urlscan.io logo urlscan.io
SecurityTrails logo

survey.energage.com Open in urlscan Pro
52.224.179.213  Public Scan

Go To Rescan Add Verdict Report
URL: https://survey.energage.com/HC19/NQ7MJTZV
Submission: On June 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 52.224.179.213, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is survey.energage.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 27th 2017. Valid for: 3 years.
This is the only time survey.energage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 52.224.179.213 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
15 7
7    52.224.179.213 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
survey.energage.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a04:4e42:400::729 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.ravenjs.com
3    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
az416426.vo.msecnd.net
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
7 survey.energage.com survey.energage.com
cdn.ravenjs.com
3 fonts.gstatic.com survey.energage.com
2 www.google-analytics.com survey.energage.com
1 az416426.vo.msecnd.net survey.energage.com
1 cdn.ravenjs.com survey.energage.com
1 fonts.googleapis.com survey.energage.com
15 6

This site contains links to these domains. Also see Links.

Domain
www.energage.com
Subject Issuer Validity Valid
*.energage.com
DigiCert SHA2 Secure Server CA		 2017-11-27 -
2020-10-07		 3 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-15 -
2020-01-23		 8 months crt.sh
*.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://survey.energage.com/HC19/NQ7MJTZV
Frame ID: 9EDC037A24176A3BE31AB8AA78834EC2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 50%
Detected patterns
  • headers server /^Kestrel/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

1310 kB
Transfer

3348 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set NQ7MJTZV
survey.energage.com/HC19/ 		73 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.energage.com/HC19/NQ7MJTZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.179.213 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
b83977ff494399c4ce34132e86d130a939714faecca37d20f16807e578bfc908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1 1

Request headers

Host
survey.energage.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-store,no-cache
Keep-Alive
timeout=3, max=993
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Vary
Accept-Encoding
Server
Kestrel
Set-Cookie
TestCookie=97863-PE1jevHrm%2Fk0lebSFdQnJ%2B9nPH; path=/; secure; samesite=lax LanguageSession=1033; path=/; secure; samesite=lax
X-Content-Type-Options
nosniff nosniff
X-XSS-Protection
1 1
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex, noarchive, nofollow
X-Powered-By
ASP.NET
X-Frame-Options
sameorigin
Date
Wed, 26 Jun 2019 16:03:35 GMT
css
fonts.googleapis.com/ 		9 KB
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
41c7b4715387c6fdc45c68fb20e8e9dccf8338b7e460cd9888cb468fed841686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 26 Jun 2019 16:03:36 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 26 Jun 2019 16:03:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 26 Jun 2019 16:03:36 GMT
site.css
survey.energage.com/dist/ 		401 KB
190 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.energage.com/dist/site.css?v=bvAxLXjfvociDCI3OSph7RMEWqWv9dAA9NnBQMg3eW4
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.179.213 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
6ef0312d78dfbe87220c2237392a61ed13045aa5aff5d000f4d9c140c837796e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1, 1

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Thu, 06 Jun 2019 11:11:36 GMT
Server
Kestrel
X-Powered-By
ASP.NET
X-Frame-Options
sameorigin
Content-Type
text/css
Transfer-Encoding
chunked
ETag
"1d51c589afea7ef"
Date
Wed, 26 Jun 2019 16:03:37 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, noarchive, nofollow
Vary
Accept-Encoding
X-XSS-Protection
1, 1
wpd-modernizr.min.js
survey.energage.com/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.energage.com/wpd-modernizr.min.js?v=Ike06IW6m3w7asWNfod1x5GAXV4n29Zc9hLByx-5Hd8
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.179.213 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
2247b4e885ba9b7c3b6ac58d7e8775c791805d5e27dbd65cf612c1cb1fb91ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1, 1

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Tue, 08 Jan 2019 11:54:56 GMT
Server
Kestrel
X-Powered-By
ASP.NET
X-Frame-Options
sameorigin
Content-Type
application/javascript
Transfer-Encoding
chunked
ETag
"1d4a748f9248dca"
Date
Wed, 26 Jun 2019 16:03:37 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, noarchive, nofollow
Vary
Accept-Encoding
X-XSS-Protection
1, 1
eventListeners.js
survey.energage.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.energage.com/eventListeners.js?v=Fv8ycrJW3Bq9sWuhFFIVcSyYw5OWOLv_1j3m4XF4_Pw
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.179.213 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
16ff3272b256dc1abdb16ba1145215712c98c3939638bbffd63de6e17178fcfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1, 1

