surveys.bwgstrategy.com Open in urlscan Pro
23.54.30.105  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request SV_8G16gbVXS5fBw7c Show response surveys.bwgstrategy.com/jfe/form/	24 KB 11 KB	1349ms 838ms	Document text/html	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash 6dd1a2d9854ebbed994c2bcce4b21c4e2424954f03f258db316fa40c4763011a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip content-length 9901 content-type text/html; charset=utf-8 date Wed, 02 Oct 2024 22:21:24 GMT expires 0 permissions-policy geolocation=* pragma no-cache referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 x-request-id f44ee448-8970-495b-bea2-2d16d5ab5acc x-spoke-id jfe4 x-transaction-id 5dc55089-12af-4754-930b-bbe49f5dc2bb x-ua-compatible IE=edge
GET H2	200	vendor.49df5f5569dd5bf83c6b.js Show response surveys.bwgstrategy.com/jfe/static/dist/	279 KB 88 KB	58ms 56ms	Script application/javascript	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/static/dist/vendor.49df5f5569dd5bf83c6b.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash 968dc771805b8ef56fb6e8b708edc5ffec50106e55ba7ce01b295510febbc164 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://surveys.bwgstrategy.com Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=30235254 content-encoding gzip x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 89849 date Wed, 02 Oct 2024 22:21:25 GMT content-type application/javascript vary Accept-Encoding x-spoke-id jfe4
GET H2	200	jfe.5c2e0fdba77f6bb72461.js Show response surveys.bwgstrategy.com/jfe/static/dist/	552 KB 158 KB	61ms 60ms	Script application/javascript	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/static/dist/jfe.5c2e0fdba77f6bb72461.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash 369ea983bd4a7aa1ea1a9ec6ed28fbc669e4cdc1970bfc4169d27461ce803160 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://surveys.bwgstrategy.com Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=30235347 content-encoding gzip x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 161676 date Wed, 02 Oct 2024 22:21:25 GMT content-type application/javascript vary Accept-Encoding x-spoke-id jfe4
GET H2	200	stylesheet.css surveys.bwgstrategy.com/jfe/themes/templated-skins/qualtrics.2014:bwgstrategy.9469241013:null/version-1711656473922-4882f8/	194 KB 194 KB	702ms 701ms	Stylesheet text/css	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/themes/templated-skins/qualtrics.2014:bwgstrategy.9469241013:null/version-1711656473922-4882f8/stylesheet.css Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 43f6bc40f2c20c14284b2f434f8b5f9e0a7c1464ec72780d7b816530f9812946 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers x-amz-id-2 0+Uq3ZYrVQ3voAwB9HHRg9aCX9gnMBr0KC2BCzKzk0m/xOP0pmf0/72KLD9DdL3xpgFmGeBlb4Y= strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-replication-status COMPLETED cache-control public, max-age=2592000 etag "6ef15ba08d09e2769d5b084e2316e3e0" x-amz-version-id vEGIoSIoTFKxR8cf68k.4wI2eRfh4F3I x-amz-request-id 8V7ZG3JTMFXHQJVE accept-ranges bytes content-length 198279 date Wed, 02 Oct 2024 22:21:25 GMT last-modified Thu, 28 Mar 2024 20:07:55 GMT content-type text/css server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	recaptchav3.c26f1e103f2d9ba45a3b.js Show response surveys.bwgstrategy.com/jfe/static/dist/c/	15 KB 6 KB	25ms 25ms	Script application/javascript	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/static/dist/c/recaptchav3.c26f1e103f2d9ba45a3b.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash 52c40ad648dac988e1f40e9050a3c03a3a7b35c34d1b7e9c3f38c3777d064cbf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=30236832 content-encoding gzip x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 5918 date Wed, 02 Oct 2024 22:21:26 GMT content-type application/javascript vary Accept-Encoding x-spoke-id jfe4
