urlscan.io logo urlscan.io
SecurityTrails logo

survey.sans.org Open in urlscan Pro
2.16.213.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email.sans.org/?qs=c7eea00bf2a97ffc94ef17509598990afa8cbefa80d708da5b6a66bf3b6615ddb25ecf381c80541d63f509aae792...
Effective URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Submission: On April 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2.16.213.204, located in Düsseldorf, Germany and belongs to AKAMAI-AS, US. The main domain is survey.sans.org.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 9th 2024. Valid for: a year.
This is the only time survey.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 136.147.189.155 14340 (SALESFORCE)
18 2.16.213.204 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 3
Apex Domain
Subdomains		 Transfer
19 sans.org
click.email.sans.org — Cisco Umbrella Rank: 802418
survey.sans.org
814 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
948 B
1 gstatic.com
www.gstatic.com
201 KB
21 3
Domain Requested by
18 survey.sans.org survey.sans.org
2 www.google.com survey.sans.org
www.gstatic.com
1 www.gstatic.com www.google.com
1 click.email.sans.org 1 redirects
21 4

This site contains links to these domains. Also see Links.

Domain
www.qualtrics.com
policies.google.com
Subject Issuer Validity Valid
akamaisecure.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-09 -
2025-04-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Frame ID: 303B00D183D2E7F3C330400658BD16FE
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC&co=aHR0cHM6Ly9zdXJ2ZXkuc2Fucy5vcmc6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=x84xea9g7anm
Frame ID: 62EC59921C394D59B554F661585A0BB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qualtrics Survey | Qualtrics Experience Management

Page URL History Show full URLs

  1. https://click.email.sans.org/?qs=c7eea00bf2a97ffc94ef17509598990afa8cbefa80d708da5b6a66bf3b6615ddb25ecf38... HTTP 302
    https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

1016 kB
Transfer

1972 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.sans.org/?qs=c7eea00bf2a97ffc94ef17509598990afa8cbefa80d708da5b6a66bf3b6615ddb25ecf381c80541d63f509aae792e41cbef90c872f685349 HTTP 302
    https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SV_em5Lgky1G21Regm
survey.sans.org/jfe/form/
Redirect Chain
  • https://click.email.sans.org/?qs=c7eea00bf2a97ffc94ef17509598990afa8cbefa80d708da5b6a66bf3b6615ddb25ecf381c80541d63f509aae792e41cbef90c872f685349
  • https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
57 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5f2e9854a1c4964ea5f3e715f8b78527e80c80ac9ea34f2e8cc5e08e211a1f74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
25674
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 04:34:22 GMT
expires
0
permissions-policy
geolocation=*
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-host-id
70726f642e73706f6b652e6a6665372d3137322e31372e302e32
x-request-id
86793248-0642-4618-a04d-9238a8322b5a
x-spoke-id
jfe7
x-transaction-id
a7d8cd35-311a-46a2-a51a-078be5159dc5
x-ua-compatible
IE=edge

