Submitted URL: https://www.youtube.com/redirect?q=http%3A%2F%2Fbit.ly%2F2L7fTmS&stzid=UgyVPkYxG6hXArtAmO94AaABAg&redir_token=S9jVORGr3xAs3yO3ZPg6srxT_dB8MTU4MTA4ODI1NUAxNTgxMDAxODU1&html_redirect=1&event=comments
Effective URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Submission: On February 06 via manual from AE

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 14 HTTP transactions. The main IP is 52.4.250.149, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.respondent.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 1st 2019. Valid for: 2 years.
This is the only time app.respondent.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain
Subdomains
Transfer
4 respondent.io
627 KB
2 facebook.net
60 KB
1 hexagon-analytics.com
243 B
1 sift.com
20 KB
1 gstatic.com
93 KB
1 amplitude.com
25 KB
1 google.com
541 B
1 d1e8xkf6doio38.cloudfront.net
2 MB
1 fontawesome.com
31 KB
1 fonts.googleapis.com
911 B
1 bit.ly
504 B
1 youtube.com
394 B
14 12
Domain Requested by
4 app.respondent.io 1 redirects app.respondent.io
2 connect.facebook.net app.respondent.io
connect.facebook.net
1 hexagon-analytics.com
1 cdn.sift.com app.respondent.io
1 www.gstatic.com www.google.com
1 cdn.amplitude.com app.respondent.io
1 www.google.com app.respondent.io
1 d1e8xkf6doio38.cloudfront.net app.respondent.io
1 pro.fontawesome.com app.respondent.io
1 fonts.googleapis.com app.respondent.io
1 bit.ly 1 redirects
1 www.youtube.com
14 12

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.google.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months
app.respondent.io
Sectigo RSA Domain Validation Secure Server CA
2019-05-01 -
2021-04-30
2 years
*.storage.googleapis.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year
www.google.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months
cdn.amplitude.com
Amazon
2019-12-16 -
2021-01-16
a year
*.sift.com
DigiCert SHA2 Secure Server CA
2019-01-09 -
2021-03-17
2 years
*.hexagon-analytics.com
DigiCert SHA2 Secure Server CA
2019-08-01 -
2021-11-03
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /cdn\.amplitude\.com/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
redirect?q=http%3A%2F%2Fbit.ly%2F2L7fTmS&stzid=UgyVPkYxG6hXArtAmO94AaABAg&redir_token=S9jVORGr3xAs3yO3ZPg6srxT_dB8MTU4MTA4ODI1NUAxNTgxMDAxODU1&html_redirect=1&event=comments
www.youtube.com
146 B
394 B
Document
General
Full URL
https://www.youtube.com/redirect?q=http%3A%2F%2Fbit.ly%2F2L7fTmS&stzid=UgyVPkYxG6hXArtAmO94AaABAg&redir_token=S9jVORGr3xAs3yO3ZPg6srxT_dB8MTU4MTA4ODI1NUAxNTgxMDAxODU1&html_redirect=1&event=comments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
4e3482a5d74b9409791767bfa2674bdb327cd192685e184dd61a70013596602f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/redirect?q=http%3A%2F%2Fbit.ly%2F2L7fTmS&stzid=UgyVPkYxG6hXArtAmO94AaABAg&redir_token=S9jVORGr3xAs3yO3ZPg6srxT_dB8MTU4MTA4ODI1NUAxNTgxMDAxODU1&html_redirect=1&event=comments
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
content-length
89
x-frame-options
SAMEORIGIN
content-encoding
br
strict-transport-security
max-age=31536000
date
Thu, 06 Feb 2020 15:12:17 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
YSC=buvA7QAZ6Fg; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=djxkahxJY5s; path=/; domain=.youtube.com; secure; expires=Tue, 04-Aug-2020 15:12:17 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 06-Feb-2020 15:42:17 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Cookie set seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
/respondents/v2/projects/view/5ddd8bd7093c32002a55643c
Redirect Chain
  • http://bit.ly/2L7fTmS
  • https://app.respondent.io/respondents/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
  • https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
8 KB
4 KB
Document
General
Full URL
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.250.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-250-149.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3013da9714e7f0978e888d4a0146f737342a93cac01de3b030bc86dc8bd395d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
app.respondent.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://www.youtube.com/
Accept-Encoding
gzip, deflate, br
Cookie
sift.session.id=a80ad32e-95ef-4322-9fc8-c434eac4ba99; respondent.referralCode=mohamedmoufid-f40fe7dbf677
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.youtube.com/