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Tue, 08 Jan 2019 11:54:56 GMT
Server
Kestrel
X-Powered-By
ASP.NET
X-Frame-Options
sameorigin
Content-Type
application/javascript
Transfer-Encoding
chunked
ETag
"1d4a748f9248ab4"
Date
Wed, 26 Jun 2019 16:03:37 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, noarchive, nofollow
Vary
Accept-Encoding
X-XSS-Protection
1, 1
raven.min.js
cdn.ravenjs.com/3.26.2/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.26.2/raven.min.js
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Fastly /
Resource Hash
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://survey.energage.com/HC19/NQ7MJTZV
Origin
https://survey.energage.com

Response headers

date
Wed, 26 Jun 2019 16:03:36 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 15:59:55 GMT
server
Fastly
age
32935
etag
"1419f17d4165274db4b1ad69fc9721c5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13696
vendor.js
survey.energage.com/dist/ 		1 MB
379 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.energage.com/dist/vendor.js?v=lFJDvcfgEQIamxEhI_Ur2ZUf42tLbHIwVYfYHL9y9ko
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.179.213 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
945243bdc7e011021a9b112123f52bd9951fe36b4b6c72305587d81cbf72f64a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1, 1

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Thu, 06 Jun 2019 11:11:14 GMT
Server
Kestrel
X-Powered-By
ASP.NET
X-Frame-Options
sameorigin
Content-Type
application/javascript
Transfer-Encoding
chunked
ETag
"1d51c588dc923d8"
Date
Wed, 26 Jun 2019 16:03:37 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, noarchive, nofollow
Vary
Accept-Encoding
X-XSS-Protection
1, 1
main-client.js
survey.energage.com/dist/ 		1 MB
583 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.energage.com/dist/main-client.js?v=yBfne-XsKnhK7uBDkj4Q7Vl40MUGuSNruiwIhOoMZFk
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.179.213 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
c817e77be5ec2a784aeee043923e10ed5978d0c506b9236bba2c0884ea0c6459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1, 1

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Thu, 06 Jun 2019 11:11:36 GMT
Server
Kestrel
X-Powered-By
ASP.NET
X-Frame-Options
sameorigin
Content-Type
application/javascript
Transfer-Encoding
chunked
ETag
"1d51c589aed4142"
Date
Wed, 26 Jun 2019 16:03:37 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, noarchive, nofollow
Vary
Accept-Encoding
X-XSS-Protection
1, 1
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/wpd-modernizr.min.js?v=Ike06IW6m3w7asWNfod1x5GAXV4n29Zc9hLByx-5Hd8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://survey.energage.com

Response headers

date
Sun, 02 Jun 2019 21:32:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
2053864
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Mon, 01 Jun 2020 21:32:33 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Jun 2019 16:03:37 GMT
content-encoding
gzip
content-md5
7JhCKwvLjoUoS5N/nN9LRA==
x-cache
HIT
status
200
content-length
21636
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jun 2019 21:34:18 GMT
server
ECAcc (frc/8FA5)
etag
0x8D6EEB48F61B4AC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a70db311-901e-009b-087e-2b69dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400, immutable
x-ms-version
2009-09-19
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b44b79b62fe84b4daaebf2ac0afec0c62fe014cd62c6c7bf41cf32539144bb4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c47f02bb918c4db9acb0b622a099be5d5e7260e185be5a114fc7f1488606107b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d9079e184bbe2a74a12b7df92bc0a880bc2810e8dc2dbf458554cfca2fa5873

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c6074ac3fcc59019c39e3ab2199543fec53d4af26a9472b89c06e3d7417dd0b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://survey.energage.com

Response headers

date
Sun, 02 Jun 2019 21:49:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:42 GMT
server
sffe
age
2052865
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Mon, 01 Jun 2020 21:49:12 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://survey.energage.com

