urlscan.io logo urlscan.io
SecurityTrails logo

dkr1.ssisurveys.com Open in urlscan Pro
198.232.218.151  Public Scan

Go To Rescan Add Verdict Report
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Submission: On December 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 198.232.218.151, located in United States and belongs to SSI-EASTCOAST, US. The main domain is dkr1.ssisurveys.com.
This is the only time dkr1.ssisurveys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 198.232.218.151 54823 (SSI-EASTC...)
1 2600:9000:214... 16509 (AMAZON-02)
6 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 184.30.208.188 20940 (AKAMAI-ASN1)
3 23.67.140.99 20940 (AKAMAI-ASN1)
2 52.72.36.5 14618 (AMAZON-AES)
17 7
2    198.232.218.151 (United States)

ASN54823 (SSI-EASTCOAST, US)
dkr1.ssisurveys.com
1    2600:9000:214f:7c00:2:a292:3200:21 (United States)

ASN16509 (AMAZON-02, US)
d33v6l14qb5ww8.cloudfront.net
6    2600:9000:2156:1400:12:e77a:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1wey2f3vomiar.cloudfront.net
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    184.30.208.188 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-208-188.deploy.static.akamaitechnologies.com
c.betrad.com
3    23.67.140.99 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-67-140-99.deploy.static.akamaitechnologies.com
c.evidon.com
2    52.72.36.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-36-5.compute-1.amazonaws.com
l.betrad.com
Domain Requested by
6 d1wey2f3vomiar.cloudfront.net dkr1.ssisurveys.com
3 c.evidon.com c.betrad.com
dkr1.ssisurveys.com
2 l.betrad.com dkr1.ssisurveys.com
2 www.google-analytics.com dkr1.ssisurveys.com
2 dkr1.ssisurveys.com dkr1.ssisurveys.com
1 c.betrad.com dkr1.ssisurveys.com
1 d33v6l14qb5ww8.cloudfront.net dkr1.ssisurveys.com
17 7

This site contains links to these domains. Also see Links.

Domain
rules.ssisurveys.com
Subject Issuer Validity Valid
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.evidon.com
DigiCert Secure Site ECC CA-1		 2020-04-29 -
2021-07-29		 a year crt.sh
l.betrad.com
Go Daddy Secure Certificate Authority - G2		 2019-04-25 -
2021-06-24		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Frame ID: 1CCADD041DBA13DE9E33613383C3041A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

17
Requests

47 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

112 kB
Transfer

271 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 9
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1913853686&utmhn=dkr1.ssisurveys.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Would%20you%20like%20your%20opinion%20heard%3F&utmhid=1496311061&utmr=-&utmp=%2Fsfc%2FidentifyViewPage&utmht=1606879477266&utmac=UA-18999801-1&utmcc=__utma%3D54328253.1210099930.1606879477.1606879477.1606879477.1%3B%2B__utmz%3D54328253.1606879477.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1347820698&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1913853686&utmhn=dkr1.ssisurveys.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Would%20you%20like%20your%20opinion%20heard%3F&utmhid=1496311061&utmr=-&utmp=%2Fsfc%2FidentifyViewPage&utmht=1606879477266&utmac=UA-18999801-1&utmcc=__utma%3D54328253.1210099930.1606879477.1606879477.1606879477.1%3B%2B__utmz%3D54328253.1606879477.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1347820698&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAAAAE~

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set estart
dkr1.ssisurveys.com/projects/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
198.232.218.151 , United States, ASN54823 (SSI-EASTCOAST, US),
Reverse DNS
Software
WildFly/10 / Undertow/1 JSP/2.3
Resource Hash
9b672056272644a8376aaa21bc18bf613fb11764bc5818fd3ec11b98dc3ae5eb

Request headers

Host
dkr1.ssisurveys.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Cache-Control
no-store
X-Powered-By
Undertow/1 JSP/2.3
Set-Cookie
SESSION=886ea25a-3b4c-4591-97f0-5db659444a91; path=/; HttpOnly
Server
WildFly/10
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
Date
Wed, 02 Dec 2020 03:24:37 GMT
style.css
d33v6l14qb5ww8.cloudfront.net/web/sourceStyles/invo-responsive/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d33v6l14qb5ww8.cloudfront.net/web/sourceStyles/invo-responsive/style.css
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7c00:2:a292:3200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
757e56c0b9555233c70db392190c783cfd12ad30f0e094912a699ffdd53bd474

