
Full URL
https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/themes/styles/fonts/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6

Request headers

Referer
https://survey.qwary.com/
Origin
https://survey.qwary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
server
nginx
etag
"b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33188
fontawesome-webfont.woff2
static.qwary.com/themes/v1/common/less/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://static.qwary.com/themes/v1/common/less/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: static.qwary.com
URL: https://static.qwary.com/resources/assets/v24/min-css/themes/pinotnoir.v24.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-18.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://static.qwary.com/resources/assets/v24/min-css/themes/pinotnoir.v24.css
Origin
https://survey.qwary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 25 Aug 2023 11:05:37 GMT
via
1.1 e882d138875209e9bfd183c71dc12234.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P4
age
28336
x-cache
Hit from cloudfront
content-length
77160
last-modified
Fri, 31 Jul 2020 15:24:47 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
PUT, POST, DELETE, GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
aqiCJw1S8WN7jyYQJfQK4KBlUmmSRAo8IvN94BNiWnLTBCCycbwA4A==
l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/
32 KB
33 KB
Font
General
Full URL
https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/themes/styles/fonts/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fe6fb5fcffff95ae9cd94d7299821cb3b37547b7b08063bc8b5fe0e2988deba4

Request headers

Referer
https://survey.qwary.com/
Origin
https://survey.qwary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
server
nginx
etag
"7f43a43bb76581ed1a2cdc24f0d9704bfa1a6732"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33120
l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/
32 KB
32 KB
Font
General
Full URL
https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: survey.qwary.com
URL: https://survey.qwary.com/themes/styles/fonts/proxima-nova.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc

Request headers

Referer
https://survey.qwary.com/
Origin
https://survey.qwary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:57:52 GMT
server
nginx
etag
"474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32384

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| DD_LOGS object| geoip2 object| templateCache object| surveyCache object| multilingualMetaDataCache object| clientLogic boolean| evaluateLogicConditions object| responseSummaryCache object| deviceDetector object| responsesMap function| updateBrowserMetadata function| intializeGoogleAnalyticsForParentFrame function| persistBasicMetaData function| persistRequestMetadata function| populateBasicMetadata function| populateLanguageMetadata function| saveResponses function| completeResponse function| logEvents function| disqualityResponse function| completeResponseWithRedirect function| disqualityResponseWithRedirect function| updateSummaryMetadata function| createResponseObject function| populateClipboardReviewQuestion function| saveGridData function| saveListData function| saveSimpleData undefined| fallbackTimeout number| mobileBreakpointMaxWidth boolean| scrollBusy object| redirectOnComplitionURL object| jumpToPageNoOnCompletion object| lastVisitedPageId function| resetQuestionNo function| evaluateStickyHeader function| slideUpQuestionFixedHeader function| setEligibleFocus function| prepareNextQuestion function| highlightSelection function| highlightSectionNoAction function| evaluateButtonState function| hideDropdown function| fallbackBusyRemove function| evaluateNavigationState function| evaluateBrandingForCurrentSection function| toggleOverlay function| getInfiniteLoadingBar function| progressButton function| selectSpecialOption function| animatePopup function| resetAnimation function| placeCaretAtEnd function| placeCaretAtStart function| selectText function| updateQueryString function| removeQueryString function| getSelectValue function| showNotification function| createCircularProgressBar function| showCircularProgressBar function| getUriWithParam function| getActionSectionHeight function| triggerParentFrameNotifications function| isPreviewMode function| inIframe function| detectQueryString function| copyTextToClipboardEvent function| dataURItoBlob object| logger object| __video_metadata_thumbnails__ function| RecordRTC function| RecordRTCConfiguration function| GetRecorderType function| MRecordRTC string| browserFakeUserAgent undefined| lastTime boolean| isEdge boolean| isOpera boolean| isFirefox boolean| isChrome boolean| isSafari function| bytesToSize function| invokeSaveAsDialog function| isElectron function| getTracks function| setSrcObject function| getSeekableBlob function| isMediaRecorderCompatible function| MediaStreamRecorder function| StereoAudioRecorder function| CanvasRecorder function| WhammyRecorder object| Whammy object| DiskStorage function| GifRecorder function| MultiStreamsMixer function| MultiStreamRecorder function| RecordRTCPromisesHandler function| WebAssemblyRecorder function| applyAudioWorkaround function| applyVideoWorkaround function| applyScreenWorkaround object| awsConfigCache function| secondsToTime function| adjustMultichoiceListWidth function| evaluateSurveyHead object| validationsRegex object| validationMsgs function| hasClass function| addClass function| removeClass function| isUrlValid function| classReg function| toggleClass object| classie function| hasParent function| extend function| SelectFx undefined| highlightTimeout function| receiveMessage function| loadAndPlayVideo function| startVideoBackground function| initializeImageFiltersForQuestions function| initializeImageFiltersForPages function| initializeStickyFooterForPage function| intializeDeviceLabel function| findReplaceWindowsKeyboardShortcut function| findReplaceMacKeyboardShortcut function| getOS function| orderQuestionNo function| orderQuestionNoWithJumpLogic function| resizeThemeContainers function| resizeImageForPage function| isTouchDevice function| adjustQuestionHeightOld function| adjustQuestionHeight function| closeSkinOverlay function| openDropdownOverlay function| loadTranslatedSurvey function| updateStickyQuestionTitle function| populatePageData function| populateSurveyData function| populateQuestionData function| mediaImageLayoutCheck string| irsz_selector number| irsz_min_height number| irsz_min_width boolean| irsz_auto object| irsz_padding function| listHover function| closest function| prevClosest function| centerContent function| checkInView object| playing_sections boolean| userInteractionReceived boolean| playStarted object| $video_player function| playMediaBlock function| loadVideoForCurrentSection function| playVideoForCurrentSection function| playVideoOnInteractionAlreadyReceived function| createVideoPlayer function| convertMediaDurationInReadableFormat function| pauseHTML5Videos object| currentlyLoadedPrototype number| prototypeResponsiveBreakpoint boolean| hasPrototypeLayout function| evaluatePrototypeView string| prototype_container_html function| checkAndLoadPrototypeView function| cleanupPrototypeView function| responsivePrototypeView function| createPrototypeButton function| $ function| jQuery function| Sifter object| MicroPlugin function| Selectize object| Modernizr object| AWS object| vttjs function| WebVTT function| videojs object| adapter function| WaveSurfer object| VideojsWavesurfer object| regeneratorRuntime object| VideojsRecord function| Inputmask function| autosize object| Handlebars function| H object| device object| Cookies function| moment object| ProgressBar function| DialogFx number| j