Response headers

date
Wed, 19 Jun 2019 16:59:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:38 GMT
server
sffe
age
601462
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Thu, 18 Jun 2020 16:59:15 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
2160
date
Wed, 26 Jun 2019 15:27:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17707
expires
Wed, 26 Jun 2019 17:27:37 GMT
NQ7MJTZV
survey.energage.com/api/welcome/HC19/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://survey.energage.com/api/welcome/HC19/NQ7MJTZV
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.2/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.179.213 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel / ASP.NET
Resource Hash
c845749f2e699bcd76f1fc30ed45c443b2452bf919d2844a882820e096347cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1, 1

Request headers

Accept
application/json, text/plain, */*
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Expires
0

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff, nosniff
Server
Kestrel
X-Powered-By
ASP.NET
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
X-XSS-Protection
1, 1
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
Transfer-Encoding
chunked
X-Robots-Tag
noindex, noarchive, nofollow
Keep-Alive
timeout=3, max=993
Date
Wed, 26 Jun 2019 16:03:38 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1971680481&t=pageview&_s=1&dl=https%3A%2F%2Fsurvey.energage.com%2FHC19%2FNQ7MJTZV&ul=en-us&de=UTF-8&dt=Energage%20Survey%20Welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1882782390&gjid=500134705&cid=1371133118.1561565018&tid=UA-66480031-1&_gid=1424045258.1561565018&_r=1&z=1509249156
Requested by
Host: survey.energage.com
URL: https://survey.energage.com/HC19/NQ7MJTZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://survey.energage.com/HC19/NQ7MJTZV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2019 16:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| html5 object| Modernizr function| registerEventListeners object| appInsights object| Raven string| basename object| routeParams object| initialReduxState function| __extends object| Microsoft object| AI function| vendor_a4f8cf358401a096d9dc object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| renderSurvey string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
survey.energage.com/ Name: LanguageSession
Value: 1033
survey.energage.com/ Name: TestCookie
Value: 97863-PE1jevHrm%2Fk0lebSFdQnJ%2B9nPH
.energage.com/ Name: _gat
Value: 1
.energage.com/ Name: _gid
Value: GA1.2.1424045258.1561565018
survey.energage.com/ Name: ai_user
Value: nWRWy|2019-06-26T16:03:37.443Z
survey.energage.com/ Name: listCode
Value: HC19
survey.energage.com/ Name: inviteeCode
Value: NQ7MJTZV
.energage.com/ Name: _ga
Value: GA1.2.1371133118.1561565018

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn.ravenjs.com
fonts.googleapis.com
fonts.gstatic.com
survey.energage.com
www.google-analytics.com
152.199.19.160
2a00:1450:4001:816::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:820::200e
2a04:4e42:400::729
52.224.179.213
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
0b44b79b62fe84b4daaebf2ac0afec0c62fe014cd62c6c7bf41cf32539144bb4
16ff3272b256dc1abdb16ba1145215712c98c3939638bbffd63de6e17178fcfc
2247b4e885ba9b7c3b6ac58d7e8775c791805d5e27dbd65cf612c1cb1fb91ddf
41c7b4715387c6fdc45c68fb20e8e9dccf8338b7e460cd9888cb468fed841686
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430
4c6074ac3fcc59019c39e3ab2199543fec53d4af26a9472b89c06e3d7417dd0b
4d9079e184bbe2a74a12b7df92bc0a880bc2810e8dc2dbf458554cfca2fa5873
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6ef0312d78dfbe87220c2237392a61ed13045aa5aff5d000f4d9c140c837796e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
945243bdc7e011021a9b112123f52bd9951fe36b4b6c72305587d81cbf72f64a
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
b83977ff494399c4ce34132e86d130a939714faecca37d20f16807e578bfc908
c47f02bb918c4db9acb0b622a099be5d5e7260e185be5a114fc7f1488606107b
c817e77be5ec2a784aeee043923e10ed5978d0c506b9236bba2c0884ea0c6459
c845749f2e699bcd76f1fc30ed45c443b2452bf919d2844a882820e096347cbd
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e