Response headers

Server
Cowboy
Connection
keep-alive
X-Protected-By
Sqreen
X-Xss-Protection
1; mode=block
X-Dns-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
0
Set-Cookie
_csrf=7j7KpyD24oCaT3KLyHX7Ye9J; Path=/ XSRF-TOKEN=RDjUNTLT-_qJjfdo1FigWRwWdD3EkmiaPJvA; Path=/
Content-Type
text/html; charset=utf-8
Etag
W/"1e66-kDsn18P+Z17mhz3GebT8Gr7HbR4"
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Thu, 06 Feb 2020 15:12:18 GMT
Transfer-Encoding
chunked
Via
1.1 vegur

Redirect headers

Server
Cowboy
Connection
keep-alive
X-Protected-By
Sqreen
X-Xss-Protection
1; mode=block
X-Dns-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
0
Set-Cookie
sift.session.id=a80ad32e-95ef-4322-9fc8-c434eac4ba99; Max-Age=3600; Path=/; Expires=Thu, 06 Feb 2020 16:12:18 GMT; HttpOnly; Secure respondent.referralCode=mohamedmoufid-f40fe7dbf677; Max-Age=432000; Path=/; Expires=Tue, 11 Feb 2020 15:12:18 GMT; HttpOnly; Secure
Location
/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Vary
Accept, Accept-Encoding
Content-Type
text/html; charset=utf-8
Content-Length
380
Date
Thu, 06 Feb 2020 15:12:18 GMT
Via
1.1 vegur
app.css
/respondent-v2/dist
366 KB
109 KB
Stylesheet
General
Full URL
https://app.respondent.io/respondent-v2/dist/app.css
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.250.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-250-149.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6c994f882dda1b024ffd4940fba018446d12060bb13c70d2abaaf96c9d0548af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
X-Dns-Prefetch-Control
off
X-Protected-By
Sqreen
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 05 Feb 2020 21:54:15 GMT
Server
Cowboy
Date
Thu, 06 Feb 2020 15:12:18 GMT
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Via
1.1 vegur
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Etag
W/"5b932-1701758b758"
Accept-Ranges
bytes
Expires
0
app.js
/respondent-v2/dist
2 MB
514 KB
Script
General
Full URL
https://app.respondent.io/respondent-v2/dist/app.js
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.250.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-250-149.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
b4aad0255337f6b5656759cfdf8b8b803822d9e6cab1bd9d71e844db7f3fd3b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
X-Dns-Prefetch-Control
off
X-Protected-By
Sqreen
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 05 Feb 2020 21:54:15 GMT
Server
Cowboy
Date
Thu, 06 Feb 2020 15:12:18 GMT
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Etag
W/"1e2a17-1701758b758"
Accept-Ranges
bytes
Expires
0
css?family=Roboto:100,300,400,500,700,900
fonts.googleapis.com
14 KB
911 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ba5e9d4c0bb4c5e4906adb2f7db71a6a607bba6575a92622480956d088ac1d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 06 Feb 2020 15:12:18 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 06 Feb 2020 15:12:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 06 Feb 2020 15:12:18 GMT
all.css
pro.fontawesome.com/releases/v5.11.2/css
159 KB
31 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.11.2/css/all.css
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Origin
https://app.respondent.io

Response headers

date
Thu, 06 Feb 2020 15:12:18 GMT
content-encoding
gzip
last-modified
Mon, 23 Sep 2019 18:56:16 GMT
access-control-allow-origin
*
etag
"0a4f9d4e59a60dc91ed451d57e4a8b80"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1581001938.cds004.wa1.hn,1581001938.cds005.wa1.c
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
access-control-allow-methods
GET
accept-ranges
bytes
content-length
31397
aws-sdk.2.532.0.min.js
d1e8xkf6doio38.cloudfront.net/javascript
2 MB
2 MB
Script
General
Full URL
https://d1e8xkf6doio38.cloudfront.net/javascript/aws-sdk.2.532.0.min.js
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:a00:9:a1b5:9d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92e0a2ebba1e126c222145ddde2fd5c1311a2d4512e93a0c119b08fb4951b0e4