GET H3	200	enterprise.js Show response www.google.com/recaptcha/	2 KB 1 KB	204ms 104ms	Script text/javascript	142.250.71.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?onload=onLoadRecaptchaV3&render=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/static/dist/vendor.49df5f5569dd5bf83c6b.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s17-in-f4.1e100.net Software ESF / Resource Hash 8db4ff2712cad90be53d70f19a2d7307cb6c7e81543f3f83390598b17e9abec7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Wed, 02 Oct 2024 22:21:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Wed, 02 Oct 2024 22:21:26 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/	539 KB 213 KB	106ms 2ms	Script text/javascript	142.250.204.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?onload=onLoadRecaptchaV3&render=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.204.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f3.1e100.net Software sffe / Resource Hash b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://surveys.bwgstrategy.com Referer https://surveys.bwgstrategy.com/ Response headers content-encoding gzip age 129232 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 10:27:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 10:27:34 GMT last-modified Mon, 23 Sep 2024 04:00:50 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 218137 x-xss-protection 0 server sffe
GET H3	200	anchor www.google.com/recaptcha/enterprise/ Frame 931F	0 0	227ms 129ms	Document text/html	142.250.71.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC&co=aHR0cHM6Ly9zdXJ2ZXlzLmJ3Z3N0cmF0ZWd5LmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=i0zriul1bqv5 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s17-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-lhg8V8Bj55jfOKZYrCm4iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://surveys.bwgstrategy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-lhg8V8Bj55jfOKZYrCm4iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Wed, 02 Oct 2024 22:21:26 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	mp.049e6bc91f31f409116f.js Show response surveys.bwgstrategy.com/jfe/static/dist/c/	5 KB 2 KB	26ms 26ms	Script application/javascript	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/static/dist/c/mp.049e6bc91f31f409116f.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash c673146341378e640a73102f7446ffcdec19901b351bdb75a50311bb7ff06d19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=30234967 content-encoding gzip x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 1686 date Wed, 02 Oct 2024 22:21:27 GMT content-type application/javascript vary Accept-Encoding x-spoke-id jfe4
GET H2	200	Graphic.php bwgstrategy.az1.qualtrics.com/CP/	6 KB 6 KB	521ms 494ms	Other image/png	104.80.232.169 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://bwgstrategy.az1.qualtrics.com/CP/Graphic.php?IM=IM_d0RJevNl1mqq7Sm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.80.232.169 Sydney, Australia, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-80-232-169.deploy.static.akamaitechnologies.com Software / Resource Hash 0deedd10b065fbd0f24bdd06da39e1c54fdff2f61f769683f9672ac6327b1fea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/ Response headers x-robots-tag noindex x-request-id 73401aae-875b-42d9-9164-d98080cab0b3 x-transaction-id 71f8eee8-360d-4335-8e21-76bbdb08787f etag "94fa2d0646dff5bbc2c45e09bd702541" x-content-type-options nosniff expires Wed, 02 Oct 2024 22:22:18 GMT date Wed, 02 Oct 2024 22:21:27 GMT content-disposition inline; filename=Bwg+logo+july+2019+just+blue+thing+ content-type image/png strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=51 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report referrer-policy strict-origin-when-cross-origin permissions-policy camera=(), geolocation=(), microphone=() access-control-allow-origin * content-length 6036
POST H2	200	getRecaptchaV3Score Show response surveys.bwgstrategy.com/jfe4/external/	126 B 493 B	262ms 260ms	XHR application/json	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe4/external/getRecaptchaV3Score Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/static/dist/jfe.5c2e0fdba77f6bb72461.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash ef87da9cdb3211ae2013ce8d06795b1a95c4042b804f4b78f544253a0757bac8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains; preload x-request-id 28fde211-0cd8-4800-ac3f-1580954eac7d x-transaction-id 93868395-0986-41f5-9f66-3dab8d0e7954 etag W/"7e-18xz3wjfMwsWqykTvxAer4hd08A" x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 126 date Wed, 02 Oct 2024 22:21:28 GMT content-type application/json; charset=utf-8 x-spoke-id jfe4