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 28 Nov 2020 14:07:43 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified
Fri, 31 Jul 2020 13:52:28 GMT
server
AmazonS3
age
307015
etag
"ad37aa1f9c51084352aed707ce92550d"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=604800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
10534
x-amz-cf-id
1SgmN3uoOQMH6vuMRTCT5TWQ0YuxCtuVRcsAHQEcMkOuUPEvTS6GFw==
RVIDWrapperAjaxSSI9_05212020.js
d1wey2f3vomiar.cloudfront.net/scripts/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1wey2f3vomiar.cloudfront.net/scripts/RVIDWrapperAjaxSSI9_05212020.js
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
2600:9000:2156:1400:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb25a06dadda5720c7e5c93234659c7d61a40061ff40f6a9cc9cfc053a1d02be

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 29 Nov 2020 23:02:41 GMT
Content-Encoding
gzip
Age
188516
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 15 Jul 2020 17:01:26 GMT
Server
AmazonS3
ETag
W/"b5531ce50eb5daa4a77605e544f3f480"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
0RAu3FmEb5u-vATLR85ZcNqFhxFu5A3AhJr-C0APUwgXZ5prYUWATg==
jquery-1.7.1.min.js
d1wey2f3vomiar.cloudfront.net/scripts/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1wey2f3vomiar.cloudfront.net/scripts/jquery-1.7.1.min.js
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
2600:9000:2156:1400:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 17:25:39 GMT
Content-Encoding
gzip
Age
295139
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 15 Jul 2020 17:01:26 GMT
Server
AmazonS3
ETag
W/"db2cccefedcc741a45a582e91a5afe8d"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
t0E1Fza14XrbZx1bFAZ8ke9Lfq0_GeX4-riDgiq-z2YUJLcIrGevPg==
json2.min.js
d1wey2f3vomiar.cloudfront.net/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1wey2f3vomiar.cloudfront.net/scripts/json2.min.js
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
2600:9000:2156:1400:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b49812ec1043eccb7258e91c5eea868318481f1642036f7cf88f6162703277e3

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 00:15:07 GMT
Content-Encoding
gzip
Age
356971
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 15 Jul 2020 17:01:26 GMT
Server
AmazonS3
ETag
W/"ba3293970e13b03a2ea92f5b6b5bf544"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
LAz0iHCDjylfzQ4AL1A1gJTVHC6YREAdpUEhoseMovHXbNBmhtqglg==
sfc-1.2.3.js
d1wey2f3vomiar.cloudfront.net/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1wey2f3vomiar.cloudfront.net/scripts/sfc-1.2.3.js
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
2600:9000:2156:1400:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af50e2d39fadfc18e5e1b4ddf9c59a8b6cb83d90cadc3fb1589649294f77b16f

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 14:47:12 GMT
Content-Encoding
gzip
Age
563846
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 15 Jul 2020 17:01:26 GMT
Server
AmazonS3
ETag
W/"dffd874922e1f983b4d81ea0aeaf83ce"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
fLlf8-V2nRkD2DontMDGsizN94kX89hXsk9H4yMv_m641GSGaOiUzw==
ico_dob.gif
d1wey2f3vomiar.cloudfront.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d1wey2f3vomiar.cloudfront.net/images/ico_dob.gif
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
2600:9000:2156:1400:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
335758d2a12e827763b542ba0d7d7c550504df07ff707953ff3b3b85224b9543

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 04 Nov 2020 18:37:43 GMT
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 15 Jul 2020 17:01:51 GMT
Server
AmazonS3
Age
2364415
ETag
"b88e6e33edebfb84b70f33b4068d3cc0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
1196
X-Amz-Cf-Id
Q1yXQyGbuctX40C-Yl5sC_7pXDyOcRu16778bSJiXYswsgMABInhiA==
next.gif
d1wey2f3vomiar.cloudfront.net/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d1wey2f3vomiar.cloudfront.net/images/next.gif
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
2600:9000:2156:1400:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cb313e225e1dcd3b18853c8e86586af50ed15309767e4dcf662d838756d8c8c

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Mon, 09 Nov 2020 22:53:35 GMT
Via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 15 Jul 2020 17:01:51 GMT
Server
AmazonS3
Age
1917063
ETag
"dd31420c74e659bd61c640b8bd8fe85f"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
1121
X-Amz-Cf-Id
qC2zj52GiXq-DUtppT6hxvFkd11jKJ7NmL0ubdyfCO9fYeC9FOn4kQ==
en_US
dkr1.ssisurveys.com/sfcws/consent/subpanels/0/locales/ 		386 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dkr1.ssisurveys.com/sfcws/consent/subpanels/0/locales/en_US
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
HTTP/1.1
Server
198.232.218.151 , United States, ASN54823 (SSI-EASTCOAST, US),
Reverse DNS
Software
/
Resource Hash
1270224bcbf830f1f295cd18a9b5326f8f17da4123a4bfff0c5f76c059c6d5eb

