urlscan.io logo urlscan.io
SecurityTrails logo

survey.sans.org Open in urlscan Pro
104.102.33.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.sans.org/?qs=9f241915c68df8fa30b098097bac434af6a1c61e65f18fbed6af529a6af52213ade04fdfa0fd205a224ef7304deb...
Effective URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Submission: On December 23 via api from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 104.102.33.95, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is survey.sans.org.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 9th 2024. Valid for: a year.
This is the only time survey.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 136.147.189.155 14340 (SALESFORCE)
1 1 45.60.31.34 19551 (INCAPSULA)
15 104.102.33.95 16625 (AKAMAI-AS)
2 172.217.18.4 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 3
1    136.147.189.155 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.email.sans.org
click.email.sans.org
1    45.60.31.34 (United States)

ASN19551 (INCAPSULA, US)
www.sans.org
15    104.102.33.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-33-95.deploy.static.akamaitechnologies.com
survey.sans.org
2    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
17 sans.org
click.email.sans.org — Cisco Umbrella Rank: 433722
www.sans.org — Cisco Umbrella Rank: 163415
survey.sans.org
947 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 gstatic.com
www.gstatic.com
218 KB
18 3
Domain Requested by
15 survey.sans.org survey.sans.org
2 www.google.com survey.sans.org
www.gstatic.com
1 www.gstatic.com www.google.com
1 www.sans.org 1 redirects
1 click.email.sans.org 1 redirects
18 5

This site contains links to these domains. Also see Links.

Domain
www.qualtrics.com
policies.google.com
Subject Issuer Validity Valid
akamaisecure.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-09 -
2025-04-25		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Frame ID: 4F9FC7C782111EEC57DC832F847AB92E
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC&co=aHR0cHM6Ly9zdXJ2ZXkuc2Fucy5vcmc6NDQz&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=bdbgs1aojrp8
Frame ID: FDE2516DDFCD9568DB14EA6E7C757E98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2024 SANS ICS/OT Cybersecurity Survey

Page URL History Show full URLs

  1. https://click.email.sans.org/?qs=9f241915c68df8fa30b098097bac434af6a1c61e65f18fbed6af529a6af52213ade04fdf... HTTP 302
    https://www.sans.org/info/231080?is=3d44c04a78dedd819b4246d3919905c9409e1693a8ebfe42e634edae7e2c018b HTTP 301
    https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns

Page Statistics

18
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

1165 kB
Transfer

2039 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.sans.org/?qs=9f241915c68df8fa30b098097bac434af6a1c61e65f18fbed6af529a6af52213ade04fdfa0fd205a224ef7304deb80e349015a7ec08cbcb33775065fd8e2fd1f HTTP 302
    https://www.sans.org/info/231080?is=3d44c04a78dedd819b4246d3919905c9409e1693a8ebfe42e634edae7e2c018b HTTP 301
    https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SV_3UzXzYoHOOtKYKO
survey.sans.org/jfe/form/
Redirect Chain
  • https://click.email.sans.org/?qs=9f241915c68df8fa30b098097bac434af6a1c61e65f18fbed6af529a6af52213ade04fdfa0fd205a224ef7304deb80e349015a7ec08cbcb33775065fd8e2fd1f
  • https://www.sans.org/info/231080?is=3d44c04a78dedd819b4246d3919905c9409e1693a8ebfe42e634edae7e2c018b
  • https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
023d85e5edbd6f893e97a1a7a31e37e765e6c1a73db5e89965b4ca115e1ff5fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
11329
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 08:14:27 GMT
expires
0
permissions-policy
geolocation=*
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31382e302e32
x-request-id
cac0175d-cd95-4e32-ba5a-a223f866e62c
x-spoke-id
jfe2
x-transaction-id
387f9132-a2ff-4f1e-b772-79df00d9c74e
x-ua-compatible
IE=edge