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 14:51:23 GMT
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified
Fri, 20 Sep 2019 15:46:26 GMT
server
AmazonS3
age
1256
etag
"3c01c3489900975177244b74963c8a58"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
2132512
x-amz-cf-id
4n7dx3ZQ7FyqJ9PvgRw8nauK7IB9SmyHpKDdcky3tYglIFy_SKrXKg==
api.js?render=explicit
www.google.com/recaptcha
676 B
541 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa9bf141d897b5d43066e6d2b496008ad4e8b049f55a2ef0584a040d8b3ae64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 15:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
446
x-xss-protection
1; mode=block
expires
Thu, 06 Feb 2020 15:12:18 GMT
sdk.js
connect.facebook.net/en_US
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd4478662aab591e53f1da57e38195a56867f79c467a1ff95d532616f200a546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3R9i8zRR7Xye/foHyZ3fGg==
status
200
date
Thu, 06 Feb 2020 15:12:18 GMT, Thu, 06 Feb 2020 15:12:18 GMT
expires
Thu, 06 Feb 2020 15:19:23 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1778
x-fb-debug
BjAHv3KrA7e9cvQIzsXCOJl1P64wykV5JH0+XKNBUu1DzEJd1YCl2wtN3uWfE0qjQPuV9l51dfofH7mtJpH3Nw==
x-fb-trip-id
2047048586
x-fb-content-md5
0830b59e5b6558f19f36e6752ff461eb
etag
"0277f896b477acc0b8ec89c7241fb772"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
amplitude-4.4.0-min.gz.js
cdn.amplitude.com/libs
74 KB
25 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-213.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 12 Jan 2020 06:48:29 GMT
content-encoding
gzip
age
2190229
x-cache
Hit from cloudfront
status
200
content-length
25521
last-modified
Mon, 21 Oct 2019 15:45:35 GMT
server
AmazonS3
etag
"0ac70c6a5de910a09be49cfefd77c771"
x-amz-version-id
5wXGiWTByEVk3DSg02L19x7h8A..ke3l
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
xA8H1b4clLSMZ3Ylb2E1ZKY4ke1R64HGf2WMjQDeT1sTmU4PBVm6lQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vJuUWXolyYJx1oqUVmpPuryQ
259 KB
93 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/vJuUWXolyYJx1oqUVmpPuryQ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dafa565b581743f2b5a79210f7d17f36266bac25a74c8cc4cf77ee1bfd6e22d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 17:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Feb 2020 05:03:58 GMT
server
sffe
age
249350
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94973
x-xss-protection
0
expires
Tue, 02 Feb 2021 17:56:28 GMT
sdk.js?hash=16241378d061d9aaa796f9a4b3d7812b&ua=modern_es6
connect.facebook.net/en_US
194 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=16241378d061d9aaa796f9a4b3d7812b&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8256aae04ad66c308102e01f0c169558baacd4612327cb7435cdf47c6d5e9720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Origin
https://app.respondent.io

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sbTqRW1cOy0+iogSQ0rkLA==
status
200
date
Thu, 06 Feb 2020 15:12:18 GMT, Thu, 06 Feb 2020 15:12:18 GMT
expires
Fri, 05 Feb 2021 14:03:32 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
59476
x-fb-debug
ykoSJCWKOIoopkL5V2fuYIyolRc9nWYteWmw+EJCuueD8rNlSAdOfbnu/U7P9VDvndt5Kn2IUDTAwT1urnRJ8A==
x-fb-trip-id
1850256238
x-fb-content-md5
7723588fb1dd0200f40096cf350757fb
etag
"53eae37796494d7e7dc24d93465b21d4"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
s.js
cdn.sift.com
61 KB
20 KB
Script
General
Full URL
https://cdn.sift.com/s.js
Requested by
Host: app.respondent.io
URL: https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.96.67.224 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cca4a7a37cbd21cf375e5bbd4b2d64a38128f7eb178693c0f28d0f228c7bc6eb