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 03:24:37 GMT
Cache-Control
max-age=7200, private
Connection
keep-alive
Content-Length
386
Content-Type
text/plain;charset=UTF-8
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5340
date
Wed, 02 Dec 2020 01:55:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 02 Dec 2020 03:55:37 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1913853686&utmhn=dkr1.ssisurveys.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=W...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1913853686&utmhn=dkr1.ssisurveys.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1913853686&utmhn=dkr1.ssisurveys.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Would%20you%20like%20your%20opinion%20heard%3F&utmhid=1496311061&utmr=-&utmp=%2Fsfc%2FidentifyViewPage&utmht=1606879477266&utmac=UA-18999801-1&utmcc=__utma%3D54328253.1210099930.1606879477.1606879477.1606879477.1%3B%2B__utmz%3D54328253.1606879477.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1347820698&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 03:24:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1913853686&utmhn=dkr1.ssisurveys.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Would%20you%20like%20your%20opinion%20heard%3F&utmhid=1496311061&utmr=-&utmp=%2Fsfc%2FidentifyViewPage&utmht=1606879477266&utmac=UA-18999801-1&utmcc=__utma%3D54328253.1210099930.1606879477.1606879477.1606879477.1%3B%2B__utmz%3D54328253.1606879477.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1347820698&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
h1.js
c.betrad.com/geo/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.betrad.com/geo/h1.js
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/sfcws/consent/subpanels/0/locales/en_US
Protocol
HTTP/1.1
Server
184.30.208.188 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-208-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
142e887a7aaaf0b5bb5a1ac342133a63bc2b9f9e80b90b9014f67f3d11813711

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 02 Dec 2020 03:24:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Oct 2019 16:47:16 GMT
Server
AkamaiNetStorage
ETag
"0474fb94c9b4df5d34cc37e8427323c1:1571935638"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5219
1508.js
c.evidon.com/pub/c/1696/ 		1 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/pub/c/1696/1508.js
Requested by
Host: c.betrad.com
URL: http://c.betrad.com/geo/h1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6061c0f49afe47a9c6870f277f5314fa6db3f1d13a5f6f2ecce2fbb394cce5d8

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 03:24:37 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 01:55:12 GMT
server
AkamaiNetStorage
etag
"50fc97ff82f7a02b21c63b2235d28737:1602122112.505781"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
*
content-length
706
p.gif
l.betrad.com/pub/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/pub/p.gif?pid=1508&ocid=1696&ii=1&nt=2&d=1&mb=0&r=0.9135708423963391
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.36.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-36-5.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 03:24:37 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
ric-close.png
c.evidon.com/pub/ 		526 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/ric-close.png
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
71d29817ccc89f5d51c79aefcb62f23c28e0300ab5702adc6e4b5c3d461e7922

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 03:24:37 GMT
content-encoding
gzip
last-modified
Wed, 16 May 2012 20:44:04 GMT
server
AkamaiNetStorage
etag
"16f1fe29bb13829c58c21080871b48ce:1337201044"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
549
p.gif
l.betrad.com/pub/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/pub/p.gif?pid=1508&ocid=1696&ii=1&nt=1&d=1&mb=0&r=0.364069857071192
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.36.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-36-5.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 03:24:37 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
bg1.png
c.evidon.com/pub/ 		166 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/bg1.png
Requested by
Host: dkr1.ssisurveys.com
URL: http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9f68a41bd701e49dfdb3c4ae493f679d9269a3e694647dc6d0644525693da0c7

Request headers

Referer
http://dkr1.ssisurveys.com/projects/estart?ekey=XLepKuan2LPnROT8vUsn_w**&transaction_id=1226205898
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 03:24:37 GMT
content-encoding
gzip
last-modified
Fri, 20 Apr 2012 19:51:42 GMT
server
AkamaiNetStorage
etag
"bbae2eeba0d9d0608ec2f6ee9e047c75:1334951502"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
175