Redirect headers

content-length
0
content-type
text/html; charset=ISO-8859-1
date
Mon, 23 Dec 2024 08:14:27 GMT
expect-ct
max-age=86400, enforce
location
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31556926; includeSubdomains
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
4-11326985-11326987 NNNN CT(6 16 0) RT(1734941667050 91) q(0 0 0 0) r(1 1) U11
x-sc-fargate-level
live
x-xss-protection
1; mode=block
jfeLib.de1fb02f4d77cd0779eb.min.js
survey.sans.org/jfe/static/dist/ 		220 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/jfeLib.de1fb02f4d77cd0779eb.min.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce1268587aa13c2c6ff851aced6a3140e6bef2f4bab8d7cd597f0073619e2843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://survey.sans.org
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=27634321
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665382d3137322e31372e302e32
content-length
72170
date
Mon, 23 Dec 2024 08:14:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-spoke-id
jfe8
jfe.3b0e1c670f98bf650d96.min.js
survey.sans.org/jfe/static/dist/ 		419 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/jfe.3b0e1c670f98bf650d96.min.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
72379a9d6838d4082cebf9b0981fa377561a3131dc5dafb7796278291a51c453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://survey.sans.org
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=30465959
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31372e302e32
content-length
119479
date
Mon, 23 Dec 2024 08:14:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-spoke-id
jfe2
stylesheet.css
survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/ 		227 KB
228 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f92f46df4742f68d77ea63a6e22e6f563185db07005116f557f800ce60069675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

x-amz-id-2
1MTbTEFpD0hDW/a1ZQB3zRwOFY8S0WSa1Gd19GQJlCGN74icKFglNr2qobiGH4qsV7MLxBZJ+xc=
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=123774
etag
"05aefc1be22ed927128d0138b8ae9c4d"
x-amz-version-id
ptrqnJX.1oIEN282e86NVfWXgfDDG4Xc
x-amz-request-id
9GM4FEH2Q15VVSBV
accept-ranges
bytes
content-length
232542
date
Mon, 23 Dec 2024 08:14:27 GMT
last-modified
Wed, 30 Oct 2024 19:17:42 GMT
content-type
text/css
server
AmazonS3
x-amz-server-side-encryption
AES256
recaptchav3.f496694e9040a05e8aa9.min.js
survey.sans.org/jfe/static/dist/c/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/recaptchav3.f496694e9040a05e8aa9.min.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fdbdadd9be3fa172a3951e8f12b3bcec2d9de82ec19deb4f98497da14b9144a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=27607864
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665382d3137322e31372e302e32
content-length
5752
date
Mon, 23 Dec 2024 08:14:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-spoke-id
jfe8
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?onload=onLoadRecaptchaV3&render=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/static/dist/jfeLib.de1fb02f4d77cd0779eb.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
ESF /
Resource Hash
ed747ce108250b4a5f30df0d53d1020ee4f9c75a3d3ba219fefb99f992ae4b3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 08:14:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 23 Dec 2024 08:14:28 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=onLoadRecaptchaV3&render=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://survey.sans.org
Referer
https://survey.sans.org/

Response headers

content-encoding
gzip
age
520105
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 07:46:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 07:46:03 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222469
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/enterprise/ Frame FDE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC&co=aHR0cHM6Ly9zdXJ2ZXkuc2Fucy5vcmc6NDQz&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=bdbgs1aojrp8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3bH0Ahl3ri7h6SvugCkm9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://survey.sans.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3bH0Ahl3ri7h6SvugCkm9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 08:14:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
mp.5da03980e14a3a4845e7.min.js
survey.sans.org/jfe/static/dist/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/mp.5da03980e14a3a4845e7.min.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
763dccfda30903777acc92ee5314579e0bd9719bda6bdc9fbb047016902bcb7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=27591040
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31372e302e32
content-length
1745
date
Mon, 23 Dec 2024 08:14:28 GMT
content-type
application/javascript
vary
Accept-Encoding
x-spoke-id
jfe2
favicon.ico
survey.sans.org/brand-management/brand-assets/sans/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/brand-management/brand-assets/sans/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65e99ee3b805f7b1c8b08159161e3ad53960640a2c3f952d282af4900d1ae572
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-transaction-id
32c617d7-9421-4d16-89e0-92348da86abc
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
expires
Mon, 23 Dec 2024 08:14:28 GMT
x-content-type-options
nosniff
date
Mon, 23 Dec 2024 08:14:28 GMT
content-type
image/vnd.microsoft.icon
getRecaptchaV3Score
survey.sans.org/jfe2/external/ 		126 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe2/external/getRecaptchaV3Score
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/static/dist/jfe.3b0e1c670f98bf650d96.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0e5f87af1244527bb462fb01acbc17f2be31a83f0c3ca9331fa607b16e7ba6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-request-id
3027a6eb-eb45-4147-9b3e-aea840a1c93d
x-transaction-id
a5b5d5dd-2491-4be1-93de-b8e251ea49cc
etag
W/"7e-PfCxMi7zi12TpItjTm1W3U96wN8"
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31382e302e33
content-length
126
date
Mon, 23 Dec 2024 08:14:28 GMT
content-type
application/json; charset=utf-8
x-spoke-id
jfe2
jsApi.8c8dd06a862b12e2d92e.min.js
survey.sans.org/jfe/static/dist/c/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/jsApi.8c8dd06a862b12e2d92e.min.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e00a577d2b107191b749b57dfa29e7b37d97b9e4630538337c512d84255664f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=29254061
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31372e302e32
content-length
3645
date
Mon, 23 Dec 2024 08:14:29 GMT
content-type
application/javascript
vary
Accept-Encoding
x-spoke-id
jfe2
Graphic.php
survey.sans.org/CP/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.sans.org/CP/Graphic.php?IM=IM_8ksxYBVv5qwpxiJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6731237167151166bed6ac0e7eb85255c233f303e4694f366e266d1554b46ff7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