GET H2	200	jsApi.d59ce37612b051a4411f.js Show response surveys.bwgstrategy.com/jfe/static/dist/c/	14 KB 4 KB	31ms 31ms	Script application/javascript	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/static/dist/c/jsApi.d59ce37612b051a4411f.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash e013195f09a67caa62640dcc902b04d3f53b65a6d4f4a1e553e511fb804762d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=30236811 content-encoding gzip x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 4019 date Wed, 02 Oct 2024 22:21:28 GMT content-type application/javascript vary Accept-Encoding x-spoke-id jfe4
GET H2	200	external-link-icon.woff surveys.bwgstrategy.com/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/	1004 B 1 KB	78ms 78ms	Font font/woff	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/external-link-icon.woff Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/themes/templated-skins/qualtrics.2014:bwgstrategy.9469241013:null/version-1711656473922-4882f8/stylesheet.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c5550d7f8cc83561c801d3cdc4bb3c1784672cf0413ea79b5b32e890b1558c38 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://surveys.bwgstrategy.com Referer https://surveys.bwgstrategy.com/jfe/themes/templated-skins/qualtrics.2014:bwgstrategy.9469241013:null/version-1711656473922-4882f8/stylesheet.css Response headers access-control-max-age 3000 etag "90cf29ab19dc601f2e5a9f9b3c4898fb" x-amz-version-id ZpnDL4pi_9gIwlH6CeppBW_zdJUG8hzv access-control-allow-methods GET, HEAD date Wed, 02 Oct 2024 22:21:28 GMT last-modified Wed, 15 Mar 2023 16:56:07 GMT content-type font/woff x-amz-id-2 St9V5C/+uTvcDbZGcGtftr1/rk3FCpdq8naNwH5ihR40Ca2Z+4Vf64k5fze3GaQAs+BVrG3TrYE= strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-replication-status COMPLETED x-amz-request-id WBHB14ED2097NR9J accept-ranges bytes access-control-allow-origin * content-length 1004 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	prototype.1e037332c191ea2c06e7.js Show response surveys.bwgstrategy.com/jfe/static/dist/c/	91 KB 28 KB	35ms 35ms	Script application/javascript	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/static/dist/c/prototype.1e037332c191ea2c06e7.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash b8244a302aeaa1844ea7267924343499b7d31d92f8467ab78cc66a258b15d818 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=30235306 content-encoding gzip x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 28721 date Wed, 02 Oct 2024 22:21:28 GMT content-type application/javascript vary Accept-Encoding x-spoke-id jfe4
GET H2	200	relevantid.c9737458ea361ae77d67.js Show response surveys.bwgstrategy.com/jfe/static/dist/c/	1 MB 116 KB	29ms 29ms	Script application/javascript	23.54.30.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://surveys.bwgstrategy.com/jfe/static/dist/c/relevantid.c9737458ea361ae77d67.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.54.30.105 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-54-30-105.deploy.static.akamaitechnologies.com Software / Resource Hash adfa98f4e7b1b6c503f30ce1739805795f26d70f080fe2a58ff27237f2843ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=30237172 content-encoding gzip x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin permissions-policy geolocation=* x-host-id 70726f642e73706f6b652e6a6665342d3137322e31372e302e32 content-length 118073 date Wed, 02 Oct 2024 22:21:28 GMT content-type application/javascript vary Accept-Encoding x-spoke-id jfe4
GET H2	200	RelevantID4.js Show response d3op16id4dloxg.cloudfront.net/	171 KB 172 KB	19ms 3ms	Script application/javascript	108.158.32.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3op16id4dloxg.cloudfront.net/RelevantID4.js Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/static/dist/vendor.49df5f5569dd5bf83c6b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.158.32.2 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-158-32-2.syd3.r.cloudfront.net Software AmazonS3 / Resource Hash e1e1f0f5c1a82d304cd5522f69f8116c4834c8328a038b5b4bd3f7f9f7200b00 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://surveys.bwgstrategy.com/ Response headers etag "ae9fad22778b2dd97b39bf91b2e1077e" age 58338 via 1.1 e5b020a801bdf1ad3db7e2da019dad6c.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 175376 x-amz-cf-id DfNWnAvILREwtqaNnDYfdu2gRkOdWYS543JZTVAGRNhALxfqiGi_ow== date Wed, 02 Oct 2024 06:09:10 GMT content-type application/javascript last-modified Tue, 10 Sep 2024 21:07:28 GMT server AmazonS3 x-amz-cf-pop SYD3-P2 x-amz-server-side-encryption AES256