Redirect headers

Cache-Control
private
Connection
close
Content-Length
236
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Apr 2024 04:34:20 GMT
Location
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
vendor.8b42ddba9b0aa1e8c640.js
survey.sans.org/jfe/static/dist/ 		261 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/vendor.8b42ddba9b0aa1e8c640.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fdccd8c1c607b7d24e82e5194a296c62fb9e9294b534ac9f290f4e2431486d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Origin
https://survey.sans.org
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:23 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe2
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30791986
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31372e302e32
content-length
83137
jfe.4bb2f02156883c202179.js
survey.sans.org/jfe/static/dist/ 		258 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/jfe.4bb2f02156883c202179.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a8279be7473c40039e70816a0fad567d3d150f23edd1c5392dc55215f8d204e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Origin
https://survey.sans.org
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:23 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe1
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=29761953
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665312d3137322e31372e302e32
content-length
67492
stylesheet.css
survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/ 		227 KB
228 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f92f46df4742f68d77ea63a6e22e6f563185db07005116f557f800ce60069675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9XOJah5sToGCz8hFngjx07Ue.y7xGwuM
date
Wed, 10 Apr 2024 04:34:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 28 Mar 2024 20:07:54 GMT
server
AmazonS3
x-amz-request-id
EKJ5WGCE401CNV26
etag
"05aefc1be22ed927128d0138b8ae9c4d"
x-amz-server-side-encryption
AES256
content-type
text/css
cache-control
public, max-age=1526986
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
232542
x-amz-id-2
Hgnlbk0tDjXPhcWEWWy4Z787U+3Kv8Bwui7ohzAGUhKZJQRX0z60eVesRdsRXeNWBbqIEI2xAVE=
te.3f939d43d01967a05f13.js
survey.sans.org/jfe/static/dist/c/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/te.3f939d43d01967a05f13.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
51ec9ae153372a1d387a41dd5da51c2c8aac7a107a4e4cc47fcaf6b164ec8d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:23 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe6
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=29242874
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665362d3137322e31372e302e32
content-length
7553
matrix.df920cb57bab85f81d4e.js
survey.sans.org/jfe/static/dist/c/ 		149 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/matrix.df920cb57bab85f81d4e.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ee61f6c3002648d12b257cde641d0585ea68b98afa6d3608b34b72e0b4a49c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:23 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe1
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30356129
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665312d3137322e31372e302e32
content-length
26911
mc.31ab63318722a78f03c1.js
survey.sans.org/jfe/static/dist/c/ 		39 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/mc.31ab63318722a78f03c1.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
146f4ec2a86085362b81484c85916ec686502bf5807f9fd9cdab5b59d32395ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:23 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe2
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30333046
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31372e302e32
content-length
5825
error.svg
survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/ 		566 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/error.svg
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
299b92560aa9d76c058b1b3e63adca9c405e5d671b413bc5b0677995c97bd073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dc7m9m79AaE0Gk6rFenoZrCxIMJJYstL
date
Wed, 10 Apr 2024 04:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 26 Mar 2024 18:33:49 GMT
server
AmazonS3
x-amz-request-id
FFTF1KXXWQ0AYKEB
etag
"c73613741a974260124ff4800d30cadb"
x-amz-server-side-encryption
AES256
content-type
image/svg+xml
cache-control
public,max-age=2592000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
566
x-amz-id-2
cSvE2XUQ/MnvkJVsIAIu6jCip3rhPJ2C9VsX6y58qjbAupPDxD9NQ1IZIpOzE1svpeG9LzP1l/4=
poppinslight.ttf
survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/ 		152 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/poppinslight.ttf
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bd289695af1c1055dbb65d8043e59f658b4f66be770410a1cc4a1c1714008618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Origin
https://survey.sans.org
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
boSTVjvRPrjnJvVfgbM_QuB_MZYz2B8v
date
Wed, 10 Apr 2024 04:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
FFTF3FV1SYER9HB3
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-length
156104
x-amz-id-2
5SraFMT/XRCG0HTaOPJgICkq+fUUb92GKRzhrZLmy+4mfNDu8rLH3b8zGOUPvCiOLed1xS0Rpao=
last-modified
Tue, 26 Mar 2024 18:33:50 GMT
server
AmazonS3
etag
"32b18121a85a090c974baa27eaa801fb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=2592000
accept-ranges
bytes
poppinsmedium.ttf
survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/base-templates/qualtrics/base/version-1711478024504-105870/files/poppinsmedium.ttf
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e47fa644e37cc516f7c22208df798f28efdd0ac3e118cbd6323a434186db68c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Origin
https://survey.sans.org
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GZzzh1PmriuCMdg77AGqChlwcMxubFsM
date
Wed, 10 Apr 2024 04:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
FFT4305FRTGS7BTG
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-length
155248
x-amz-id-2
rXHPI9uLgySOgdEUPYDLLO2vs5Y+z8hlEgTavgtLnmVl+Q5Bo6oCUW+J1FIj48GOMki80jz2g48=
last-modified
Tue, 26 Mar 2024 18:33:51 GMT
server
AmazonS3
etag
"c7b158e33a04cfacdc79a1dd1a48dbdd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=2592000
accept-ranges
bytes
external-link-icon.woff
survey.sans.org/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/ 		1004 B
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/external-link-icon.woff