4 Cookies

Domain/Path Name / Value
survey.qwary.com/ Name: JSESSIONID
Value: 3D5BA05083162AC872EF50A724812E4E
survey.qwary.com/ Name: _dd_s
Value: logs=1&id=5e37a6d3-779b-474d-8bfc-874bb250ef23&created=1692989871509&expire=1692990771509
survey.qwary.com/ Name: AWSALBTG
Value: j3giMAIGaReIiqur+6j912BAVigvXzCNg4vPedYzeYYZK56iXwwmagCiUw/I20aPxzeJ9TAiYVC4KnKR75PkeqQpSF2PALX6OW2GOTL8dSmgYdxvemDDY3jfSKlxx0n+Zx5p7/IXkR55ubGsocQcmyaUgTKo8AGH0/NIt9x8s6z25zJ3wdA=
survey.qwary.com/ Name: AWSALBTGCORS
Value: j3giMAIGaReIiqur+6j912BAVigvXzCNg4vPedYzeYYZK56iXwwmagCiUw/I20aPxzeJ9TAiYVC4KnKR75PkeqQpSF2PALX6OW2GOTL8dSmgYdxvemDDY3jfSKlxx0n+Zx5p7/IXkR55ubGsocQcmyaUgTKo8AGH0/NIt9x8s6z25zJ3wdA=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

geoip-js.com
js.maxmind.com
p.typekit.net
s3.amazonaws.com
static.qwary.com
survey.qwary.com
use.typekit.net
www.datadoghq-browser-agent.com
108.156.2.18
18.235.31.171
18.66.204.207
2606:4700:4400::6812:216e
2606:4700::6810:252f
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7ee1
52.216.218.216
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
233869d86e91c57cd806821a9ea63abd03f989f38b1bfe00e98dbcee91637305
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
509cbe0f9c87d0b0d96d1faa4b38f268326e68da4337039f62bb8c61f84dddd7
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
58bdb88b59bcf576e14ed2962a453a641bc53164a1a127892554e3637dd3ae6e
6ef43fd8aa0d64cceb10d6c478c94ef2e4049f165ac5edae88854cea85333230
762ba24a29626f52f510c37c490fd5ac85c07e614db6ae4eb377b69213954d96
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
aed0a9ed062600cd557a926f0cd80829a5417bf99c7a583c1f25de8f196fdcaf
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6
caaeb6dd942aa8a3ce582384c8d54d679fd04f87c90c1159b210607e90ff6a61
cfec061d8a9eb70f970093228bd05d250604e2a982a60b0a866bee9855f3f895
fe6fb5fcffff95ae9cd94d7299821cb3b37547b7b08063bc8b5fe0e2988deba4