OPTIONS H2	204	dedupe rvid.imperium.com/ Frame	0 0	888ms 206ms	Preflight	18.234.8.110 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rvid.imperium.com/dedupe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.234.8.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-234-8-110.compute-1.amazonaws.com Software Kestrel / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-clientid Access-Control-Request-Method POST Origin https://surveys.bwgstrategy.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,x-clientid access-control-allow-methods POST access-control-allow-origin * date Wed, 02 Oct 2024 22:21:29 GMT server Kestrel
POST H2	200	dedupe Show response rvid.imperium.com/	2 KB 2 KB	228ms 227ms	XHR application/json	18.234.8.110 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rvid.imperium.com/dedupe Requested by Host: surveys.bwgstrategy.com URL: https://surveys.bwgstrategy.com/jfe/static/dist/jfe.5c2e0fdba77f6bb72461.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.234.8.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-234-8-110.compute-1.amazonaws.com Software Kestrel / Resource Hash a5d89ea6b4b373732cf10d3a91e6d45f10869c870befc3543ee8c9cbce907836 Request headers Referer https://surveys.bwgstrategy.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 X-ClientID 55D9DEAB-E7E6-4376-A753-90C8E16BA2F5 Content-Type application/json Response headers access-control-allow-origin * content-length 2066 date Wed, 02 Oct 2024 22:21:29 GMT content-type application/json; charset=utf-8 server Kestrel

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| QSettings function| webpackJsonp function| jQuery object| ErrorWatcher object| __core-js_shared__ object| jQuery1124015089654900910188 function| onLoadCaptcha object| experimental object| Page function| onLoadRecaptchaV3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_436545 function| QBuilder object| Qualtrics object| QualtricsSETools function| $ function| $$ function| Sizzle function| Selector object| Prototype object| Ajax function| $F object| Abstract object| Form function| $A function| $H function| $R function| $w object| Class object| Enumerable function| Hash function| ObjectRange function| PeriodicalExecuter function| Template object| Try function| RVIDResponseComplete function| a0_0x1c0621 function| a0_0x18ac function| a0_0x1b73 object| RVIDPrivacy string| _RVIDCaptureString object| _extraDataPoints string| _version object| captureObject string| __xe1913148__ object| PluginDetect string| userAgent boolean| isLinux boolean| isChrome number| counter object| body1 number| jsver object| BrowserDetect string| propertyString1 object| RVIDFlash string| hasRIF function| sha256 string| imperiumOriginalSurvey string| imperiumOriginalCookie function| sendLogMessageAsync function| createRVIDXMLHttpRequest function| setHoPoDetection function| tochar function| rvidPing function| setRVIDDataReadyAndSubmitForm function| callRVIDNow function| addValue function| addCapValue function| getOS function| checkIframes function| getSilverlightVersion function| getSilverlightMajorVersion function| detectSilverlight function| detectDirector function| getDirectorVersion function| getWindowsMediaVersion function| detectWindowsMedia function| isFlip4MacInstalled function| Flip4MacVersion function| getFlashInfo function| canDetectNavigatorPlugins function| detectPlugin function| getAllPlugins function| createScriptTag function| getJavascriptVersion function| BrowserInfo function| Get_Cookie function| Set_Cookie function| GetFontSize function| getTimeZoneDiff function| getJavaScriptBuild function| getBrowserBuild function| getNetMeetingBuild function| getServicePack function| getUserLanguage function| getSystemLanguage function| detectGecko function| getGeckoBuildDateToInt function| getConnectionType function| supportsDHTML function| supportsXMLHttpRequest function| supportsXML function| getAolVersion function| isEmailCrawler function| canUploadFile function| persistentCookies function| sessionCookies function| ExpireCookie_ function| addToCapture