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c5550d7f8cc83561c801d3cdc4bb3c1784672cf0413ea79b5b32e890b1558c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/themes/templated-skins/qualtrics.base:sans.4053819359:null/version-1711656470943-338df0/stylesheet.css
Origin
https://survey.sans.org
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ZpnDL4pi_9gIwlH6CeppBW_zdJUG8hzv
date
Wed, 10 Apr 2024 04:34:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
4JQTGM80W4A5326M
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
content-length
1004
x-amz-id-2
BOiKXV2BzZdzpThPQ7QRpYYkuquJVGjlwu2WqUW22Es7p9nje2Rme/GqHuIfemUSZPkpPS61egQ=
last-modified
Wed, 15 Mar 2023 16:56:07 GMT
server
AmazonS3
etag
"90cf29ab19dc601f2e5a9f9b3c4898fb"
x-edgeconnect-cache-status
1
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
accept-ranges
bytes
jsApi.8518510c6333e45de8e8.js
survey.sans.org/jfe/static/dist/c/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/jsApi.8518510c6333e45de8e8.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
45b9204050b30e61a70e281b36d828b7a235ab0e6fd0efd0d4b3e3c93a5d9143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:24 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe8
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=29243073
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665382d3137322e31372e302e32
content-length
4012
Graphic.php
survey.sans.org/CP/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.sans.org/CP/Graphic.php?IM=IM_8ksxYBVv5qwpxiJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6731237167151166bed6ac0e7eb85255c233f303e4694f366e266d1554b46ff7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-disposition
inline; filename=Sans+logos+cornerband+wbg+rgb
content-length
7667
x-request-id
b347855b-e118-43fe-bf27-7cab75981d4b
referrer-policy
strict-origin-when-cross-origin
etag
"8bd9b97870e0da1569e3408c8daf31c4"
content-type
image/png
access-control-allow-origin
*
x-transaction-id
1c843a7a-1b0e-4fbe-9e56-0570a1f62d99
cache-control
public, max-age=53
permissions-policy
camera=(), geolocation=(), microphone=()
x-robots-tag
noindex
expires
Wed, 10 Apr 2024 04:35:17 GMT
favicon.ico
survey.sans.org/brand-management/brand-assets/sans/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/brand-management/brand-assets/sans/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65e99ee3b805f7b1c8b08159161e3ad53960640a2c3f952d282af4900d1ae572
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 04:34:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 26 Sep 2022 23:11:08 GMT
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
image/vnd.microsoft.icon
x-transaction-id
60a9d4cb-1f7e-4868-a66b-7b426487840c
cache-control
max-age=0, no-cache, no-store
permissions-policy
camera=(), geolocation=(), microphone=()
expires
Wed, 10 Apr 2024 04:34:24 GMT
prototype.4b85e8fde846e3b0c676.js
survey.sans.org/jfe/static/dist/c/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/prototype.4b85e8fde846e3b0c676.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
664392b2a9dc49e3610139682ca109f60a3d6f1adf123f06c9955be6f5556c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:24 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe6
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=29242901
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665362d3137322e31372e302e32
content-length
28660
recaptchav3.adde246837d77cfd5543.js
survey.sans.org/jfe/static/dist/c/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/recaptchav3.adde246837d77cfd5543.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3900d358b6a981d179c643833f774e889eb2649b890dc1bb1e0080d2c0b3b867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:24 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe8
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665382d3137322e31372e302e32
content-length
5908
enterprise.js
www.google.com/recaptcha/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?onload=onLoadRecaptchaV3&render=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/static/dist/vendor.8b42ddba9b0aa1e8c640.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7439fd8c61761c9a1a7577e24c3ecf8706d1e19b233ec56e4ea5eae9f220a5c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2024 04:34:24 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=onLoadRecaptchaV3&render=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/
Origin
https://survey.sans.org
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 00:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205471
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Apr 2025 00:37:13 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 62EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ldxd94ZAAAAANgjv1UpUZ1nAj-P35y3etQOwBrC&co=aHR0cHM6Ly9zdXJ2ZXkuc2Fucy5vcmc6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=x84xea9g7anm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7QiMx1N1ZoZtkO6I4cRMKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://survey.sans.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7QiMx1N1ZoZtkO6I4cRMKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Apr 2024 04:34:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mp.ef7aacbf924d7cd632e6.js
survey.sans.org/jfe/static/dist/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe/static/dist/c/mp.ef7aacbf924d7cd632e6.js
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e6eba6506ad2b05e9abb30ac6f2c86298c4e5635ec42c5a1abb76078118925a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:25 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe2
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=29242933
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665322d3137322e31372e302e32
content-length
1693
getRecaptchaV3Score
survey.sans.org/jfe7/external/ 		126 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://survey.sans.org/jfe7/external/getRecaptchaV3Score
Requested by
Host: survey.sans.org
URL: https://survey.sans.org/jfe/static/dist/jfe.4bb2f02156883c202179.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.213.204 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-213-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e653a74278c6eafa1d80175e4025199b0382ac965ec57e0dd4a22da9c21031cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 04:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-spoke-id
jfe7
server
nginx
etag
W/"7e-ldU/EB4tPbu+oAfQNWbjYVwT14U"
content-type
application/json; charset=utf-8
x-transaction-id
88585970-48ac-472d-8278-6ac419983cab
permissions-policy
geolocation=*
x-host-id
70726f642e73706f6b652e6a6665372d3137322e31372e302e32
content-length
126
x-request-id
ad4756bb-4fbe-424c-b53f-5c0f1f412199