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| RVIDPrivacy number| rand_no5 string| prot string| panelID boolean| ajaxCall boolean| dev2 number| rand_no2 undefined| bObj string| hasRIF string| pih1 string| fh1 number| dfCount string| tempDF number| newTrack string| __xe1913148__ number| _hpd object| initialManipulableInputValues undefined| s undefined| head1 undefined| script11 object| relevantId object| swfobject object| PluginDetect string| CaptureString string| userAgent boolean| isIE boolean| isWin boolean| isMac boolean| is_iPhone boolean| is_iPod boolean| isLinux boolean| isAndroid boolean| isOpera boolean| isChrome boolean| isSafari boolean| isFF boolean| isAOL number| counter object| body1 number| jsver object| BrowserDetect string| propertyString1 function| FontDetector function| sendLogMessageAsync function| createXMLHttpRequest function| getManipulableInputValues function| getManipulatedInputFields function| isMigratedClient function| addValue function| unSaltify function| getCNprint function| checkTime function| checkTimeTime function| getDateTime function| addCapValue function| getBrowserTime function| getBrowserTimeMS function| detectUnityWebPlayer function| getOS function| checkIframes function| getSilverlightVersion function| getSilverlightMajorVersion function| detectSilverlight function| detectDirector function| getDirectorVersion function| getWindowsMediaVersion function| detectWindowsMedia function| isFlip4MacInstalled function| Flip4MacVersion function| getFlashInfo function| canDetectNavigatorPlugins function| detectPlugin function| createScriptTag function| getJavascriptVersion function| BrowserInfo function| Get_Cookie function| Set_Cookie function| GetFontSize function| getTimeZoneDiff function| getJavaScriptBuild function| getBrowserBuild function| getNetMeetingBuild function| getServicePack function| getUserLanguage function| getSystemLanguage function| detectGecko function| getGeckoBuildDateToInt function| getConnectionType function| supportsDHTML function| supportsXMLHttpRequest function| supportsXML function| getAolVersion function| isEmailCrawler function| canUploadFile function| persistentCookies function| sessionCookies function| getDataPoints function| isMobile function| isMobile1 function| getScore function| setHoPoDetection function| tochar object| jstz number| RVIDTrack object| object object| C object| ZZZ function| fontinstalled object| f object| MobileOSArray object| MobileType object| isThisMobile object| browserobject object| ma function| $ function| jQuery object| com object| _gaq object| _gat object| gaGlobal object| __ev_hover

9 Cookies

Domain/Path Name / Value
.ssisurveys.com/ Name: __ric_sc1508
Value: 1
.ssisurveys.com/ Name: __ric_c1508
Value: 1
.dkr1.ssisurveys.com/ Name: __utmz
Value: 54328253.1606879477.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.dkr1.ssisurveys.com/ Name: __utmc
Value: 54328253
.dkr1.ssisurveys.com/ Name: __utmt
Value: 1
dkr1.ssisurveys.com/ Name: ISIStest
Value: it%20works
.dkr1.ssisurveys.com/ Name: __utmb
Value: 54328253.1.10.1606879477
.dkr1.ssisurveys.com/ Name: __utma
Value: 54328253.1210099930.1606879477.1606879477.1606879477.1
dkr1.ssisurveys.com/ Name: SESSION
Value: 886ea25a-3b4c-4591-97f0-5db659444a91

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.betrad.com
c.evidon.com
d1wey2f3vomiar.cloudfront.net
d33v6l14qb5ww8.cloudfront.net
dkr1.ssisurveys.com
l.betrad.com
www.google-analytics.com
184.30.208.188
198.232.218.151
23.67.140.99
2600:9000:214f:7c00:2:a292:3200:21
2600:9000:2156:1400:12:e77a:88c0:21
2a00:1450:4001:80b::200e
52.72.36.5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1270224bcbf830f1f295cd18a9b5326f8f17da4123a4bfff0c5f76c059c6d5eb
142e887a7aaaf0b5bb5a1ac342133a63bc2b9f9e80b90b9014f67f3d11813711
335758d2a12e827763b542ba0d7d7c550504df07ff707953ff3b3b85224b9543
6061c0f49afe47a9c6870f277f5314fa6db3f1d13a5f6f2ecce2fbb394cce5d8
71d29817ccc89f5d51c79aefcb62f23c28e0300ab5702adc6e4b5c3d461e7922
757e56c0b9555233c70db392190c783cfd12ad30f0e094912a699ffdd53bd474
7cb313e225e1dcd3b18853c8e86586af50ed15309767e4dcf662d838756d8c8c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f
9b672056272644a8376aaa21bc18bf613fb11764bc5818fd3ec11b98dc3ae5eb
9f68a41bd701e49dfdb3c4ae493f679d9269a3e694647dc6d0644525693da0c7
af50e2d39fadfc18e5e1b4ddf9c59a8b6cb83d90cadc3fb1589649294f77b16f
b49812ec1043eccb7258e91c5eea868318481f1642036f7cf88f6162703277e3
cb25a06dadda5720c7e5c93234659c7d61a40061ff40f6a9cc9cfc053a1d02be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855