function| getBrowserTime function| getBrowserTimeMS function| getJavaEnabled function| getDataPoints function| rvidFreezeSetProp function| AddScriptTag function| checkTime function| checkTimeTime function| getDateTime function| createDiv function| createSol function| writeRIF function| setRIF1 function| setRIF2 function| getRIF1 function| readRIF function| rifStatusCheck function| createField function| createRVIDField function| createOutputFields function| getScore function| IsPageTranslated function| executeService function| isPropStringValid function| LogWarningForAnyMissingRequestPars function| LogWarningForMissingRequestPar function| getFunctionHash function| ImperiumXhrPost function| ImperiumGetValue function| isSSLv3MigratedClient function| getCNprintLegacyHash function| getCNprintLegacy function| getCNprintHash function| getWebGLRenderer function| getWebGLDataHash function| Get_CookieRIF3 function| Set_CookieRIF3 function| Expire_CookieRIF3 function| setRIF3 function| getRIF3 function| isMobile function| isMobile1 function| inIframe function| featDetectBrowser function| _pluginContains function| checkForAutomatedBrowserProps function| notificationPermissions function| isNotificationPermissionsOverridden function| keyboardLayoutMapSize function| mediaDevicesConstraintsCount function| _supportsBluetooth function| storageManagerDetails function| _userAgentClientHints function| _accelDetect function| _gyroDetect function| getAudioSampleRate function| mediaDeviceGroups function| _detectPrivacyMode function| getAllMimeTypes function| rvidDevToolsOpen object| relevantID object| jstz number| RVIDTrack string| RVIDClientID object| C object| ZZZ object| MobileOSArray object| MobileType object| isThisMobile object| browserobject number| pluginsArrayCounter number| namesCounter object| ma number| RVIDReady object| start1 object| start2 object| start4

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 04:17:39	Name: _GRECAPTCHA Value: 09AGteOyplMdB_l0b9iV0R3wk-aa-BUCEzGrXtILT8i84i2yDD0e4hIVzn1dWXtTjbQg1om59Uun4dxfVnaDfbAsM
			surveys.bwgstrategy.com/jfe/form	1970-01-21 08:44:03	Name: RVIDExtId Value: DA35DB57-4140-460A-9443-C400FD11DB9B
			.bwgstrategy.com/	1970-01-20 23:58:34	Name: ak_bmsc Value: 3C1CCCDE80A7D7ACC4F61247812CE6C2~000000000000000000000000000000~YAAQZR42F8+JsT+SAQAAU+JSTxkS5gMJY8dtPl4XEt94lsT94LK2uhglt4aMP1AbD/Ob3xIJcVq/RiPGGAMSVa0whmjhnjH27RMBXnSQiJKSJFvhfnjo+76jTkrpV8Hg+wU0Rck+iZ/aBYJxZNpk5UnbnkVAPpLgr2hvX+ap3+lo2cylIFKL37HcJkmtDvlhoQqUJaFgEvHCQsQUUusE5PwPF7GOh3gOqBiWk3uWwjGW85B7D7gZlJqUt3IMyI+DAavZv7VX4arbshYSKrM4XM5GGuMcpb1epj9RK/GpbNb2ucuoGDNQvr9o3X3wxEusxARxhgBQORzCDU1B3vTvwt+P1wJPdKKvdPc34xM6E/9CspwR7/02jgC4PRjaDYUxHWf1RInHAt1Z3GQR3FDpbQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://surveys.bwgstrategy.com/jfe/form/SV_8G16gbVXS5fBw7c?Q_DL=98bXSGQYu4oTuFR_8G16gbVXS5fBw7c_CGC_LwmLQsceosaYcj0&Q_CHL=email Message: [.WebGL-0xdc4015fa200]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels (this message will no longer repeat)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bwgstrategy.az1.qualtrics.com
d3op16id4dloxg.cloudfront.net
rvid.imperium.com
surveys.bwgstrategy.com
www.google.com
www.gstatic.com
104.80.232.169
108.158.32.2
142.250.204.3
142.250.71.68
18.234.8.110
23.54.30.105
0deedd10b065fbd0f24bdd06da39e1c54fdff2f61f769683f9672ac6327b1fea
369ea983bd4a7aa1ea1a9ec6ed28fbc669e4cdc1970bfc4169d27461ce803160
43f6bc40f2c20c14284b2f434f8b5f9e0a7c1464ec72780d7b816530f9812946
52c40ad648dac988e1f40e9050a3c03a3a7b35c34d1b7e9c3f38c3777d064cbf
6dd1a2d9854ebbed994c2bcce4b21c4e2424954f03f258db316fa40c4763011a
8db4ff2712cad90be53d70f19a2d7307cb6c7e81543f3f83390598b17e9abec7
968dc771805b8ef56fb6e8b708edc5ffec50106e55ba7ce01b295510febbc164
a5d89ea6b4b373732cf10d3a91e6d45f10869c870befc3543ee8c9cbce907836
adfa98f4e7b1b6c503f30ce1739805795f26d70f080fe2a58ff27237f2843ab9
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731
b8244a302aeaa1844ea7267924343499b7d31d92f8467ab78cc66a258b15d818
c5550d7f8cc83561c801d3cdc4bb3c1784672cf0413ea79b5b32e890b1558c38
c673146341378e640a73102f7446ffcdec19901b351bdb75a50311bb7ff06d19
e013195f09a67caa62640dcc902b04d3f53b65a6d4f4a1e553e511fb804762d7
e1e1f0f5c1a82d304cd5522f69f8116c4834c8328a038b5b4bd3f7f9f7200b00
ef87da9cdb3211ae2013ce8d06795b1a95c4042b804f4b78f544253a0757bac8