x-robots-tag
noindex
x-request-id
2041e288-eaf9-4eaf-b681-9fe09048a3d6
x-transaction-id
3ab8a874-5bc2-48bc-a87c-74a07bff21bc
etag
"8bd9b97870e0da1569e3408c8daf31c4"
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 08:15:20 GMT
date
Mon, 23 Dec 2024 08:14:29 GMT
content-disposition
inline; filename=Sans+logos+cornerband+wbg+rgb
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=51
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
content-length
7667
poppinsbold.ttf
survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/ 		148 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/poppinsbold.ttf
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a3f6b29a07d1155be048a0b86f8428a94bda47f4dd6b579e5b49f2bf3e8de601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://survey.sans.org
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css

Response headers

access-control-max-age
3000
etag
"12413cac332af030dc15202842de8afb"
x-amz-version-id
_vvdVFeM4DezdCjD22BHb59Yxn3U7ntU
access-control-allow-methods
GET, HEAD
date
Mon, 23 Dec 2024 08:14:29 GMT
last-modified
Tue, 26 Mar 2024 18:33:50 GMT
content-type
application/octet-stream
x-amz-id-2
MyZQuw+A8TGxhsE4vGWYMSnraEwnnlG4IiO28QXCA6YOeie/O6MHOhG49KGBB/oLARrlWvKwL0E=
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public,max-age=2592000
x-amz-request-id
8ZDTCEZNPR38VHPG
accept-ranges
bytes
access-control-allow-origin
*
content-length
151752
server
AmazonS3
x-amz-server-side-encryption
AES256
poppinslight.ttf
survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/ 		152 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/poppinslight.ttf
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bd289695af1c1055dbb65d8043e59f658b4f66be770410a1cc4a1c1714008618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://survey.sans.org
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css

Response headers

access-control-max-age
3000
etag
"32b18121a85a090c974baa27eaa801fb"
x-amz-version-id
boSTVjvRPrjnJvVfgbM_QuB_MZYz2B8v
access-control-allow-methods
GET, HEAD
date
Mon, 23 Dec 2024 08:14:29 GMT
last-modified
Tue, 26 Mar 2024 18:33:50 GMT
content-type
application/octet-stream
x-amz-id-2
xk5ToJLe1qF54oZTdWkvd52C0P7qTbiyB5QGCaaVUtjBNsbH69eKkv4rIKneshDdnheR1cEBoF0=
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public,max-age=2592000
x-amz-request-id
8ZDTYACX074MMM8G
accept-ranges
bytes
access-control-allow-origin
*
content-length
156104
server
AmazonS3
x-amz-server-side-encryption
AES256
poppinsmedium.ttf
survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/poppinsmedium.ttf
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e47fa644e37cc516f7c22208df798f28efdd0ac3e118cbd6323a434186db68c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://survey.sans.org
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css