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| QSettings function| webpackJsonp function| jQuery object| ErrorWatcher object| jQuery11240017125158651023042 function| onLoadCaptcha object| experimental object| Page function| QBuilder object| Qualtrics object| QualtricsSETools function| $ function| $$ function| Sizzle function| Selector object| Prototype object| Ajax function| $F object| Abstract object| Form function| $A function| $H function| $R function| $w object| Class object| Enumerable function| Hash function| ObjectRange function| PeriodicalExecuter function| Template object| Try function| onLoadRecaptchaV3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_254267

2 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABIEJovMI0LdT9Lqa-yGeRcSwemV3XXl78YRt7YU5sLyVOkS7FQBUwfRb5wgFV3jJTkrguYxwfgP36ZWzYWDnV4
.sans.org/ Name: ak_bmsc
Value: 744185273F2512B3800B887FC47F4F63~000000000000000000000000000000~YAAQrbEPF5ajSZuOAQAAnxdJxhfIoHqHp+DMCe7BLDKVirfWXg5fxXkeLBcNNUC5JqBaK8+ANnh63GnGoY/P5Cxfr22TSjxj3NuSizk3nPMkrfd3/YE1hp5ck74pofvDqyC4pEgBEukLzSwQCtSlviASfrW4q+sz+Y3pg2wtEYpaIPUQ8YFAo5FSF7EI20C2t3f+1z5yy7aeoe96UihuQ/MgUxHyRB6/ORWFnNITxJUhULsrV8QHZuFXJGMkFD6v/IuNOfPK3aoy7vJ1fwPzCQDnNO6H9udh+7nvv5NXmiMUAOq1ARmYIszRWip7AyvQGqAPb00YboxBPRBRYABCYG6zG9Hi7TLUX37xeASIB8Lz1QTI1NuDyd43OAuYg7ZNDPa9K/8NkGk=

1 Console Messages

Source Level URL
Text
other warning URL: https://survey.sans.org/jfe/form/SV_em5Lgky1G21Regm?is=fddd7500a68763510e252bf429e021eedaee1997e642c2c632bafb6a16bb6d74
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.email.sans.org
survey.sans.org
www.google.com
www.gstatic.com
136.147.189.155
2.16.213.204
2a00:1450:4001:812::2004
2a00:1450:4001:81d::2003
146f4ec2a86085362b81484c85916ec686502bf5807f9fd9cdab5b59d32395ca
299b92560aa9d76c058b1b3e63adca9c405e5d671b413bc5b0677995c97bd073
3900d358b6a981d179c643833f774e889eb2649b890dc1bb1e0080d2c0b3b867
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
45b9204050b30e61a70e281b36d828b7a235ab0e6fd0efd0d4b3e3c93a5d9143
51ec9ae153372a1d387a41dd5da51c2c8aac7a107a4e4cc47fcaf6b164ec8d5f
5f2e9854a1c4964ea5f3e715f8b78527e80c80ac9ea34f2e8cc5e08e211a1f74
65e99ee3b805f7b1c8b08159161e3ad53960640a2c3f952d282af4900d1ae572
664392b2a9dc49e3610139682ca109f60a3d6f1adf123f06c9955be6f5556c3a
6731237167151166bed6ac0e7eb85255c233f303e4694f366e266d1554b46ff7
7439fd8c61761c9a1a7577e24c3ecf8706d1e19b233ec56e4ea5eae9f220a5c1
a8279be7473c40039e70816a0fad567d3d150f23edd1c5392dc55215f8d204e8
bd289695af1c1055dbb65d8043e59f658b4f66be770410a1cc4a1c1714008618
c5550d7f8cc83561c801d3cdc4bb3c1784672cf0413ea79b5b32e890b1558c38
e47fa644e37cc516f7c22208df798f28efdd0ac3e118cbd6323a434186db68c9
e653a74278c6eafa1d80175e4025199b0382ac965ec57e0dd4a22da9c21031cb
e6eba6506ad2b05e9abb30ac6f2c86298c4e5635ec42c5a1abb76078118925a1
ee61f6c3002648d12b257cde641d0585ea68b98afa6d3608b34b72e0b4a49c6f
f92f46df4742f68d77ea63a6e22e6f563185db07005116f557f800ce60069675
fdccd8c1c607b7d24e82e5194a296c62fb9e9294b534ac9f290f4e2431486d7c