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 15:00:58 GMT
content-encoding
gzip
age
681
status
200
x-guploader-uploadid
AEnB2UoOGgFH6zDQxkUxr5XVatQ5re1BjlP-b8tzOp-kP85GvTWosfxYFZa1qeNkEc-UUAP4hW_hoytCe86NY_DpaPh9_hTZdLekIZUfPE0oJIV-cscFJZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
20453
last-modified
Mon, 09 Dec 2019 23:42:05 GMT
server
UploadServer
etag
"3bf6e81bd594e991d8fa8d25e85a0a79"
vary
Accept-Encoding
x-goog-hash
crc32c=5Q/b7g==, md5=O/boG9WU6ZHY+o0l6FoKeQ==
content-language
en
x-goog-generation
1575934925695399
cache-control
public, max-age=3600
x-goog-stored-content-length
20453
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 06 Feb 2020 16:00:58 GMT
990468.gif?bk=90993fbd69&tm=43&r=279232696&v=105&cs=UTF-8&h=app.respondent.io&l=en-US&S=a4fe3efda1da4fc44708d32add81de07&uu=b63b561cd6bf2d834c4aa2a7c8e71b8&t=Respondent&u=https%3A%2F%2Fapp.responde...
hexagon-analytics.com/images
43 B
243 B
Image
General
Full URL
https://hexagon-analytics.com/images/990468.gif?bk=90993fbd69&tm=43&r=279232696&v=105&cs=UTF-8&h=app.respondent.io&l=en-US&S=a4fe3efda1da4fc44708d32add81de07&uu=b63b561cd6bf2d834c4aa2a7c8e71b8&t=Respondent&u=https%3A%2F%2Fapp.respondent.io%2Frespondents%2Fv2%2Fprojects%2Fview%2F5ddd8bd7093c32002a55643c%2Fseeking-security&rf=https%3A%2F%2Fwww.youtube.com%2F&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=16&je=false&ss=true&ls=false&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=fbd7df18f09e35afb7c989c59a217d55&z=z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.102.232.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 15:12:19 GMT
via
1.1 google
x-content-type-options
nosniff
server
nginx
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 1
  • http://bit.ly/2L7fTmS
  • https://app.respondent.io/respondents/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677
  • https://app.respondent.io/respondents/v2/projects/view/5ddd8bd7093c32002a55643c/seeking-security-analysts-who-work-with-siem-tools-in-security-operations?referralCode=mohamedmoufid-f40fe7dbf677

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| fbAsyncInit object| respondentConfig object| _sift object| amplitude object| AWS object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| FB object| recaptcha object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ function| __siftFlashCB undefined| Sift object| PluginDetect

6 Cookies

Domain/Path Name / Value
.respondent.io/ Name: __ssid
Value: b63b561cd6bf2d834c4aa2a7c8e71b8
app.respondent.io/ Name: XSRF-TOKEN
Value: RDjUNTLT-_qJjfdo1FigWRwWdD3EkmiaPJvA
app.respondent.io/ Name: _csrf
Value: 7j7KpyD24oCaT3KLyHX7Ye9J
app.respondent.io/ Name: respondent.referralCode
Value: mohamedmoufid-f40fe7dbf677
.respondent.io/ Name: amplitude_id_16badf325ac9929e44f5d3b0110ff39crespondent.io
Value: eyJkZXZpY2VJZCI6Ijc4YWZkNzEwLTNkYzMtNDFjMi04ODUwLTZlZDdiNjJjZTFjNFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU4MTAwMTkzODk0NywibGFzdEV2ZW50VGltZSI6MTU4MTAwMTkzODk0NywiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
app.respondent.io/ Name: sift.session.id
Value: a80ad32e-95ef-4322-9fc8-c434eac4ba99

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.respondent.io
bit.ly
cdn.amplitude.com
cdn.sift.com
connect.facebook.net
d1e8xkf6doio38.cloudfront.net
fonts.googleapis.com
hexagon-analytics.com
pro.fontawesome.com
www.google.com
www.gstatic.com
www.youtube.com
13.35.254.213
151.139.128.10
2600:9000:2057:a00:9:a1b5:9d00:21
2a00:1450:4001:809::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::200a
2a00:1450:4001:81b::200e
2a03:2880:f02d:12:face:b00c:0:3
34.102.232.42
34.96.67.224
52.4.250.149
67.199.248.11
1ba5e9d4c0bb4c5e4906adb2f7db71a6a607bba6575a92622480956d088ac1d6
2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4
3013da9714e7f0978e888d4a0146f737342a93cac01de3b030bc86dc8bd395d6
4e3482a5d74b9409791767bfa2674bdb327cd192685e184dd61a70013596602f
6c994f882dda1b024ffd4940fba018446d12060bb13c70d2abaaf96c9d0548af
8256aae04ad66c308102e01f0c169558baacd4612327cb7435cdf47c6d5e9720
92e0a2ebba1e126c222145ddde2fd5c1311a2d4512e93a0c119b08fb4951b0e4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae
b4aad0255337f6b5656759cfdf8b8b803822d9e6cab1bd9d71e844db7f3fd3b4
bd4478662aab591e53f1da57e38195a56867f79c467a1ff95d532616f200a546
cca4a7a37cbd21cf375e5bbd4b2d64a38128f7eb178693c0f28d0f228c7bc6eb
dafa565b581743f2b5a79210f7d17f36266bac25a74c8cc4cf77ee1bfd6e22d4
fa9bf141d897b5d43066e6d2b496008ad4e8b049f55a2ef0584a040d8b3ae64a