Response headers

access-control-max-age
3000
etag
"c7b158e33a04cfacdc79a1dd1a48dbdd"
x-amz-version-id
GZzzh1PmriuCMdg77AGqChlwcMxubFsM
access-control-allow-methods
GET, HEAD
date
Mon, 23 Dec 2024 08:14:29 GMT
last-modified
Tue, 26 Mar 2024 18:33:51 GMT
content-type
application/octet-stream
x-amz-id-2
HXVNLixAi+dOSTHFAMvHo6V+s+K6CgPnoYDTBRExnW/sUgMe/4NVOONNuiMeQFXnhTIp5N5pLSc=
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public,max-age=2592000
x-amz-request-id
8ZDRSRVXWPJPRCXT
accept-ranges
bytes
access-control-allow-origin
*
content-length
155248
server
AmazonS3
x-amz-server-side-encryption
AES256
external-link-icon.woff
survey.sans.org/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/ 		1004 B
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/external-link-icon.woff
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c5550d7f8cc83561c801d3cdc4bb3c1784672cf0413ea79b5b32e890b1558c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://survey.sans.org
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1730315859499-2774e0/stylesheet.css

Response headers

x-amz-id-2
/906OecepFbi3ofwLUDzYWzZl7WQS3KdufwQYuM/w5f72cYuF/0lzRPEtlOAyxkzLFaW+h7LEgU=
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
etag
"90cf29ab19dc601f2e5a9f9b3c4898fb"
x-amz-version-id
ZpnDL4pi_9gIwlH6CeppBW_zdJUG8hzv
x-amz-request-id
J9MC1WYCP867X86W
accept-ranges
bytes
content-length
1004
date
Mon, 23 Dec 2024 08:14:29 GMT
last-modified
Wed, 15 Mar 2023 16:56:07 GMT
content-type
font/woff
server
AmazonS3
x-amz-server-side-encryption
AES256
prototype.2cc9acb19bf1cf785b7a.min.js
survey.sans.org/jfe/static/dist/c/ 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/prototype.2cc9acb19bf1cf785b7a.min.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-33-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac10e14f3f3d460da0929d8e6f6088cfc997e07a8b84e46c99a0fa3330cddbc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://survey.sans.org/jfe/form/SV_3UzXzYoHOOtKYKO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=28095937
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31372e302e32
content-length
28202
date
Mon, 23 Dec 2024 08:14:29 GMT
content-type
application/javascript
vary
Accept-Encoding
x-spoke-id
jfe2

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| QSettings object| webpackChunkjavascriptformengine object| ErrorWatcher function| jQuery object| jQuery112401959246294974264 function| onLoadCaptcha object| experimental object| Page function| onLoadRecaptchaV3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_894813 function| QBuilder object| Qualtrics object| QualtricsSETools function| $ function| $$ function| Sizzle function| Selector object| Prototype object| Ajax function| $F object| Abstract object| Form function| $A function| $H function| $R function| $w object| Class object| Enumerable function| Hash function| ObjectRange function| PeriodicalExecuter function| Template object| Try

5 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJNbFneG90eGWTLsvrsXACHUXB8MriKKMz9NLdwQSy1VTESUk3rr5pkaFzd6Fvlh4vA-EwhrTV_FxipD4h9-7eM
.sans.org/ Name: visid_incap_1329355
Value: 4z1+R1ecTWG2DXKjBWtxmOMbaWcAAAAAQUIPAAAAAAAR3gt/3YrUedG6oKK2iH0X
.sans.org/ Name: nlbi_1329355
Value: J19KXWqJJFEJXsis3VpInQAAAAD1Yd9xIk5ij9wlb/dqlHou
.sans.org/ Name: incap_ses_1316_1329355
Value: o21yH9V+L2lC61xEQV9DEuMbaWcAAAAAhtG2+9B4cK2BQokYr2B3Yw==
.sans.org/ Name: ak_bmsc
Value: 1B575959E052B61FC092F1AB25E51213~000000000000000000000000000000~YAAQi/AQAjHbl7+TAQAAevGU8hpYI9otSybeqks+c65fe5gg3/yiu6uaw6ZyqxSGOAejE474Hp9PhbA+Mrozl0b9dRIc85Kjiqdfd2HRhQP8THwSwVVle4xhlj2MB4G6bTb7aLnN41py+UjR35tpfD/gNn3J4WUXLmlXsY8wwyJFCRZ58txZJjk2+hsgaOAc7ZJl1TSQqoF/ACtnH+1cd+CjLSYhNM1fmOHp09R0/D+7+NcsqFhcN+9mSrpTwNNNpxk34FN8rIwwvnnS/92lkGLkau7ithxVcNRINvh69GH3MfMS5gMd6tEiWBRGqRtyYTI2VdBup9BB3t08YoY7265tp+SjT4Y2YPzJgn3nkkayD7BK3UpmjcVx1RMsxr6wD7mEVV2898c=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff