dkr1.ssisurveys.com Open in urlscan Pro
208.53.56.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://44652.clicks.dattanet.com/track/click?u=2507210&p=34343635323a3135373a3133323a303a333a30&s=663345e5768dfbf3825d1ec...
Effective URL:
https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP31457XO
Submission: On June 26 via api (June 26th 2021, 12:42:48 am UTC) from ES

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 208.53.56.105, located in United States and belongs to DATABANK-SLC, US. The main domain is dkr1.ssisurveys.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on August 22nd 2020. Valid for: 2 years.

This is the only time dkr1.ssisurveys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	200.58.97.252 200.58.97.252	27823 (Dattatec.com) (Dattatec.com)
3 6	52.254.13.109 52.254.13.109	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.212.145.80 34.212.145.80	16509 (AMAZON-02) (AMAZON-02)
1 3	208.53.56.105 208.53.56.105	13951 (DATABANK-SLC) (DATABANK-SLC)
5	2600:9000:210... 2600:9000:2104:aa00:12:e77a:88c0:21	16509 (AMAZON-02) (AMAZON-02)
2	52.21.97.179 52.21.97.179	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:210... 2600:9000:2104:3e00:17:5070:d6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
15	6

1 200.58.97.252 (Rosario, Argentina) 1 redirects

ASN27823 (Dattatec.com, AR)
PTR: reads.ferozo.com

44652.clicks.dattanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.254.13.109 (Boydton, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

smartsight.mdforlives.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.212.145.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-145-80.us-west-2.compute.amazonaws.com

borderless.survalidate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.53.56.105 (United States) 1 redirects

ASN13951 (DATABANK-SLC, US)
PTR: 208-53-56-105.c7dc.com

dkr1.ssisurveys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2104:aa00:12:e77a:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wey2f3vomiar.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.97.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-97-179.compute-1.amazonaws.com

rvid.imperium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:3e00:17:5070:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

darwin-assets.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	mdforlives.com 3 redirects smartsight.mdforlives.com	75 KB
5	cloudfront.net d1wey2f3vomiar.cloudfront.net	65 KB
3	ssisurveys.com 1 redirects dkr1.ssisurveys.com	15 KB
2	imperium.com rvid.imperium.com	2 KB
2	survalidate.com borderless.survalidate.com	145 KB
1	dynata.com darwin-assets.dynata.com	230 KB
1	dattanet.com 1 redirects 44652.clicks.dattanet.com	428 B
15	7

	Domain	Requested by
6	smartsight.mdforlives.com	3 redirects smartsight.mdforlives.com
5	d1wey2f3vomiar.cloudfront.net	dkr1.ssisurveys.com
3	dkr1.ssisurveys.com	1 redirects
2	rvid.imperium.com	d1wey2f3vomiar.cloudfront.net
2	borderless.survalidate.com	smartsight.mdforlives.com borderless.survalidate.com
1	darwin-assets.dynata.com	dkr1.ssisurveys.com
1	44652.clicks.dattanet.com	1 redirects
15	7

This site contains no links.

Subject Issuer	Validity	Valid
smartsight.mdforlives.com Go Daddy Secure Certificate Authority - G2	`2021-05-10` - `2022-05-10`	a year	crt.sh
*.survalidate.com Go Daddy Secure Certificate Authority - G2	`2021-01-28` - `2022-03-01`	a year	crt.sh
*.imperium.com Amazon	`2021-03-24` - `2022-04-22`	a year	crt.sh
*.ssisurveys.com DigiCert SHA2 High Assurance Server CA	`2020-08-22` - `2022-09-14`	2 years	crt.sh
*.dynata.com Amazon	`2021-06-16` - `2022-07-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP31457XO
Frame ID: 3F49B061B39ED8F1E6E684D39A211DD7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://44652.clicks.dattanet.com/track/click?u=2507210&p=34343635323a3135373a3133323a303a333a30&s=663... HTTP 302
https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO?utm_source=email_marketing... HTTP 302
https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=Exter... Page URL
https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=Exter... HTTP 302
https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO HTTP 302
http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP31457XO Page URL
https://dkr1.ssisurveys.com/projects/estart?execution=e1s1&sfcSessionID=f91b6f63-9feb-4d4b-b53c-b5fe89b3... HTTP 302
https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP314... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

15
Requests

60 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

528 kB
Transfer

786 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://44652.clicks.dattanet.com/track/click?u=2507210&p=34343635323a3135373a3133323a303a333a30&s=663345e5768dfbf3825d1ec67f501e3c&m=105648 HTTP 302
https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO?utm_source=email_marketing&utm_admin=44652&utm_medium=email&utm_campaign=Invitacin_Mx_Investigacin_REMUNERADA_sobre_tratamiento_cardiovascular_y_Diabetes_Mx HTTP 302
https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Page URL
https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 HTTP 302
https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO HTTP 302
http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP31457XO Page URL
https://dkr1.ssisurveys.com/projects/estart?execution=e1s1&sfcSessionID=f91b6f63-9feb-4d4b-b53c-b5fe89b3071e HTTP 302
https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP31457XO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://44652.clicks.dattanet.com/track/click?u=2507210&p=34343635323a3135373a3133323a303a333a30&s=663345e5768dfbf3825d1ec67f501e3c&m=105648 HTTP 302
https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO?utm_source=email_marketing&utm_admin=44652&utm_medium=email&utm_campaign=Invitacin_Mx_Investigacin_REMUNERADA_sobre_tratamiento_cardiovascular_y_Diabetes_Mx HTTP 302
https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0

Request Chain 5

https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 HTTP 302
https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO HTTP 302
http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP31457XO

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	UserValidationByRelevantID.aspx Show response smartsight.mdforlives.com/ Redirect Chain http://44652.clicks.dattanet.com/track/click?u=2507210&p=34343635323a3135373a3133323a303a333a30&s=663345e5768dfbf3825d1ec67f501e3c&m=105648 https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO?utm_source=email_marketing&utm_admin=44652&utm_medium=email&utm_campaign=Invitacin_Mx_Investigacin_REMUNERADA_sob... https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0	20 KB 6 KB	112ms 111ms	Document text/html	52.254.13.109 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.254.13.109 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `5747e9f2bdb6b9463c948a5a719f7f37759e9e758a812380cd2e82b13bebdc86` Request headers Host smartsight.mdforlives.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie ASP.NET_SessionId=ukucctsu3dv4s55qzcv2zzgr Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Sat, 26 Jun 2021 00:42:26 GMT Content-Length 5480 Redirect headers Cache-Control private Content-Type text/html; charset=utf-8 Location /UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Server Microsoft-IIS/8.5 Set-Cookie ASP.NET_SessionId=ukucctsu3dv4s55qzcv2zzgr; path=/; HttpOnly; SameSite=Lax X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Sat, 26 Jun 2021 00:42:26 GMT Content-Length 276
GET H/1.1	200 OK	jquery-1.4.1.js Show response smartsight.mdforlives.com/Scripts/	165 KB 62 KB	324ms 323ms	Script application/javascript	52.254.13.109 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://smartsight.mdforlives.com/Scripts/jquery-1.4.1.js Requested by Host: smartsight.mdforlives.com URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.254.13.109 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `dc3179f2efb03048915ced7e0ea8fbb7789a3a9d8b39bf2bdd4ecc67697f0c5f` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host smartsight.mdforlives.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Cookie ASP.NET_SessionId=ukucctsu3dv4s55qzcv2zzgr Connection keep-alive Referer https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 26 Jun 2021 00:42:27 GMT Content-Encoding gzip Last-Modified Sat, 16 Jul 2016 05:18:25 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "402fdb7a21dfd11:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 62784
GET H/1.1	200 OK	WebResource.axd Show response smartsight.mdforlives.com/	23 KB 6 KB	401ms 194ms	Script application/x-javascript	52.254.13.109 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://smartsight.mdforlives.com/WebResource.axd?d=dENVm5uYIMecUqaDDff36Pa3d74acxmrIqr-OY5iTmXpxneG7_mkmPIkB81MYKtw-V9XM3t1gLIpe-VXS2irjegjqm8HDitijYTb9_l3xb41&t=637110068437816177 Requested by Host: smartsight.mdforlives.com URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.254.13.109 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host smartsight.mdforlives.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Cookie ASP.NET_SessionId=ukucctsu3dv4s55qzcv2zzgr Connection keep-alive Referer https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 26 Jun 2021 00:42:27 GMT Content-Encoding gzip Last-Modified Wed, 04 Dec 2019 02:54:03 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public Content-Length 6007 Expires Sat, 25 Jun 2022 23:08:07 GMT
GET H/1.1	200 OK	sv2.js Show response borderless.survalidate.com/	144 KB 144 KB	571ms 186ms	Script text/javascript	34.212.145.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://borderless.survalidate.com/sv2.js Requested by Host: smartsight.mdforlives.com URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.212.145.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-212-145-80.us-west-2.compute.amazonaws.com Software Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / Resource Hash `ca8d871ecd7d411935efcb5b0ed3a9a17a1cc65ce31b328ed79c06050bccbd5e` Request headers Referer https://smartsight.mdforlives.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 26 Jun 2021 00:42:27 GMT Last-Modified Wed, 11 Nov 2020 13:19:28 GMT Server Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 ETag "24076-5b3d4a51af800" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 147574
GET H/1.1	200 OK	callfunction-2_1.php Show response borderless.survalidate.com/	404 B 833 B	525ms 524ms	Script text/html	34.212.145.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://borderless.survalidate.com/callfunction-2_1.php?cid=BRLSSVOP&caid=3065&paid=UB3436UD41431NGKU6408GH18068TN&st1=1624668148&xlist=0;Windows%2010;Chrome;89.0.4389.72;89.0;89;0;0;0;0;0;0;0;0;0;yes;1600;1600;1200;1200;24;24;20;2;0;0;0;0;0;0;en-US;true;0;true;true;true;0;0;Yes;1;1;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;1624668148959;Saturday,%20June%2026,%202021%202:42:28;0;0;0;0;0;&fp=4e554e005d2f5c0b6972780599adace1&daid=61c4b5f167d43cac826fa0fa5f6c6e03&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72&language=en-US&color_depth=24&pixel_ratio=1&hardware_concurrency=12&resolution=1600,1200&available_resolution=1600,1200&timezone_offset=-120&session_storage=1&indexed_db=1&cpu_class=unknown&navigator_platform=Linux%20x86_64&do_not_track=unknown&regular_plugins=&canvas=canvas%20winding:yes~canvas%20fp:data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB9AAAADICAYAAACwGnoBAAAgA&adblock=false&has_lied_languages=false&has_lied_resolution=false&has_lied_os=true&has_lied_browser=false&touch_support=0,false,false&js_fonts=Andale%20Mono,Arial,Arial%20Black,Bitstream%20Vera%20Sans%20Mono,Calibri,Cambria,Comic%20Sans%20MS,Courier,Courier&LocalIP= Requested by Host: borderless.survalidate.com URL: https://borderless.survalidate.com/sv2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.212.145.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-212-145-80.us-west-2.compute.amazonaws.com Software Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33 Resource Hash `ee6025e704a28e41787187e8b7e09f1a74370e627356640d8d8db704f0cc5006` Request headers Referer https://smartsight.mdforlives.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 26 Jun 2021 00:42:29 GMT Server Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 X-Powered-By PHP/7.0.33 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 404 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	Cookie set estart Show response dkr1.ssisurveys.com/projects/ Redirect Chain https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0 https://smartsight.mdforlives.com/Survey/AFE5D634922C6D8B455F8BD44A0A9A14/ID=CODIGO http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO**	4 KB 4 KB	391ms 365ms	Document text/html	208.53.56.105 DATABANK-SLC
General Check archive.org Show headers Download Go to Full URL http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol HTTP/1.1 Server 208.53.56.105 , United States, ASN13951 (DATABANK-SLC, US), Reverse DNS 208-53-56-105.c7dc.com Software WildFly/10 / Undertow/1 JSP/2.3 Resource Hash `13b7d2fc75fba1f194c6472cdea652c8b7196168cd04f393fa998d8821fd082d` Request headers Host dkr1.ssisurveys.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept** text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 Origin https://smartsight.mdforlives.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 26 Jun 2021 00:42:30 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-store X-Powered-By Undertow/1 JSP/2.3 Set-Cookie SESSION=f91b6f63-9feb-4d4b-b53c-b5fe89b3071e; path=/; HttpOnly Server WildFly/10 Redirect headers Cache-Control private Content-Type text/html; charset=utf-8 Location http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Date Sat, 26 Jun 2021 00:42:30 GMT Content-Length** 2744
GET H/1.1	200 OK	loader.gif d1wey2f3vomiar.cloudfront.net/images/	2 KB 2 KB	40ms 15ms	Image image/gif	2600:9000:2104:aa00:12:e77a:88c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://d1wey2f3vomiar.cloudfront.net/images/loader.gif Requested by Host: dkr1.ssisurveys.com URL: http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol HTTP/1.1 Server 2600:9000:2104:aa00:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `a41e7043b455f67ca63b6a6ff98f8cb9fda13e7ab3072ad2eb1d18114d0df851` Request headers Referer http://dkr1.ssisurveys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 Date Wed, 09 Jun 2021 08:14:37 GMT Via 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront) Connection keep-alive Last-Modified Thu, 25 Mar 2021 14:08:58 GMT Server AmazonS3 Age 1441674 ETag "b7998fb83f2426a89721ce30d2a7bdc5" X-Cache Hit from cloudfront Content-Type image/gif Cache-Control max-age=2592000 X-Amz-Cf-Pop AMS1-C1 Accept-Ranges bytes Content-Length 1924 X-Amz-Cf-Id** i2dW3aBLugtzKxK3DNzfHLQXHTrr_BrQ2uEfA5olbkUNuhUMVEP6ig==
GET H/1.1	200 OK	RVIDWrapperAjaxSSI9_03242021.js Show response d1wey2f3vomiar.cloudfront.net/scripts/	86 KB 25 KB	36ms 13ms	Script application/javascript	2600:9000:2104:aa00:12:e77a:88c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1wey2f3vomiar.cloudfront.net/scripts/RVIDWrapperAjaxSSI9_03242021.js Requested by Host: dkr1.ssisurveys.com URL: http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol HTTP/1.1 Server 2600:9000:2104:aa00:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `c8593ab793ba45fa607680b9607a7e0a1acfbd74737f70c6b71533846dadd2bf` Request headers Referer http://dkr1.ssisurveys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 23 Jun 2021 09:25:26 GMT Content-Encoding gzip Age 227825 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 25 Mar 2021 14:08:00 GMT Server AmazonS3 ETag W/"42c6de5fcbbf64586958e5fae4423e79" Vary Accept-Encoding Content-Type application/javascript Via 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront) Cache-Control max-age=604800 X-Amz-Cf-Pop AMS1-C1 X-Amz-Cf-Id** 2lllzhi3SCnVAQCIGSGmL7mSxSNJfRTp46Ahc8jJmR29s6YaEq_A3g==
GET H/1.1	200 OK	jquery-1.7.1.min.js Show response d1wey2f3vomiar.cloudfront.net/scripts/	92 KB 33 KB	37ms 13ms	Script application/javascript	2600:9000:2104:aa00:12:e77a:88c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1wey2f3vomiar.cloudfront.net/scripts/jquery-1.7.1.min.js Requested by Host: dkr1.ssisurveys.com URL: http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol HTTP/1.1 Server 2600:9000:2104:aa00:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f` Request headers Referer http://dkr1.ssisurveys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 19 Jun 2021 16:12:45 GMT Content-Encoding gzip Age 548986 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 25 Mar 2021 14:08:00 GMT Server AmazonS3 ETag W/"db2cccefedcc741a45a582e91a5afe8d" Vary Accept-Encoding Content-Type application/javascript Via 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront) Cache-Control max-age=604800 X-Amz-Cf-Pop AMS1-C1 X-Amz-Cf-Id** C3kfud-_bHeqOEdPk3IFURe93xCyJ7zjtVM0UGp3LQhOlSOcquYMAw==
GET H/1.1	200 OK	json2.min.js Show response d1wey2f3vomiar.cloudfront.net/scripts/	3 KB 2 KB	37ms 14ms	Script application/javascript	2600:9000:2104:aa00:12:e77a:88c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1wey2f3vomiar.cloudfront.net/scripts/json2.min.js Requested by Host: dkr1.ssisurveys.com URL: http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol HTTP/1.1 Server 2600:9000:2104:aa00:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `b49812ec1043eccb7258e91c5eea868318481f1642036f7cf88f6162703277e3` Request headers Referer http://dkr1.ssisurveys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 21 Jun 2021 15:01:46 GMT Content-Encoding gzip Age 380445 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 25 Mar 2021 14:08:00 GMT Server AmazonS3 ETag W/"ba3293970e13b03a2ea92f5b6b5bf544" Vary Accept-Encoding Content-Type application/javascript Via 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront) Cache-Control max-age=604800 X-Amz-Cf-Pop AMS1-C1 X-Amz-Cf-Id** U63gWdVyDEQJlUT6RmZHkvYNAdGR7Vh3Qxmp10Pkvnv-cX8Uw77ZHA==
GET H/1.1	200 OK	sfc-1.2.3.js Show response d1wey2f3vomiar.cloudfront.net/scripts/	8 KB 3 KB	37ms 14ms	Script application/javascript	2600:9000:2104:aa00:12:e77a:88c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1wey2f3vomiar.cloudfront.net/scripts/sfc-1.2.3.js Requested by Host: dkr1.ssisurveys.com URL: http://dkr1.ssisurveys.com/projects/estart?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol HTTP/1.1 Server 2600:9000:2104:aa00:12:e77a:88c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `af50e2d39fadfc18e5e1b4ddf9c59a8b6cb83d90cadc3fb1589649294f77b16f` Request headers Referer http://dkr1.ssisurveys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 20 Jun 2021 22:26:13 GMT Content-Encoding gzip Age 440178 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 25 Mar 2021 14:08:01 GMT Server AmazonS3 ETag W/"dffd874922e1f983b4d81ea0aeaf83ce" Vary Accept-Encoding Content-Type application/javascript Via 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront) Cache-Control max-age=604800 X-Amz-Cf-Pop AMS1-C1 X-Amz-Cf-Id** IdnbQdPMtk6GY9UbMyefKyCh59DoRBc8-lULKAPGOvK_3aJY9xizLg==
POST H2	200	dedupe rvid.imperium.com/	2 KB 2 KB	151ms 151ms	XHR application/json	52.21.97.179 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rvid.imperium.com/dedupe Requested by Host: d1wey2f3vomiar.cloudfront.net URL: http://d1wey2f3vomiar.cloudfront.net/scripts/RVIDWrapperAjaxSSI9_03242021.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.21.97.179 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-97-179.compute-1.amazonaws.com Software Kestrel / Resource Hash Request headers Referer http://dkr1.ssisurveys.com/ X-ClientID F1E4D723-684B-4CF7-BA40-7D1D542E19C2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Sat, 26 Jun 2021 00:42:31 GMT server Kestrel content-length 1701 content-type application/json; charset=utf-8
OPTIONS H2	204	dedupe rvid.imperium.com/	0 0	322ms 104ms	Preflight	52.21.97.179 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rvid.imperium.com/dedupe Protocol H2 Server 52.21.97.179 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-21-97-179.compute-1.amazonaws.com Software Kestrel / Resource Hash Request headers Accept / Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-clientid Origin http://dkr1.ssisurveys.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Sat, 26 Jun 2021 00:42:31 GMT server Kestrel access-control-allow-headers content-type,x-clientid access-control-allow-methods POST access-control-allow-origin *
GET H/1.1	200 OK	Primary Request eprefine Show response dkr1.ssisurveys.com/projects/ Redirect Chain https://dkr1.ssisurveys.com/projects/estart?execution=e1s1&sfcSessionID=f91b6f63-9feb-4d4b-b53c-b5fe89b3071e https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO**	8 KB 8 KB	434ms 434ms	Document text/html	208.53.56.105 DATABANK-SLC
General Check archive.org Show headers Download Go to Full URL https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.53.56.105 , United States, ASN13951 (DATABANK-SLC, US), Reverse DNS 208-53-56-105.c7dc.com Software WildFly/10 / Undertow/1 JSP/2.3 Resource Hash `21eb6262689c647f66e42c2f12673989627b8a3b9c49a54e48972e04d53120c1` Request headers Host dkr1.ssisurveys.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept** text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://dkr1.ssisurveys.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie RVIDExtId=96DDA133-BB3A-4E2D-BF00-58A08C2A32C0; SESSION=f91b6f63-9feb-4d4b-b53c-b5fe89b3071e; dkp___eid=94mUddoHeevS9RA6_ngvzA*; dkp___params=ZWtleT1QSVMyYmthWVllREgwZUtkSjljRXR3KiomaWQ9VlgyMDA1UlA4NTM3T1dHQzQ5MzhKUDMxNDU3WE8; dkp___pid=VlgyMDA1UlA4NTM3T1dHQzQ5MzhKUDMxNDU3WE8; sfcRelevantId=H4sIAAAAAAAAAIVW21LjOBD9lZSfE8o3jMlbSDYDszA7NQzL1rxsKZZsCyzJK8m5MMW_b0u2YoWBXaqAalnqy-nTR_oZSNKQLeL6Bq-QRsH8Z8BQUVNOblbBPLjMVqtFlCSzq6tkMUt_i1ezq3UYzs7zRZgv40USL8Ng6o7cF0KSYH6ZT4OKiJt2KTqu5QH8rL_BLiwYojyY865ppsFGip0i8hbx6g9l_t5RxZAuardB2NVPRLz94J1856umjPwQnPziriyvRSfV0W4J_yrF_uAWSok6PJQQxeE0KFCrO0kcLko1UElkCiFbWhB9aGFnYOovG6RqwtGmIXhYUkQpKnghxDMlajj4S8w9Mz617Ah8RZ2uhdwh6dwy9CTklkgw80uwaYswtlZ8FoXwm59FUWoSoqpt0OGAW4oK3aFmcFATWtXaBI9Dm6dXolkL_gNlTCUptJCDK8i01rqV5J-OKD0mDahASLp1Obe8Goot-u5zxIhjQNmWUQhGiRpFBjv2bKjVgObqNZ-jMRQjmCJTJ3FJmQ2plwttwEMz1Ow2JF6Atge__ya4VkwIDdSthrUByP1bID3P8J_sh-W-8n0BnqRolM-GAQQvZ_8gExsKXLE88tIrqDbZfUWSqsAMUfEsNh1tMEbaAdwgTXWHjZnmZ_l5kkahRZtBc5SqXmg7xIYZMf5bVDwPZ81svMBsYFqWsBQ7RJSWIwaFaITEpNWmhtjQ6wltkSokbfXIcRNgR7Gu4Ru1g5GFfXq86pTtEOGzh3uDkmjGxr5BuREVLY4wbzdvw1iKvplcG3aMCAx8JgdFX3pS5yYx1DK0xwDfsDzsO_XbN2EY45Gwjqwdh27syOaEcUz1IxuO-wuBjwS31aPKhYQ8VGdr2hBJXdzWgKGgSH2qDt4Un8KiyV4PhdiZZZQ7XTDmoIeGI6bBsHqPQLgwOkwnnztOJnE2ncRhHE3ieRrPExOrEbxyNIrPkjTPwyN1HVEv4ecNVxniXWkmQ9roD_yZix0_ociYl-vmO5wfRMFIFD7iaXyMHXIzARgOsQFns3UWnadJmGZ5krsZ8TS0n8jTRktS9eRbmBO41r7q9hp5ZHEvlA5hoEefJgXpZMdOlQ1tU7j0XENhJkshGZiPlGPoxiRy6pOdllJBk3boKEGw4XxMhSqbhkl9CDS0FqxlLQWzGiE4B2GGgrwLaEPMHfUeG5jNOYvTLMuj8yhJvT0fKL-QRgr-JLxTk6tOwcWu1GQpGIOJKJCJrCa3lFENAPc1nEq6r-hDJCti41CM5SenR9NT08MGrMyzIFH_sjgLz9IE_l3E_dYLz4-7yHz9NVRDbQvtdaLds7OokXyXEC1GY9L5aZaXnvnR60OSkkg5ysgx2kcaqkCUCfPS7WfJB7J3IiQFJbFt6an6vw8r0GPr4XUacLIL5jb3qfcSXMJzjny37OpPbFFD8Q0D4aIduxvfh6YbRksQJngN_LQHjw5rpO4V9bbb9VfTkap_QzzuP22_yNv0EH3ZZ_W-_NF8VnfnLOMXFzldXodX6-u_kejy4qbmrbx-Wl183_yV3NXR7-yxzdfr9cO3Z6l3LTtkcrGptw3qNvnCDIkkFpGVvTeP9I_DLHz9F1qvVRX0CgAA Upgrade-Insecure-Requests* 1 Origin http://dkr1.ssisurveys.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://dkr1.ssisurveys.com/ Response headers Date Sat, 26 Jun 2021 00:42:33 GMT Content-Type text/html;charset=UTF-8 Connection keep-alive Cache-Control no-cache, no-store, max-age=0 X-Powered-By Undertow/1 JSP/2.3 Server WildFly/10 Transfer-Encoding chunked Redirect headers Date Sat, 26 Jun 2021 00:42:32 GMT Content-Type text/html Content-Length 0 Connection keep-alive Cache-Control no-cache, no-store, max-age=0 X-Powered-By Undertow/1 JSP/2.3 Set-Cookie dkp___eid=94mUddoHeevS9RA6_ngvzA*; path=/; Max-Age=31536000; Expires=Sun, 26-Jun-2022 00:42:32 GMT dkp___params=ZWtleT1QSVMyYmthWVllREgwZUtkSjljRXR3KiomaWQ9VlgyMDA1UlA4NTM3T1dHQzQ5MzhKUDMxNDU3WE8; path=/ dkp___pid=VlgyMDA1UlA4NTM3T1dHQzQ5MzhKUDMxNDU3WE8; path=/ sfcRelevantId=H4sIAAAAAAAAAIVW21LjOBD9lZSfE8o3jMlbSDYDszA7NQzL1rxsKZZsCyzJK8m5MMW_b0u2YoWBXaqAalnqy-nTR_oZSNKQLeL6Bq-QRsH8Z8BQUVNOblbBPLjMVqtFlCSzq6tkMUt_i1ezq3UYzs7zRZgv40USL8Ng6o7cF0KSYH6ZT4OKiJt2KTqu5QH8rL_BLiwYojyY865ppsFGip0i8hbx6g9l_t5RxZAuardB2NVPRLz94J1856umjPwQnPziriyvRSfV0W4J_yrF_uAWSok6PJQQxeE0KFCrO0kcLko1UElkCiFbWhB9aGFnYOovG6RqwtGmIXhYUkQpKnghxDMlajj4S8w9Mz617Ah8RZ2uhdwh6dwy9CTklkgw80uwaYswtlZ8FoXwm59FUWoSoqpt0OGAW4oK3aFmcFATWtXaBI9Dm6dXolkL_gNlTCUptJCDK8i01rqV5J-OKD0mDahASLp1Obe8Goot-u5zxIhjQNmWUQhGiRpFBjv2bKjVgObqNZ-jMRQjmCJTJ3FJmQ2plwttwEMz1Ow2JF6Atge__ya4VkwIDdSthrUByP1bID3P8J_sh-W-8n0BnqRolM-GAQQvZ_8gExsKXLE88tIrqDbZfUWSqsAMUfEsNh1tMEbaAdwgTXWHjZnmZ_l5kkahRZtBc5SqXmg7xIYZMf5bVDwPZ81svMBsYFqWsBQ7RJSWIwaFaITEpNWmhtjQ6wltkSokbfXIcRNgR7Gu4Ru1g5GFfXq86pTtEOGzh3uDkmjGxr5BuREVLY4wbzdvw1iKvplcG3aMCAx8JgdFX3pS5yYx1DK0xwDfsDzsO_XbN2EY45Gwjqwdh27syOaEcUz1IxuO-wuBjwS31aPKhYQ8VGdr2hBJXdzWgKGgSH2qDt4Un8KiyV4PhdiZZZQ7XTDmoIeGI6bBsHqPQLgwOkwnnztOJnE2ncRhHE3ieRrPExOrEbxyNIrPkjTPwyN1HVEv4ecNVxniXWkmQ9roD_yZix0_ociYl-vmO5wfRMFIFD7iaXyMHXIzARgOsQFns3UWnadJmGZ5krsZ8TS0n8jTRktS9eRbmBO41r7q9hp5ZHEvlA5hoEefJgXpZMdOlQ1tU7j0XENhJkshGZiPlGPoxiRy6pOdllJBk3boKEGw4XxMhSqbhkl9CDS0FqxlLQWzGiE4B2GGgrwLaEPMHfUeG5jNOYvTLMuj8yhJvT0fKL-QRgr-JLxTk6tOwcWu1GQpGIOJKJCJrCa3lFENAPc1nEq6r-hDJCti41CM5SenR9NT08MGrMyzIFH_sjgLz9IE_l3E_dYLz4-7yHz9NVRDbQvtdaLds7OokXyXEC1GY9L5aZaXnvnR60OSkkg5ysgx2kcaqkCUCfPS7WfJB7J3IiQFJbFt6an6vw8r0GPr4XUacLIL5jb3qfcSXMJzjny37OpPbFFD8Q0D4aIduxvfh6YbRksQJngN_LQHjw5rpO4V9bbb9VfTkap_QzzuP22_yNv0EH3ZZ_W-_NF8VnfnLOMXFzldXodX6-u_kejy4qbmrbx-Wl183_yV3NXR7-yxzdfr9cO3Z6l3LTtkcrGptw3qNvnCDIkkFpGVvTeP9I_DLHz9F1qvVRX0CgAA; path=/; HttpOnly; Max-Age=1576800000; Expires=Sun, 14-Jun-2071 00:42:32 GMT Server* WildFly/10 Location https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw**&id=VX2005RP8537OWGC4938JP31457XO
GET H2	200	Flag-Page-BG-2x.jpg darwin-assets.dynata.com/	230 KB 230 KB	76ms 35ms	Image image/jpeg	2600:9000:2104:3e00:17:5070:d6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://darwin-assets.dynata.com/Flag-Page-BG-2x.jpg Requested by Host: dkr1.ssisurveys.com URL: https://dkr1.ssisurveys.com/projects/eprefine?ekey=PIS2bkaYYeDH0eKdJ9cEtw&id=VX2005RP8537OWGC4938JP31457XO Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:3e00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `3e7e241ba0523a661a98ef3d52548786b2b8aad440ef0c37e535717ad47b1b81` Request headers Referer https://dkr1.ssisurveys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Fri, 25 Jun 2021 22:32:30 GMT via 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront) last-modified Mon, 25 Jan 2021 15:32:06 GMT server AmazonS3 age 7804 etag "da443e702139256fc29c577b9ab4c6bd" x-cache Hit from cloudfront content-type image/jpeg x-amz-cf-pop AMS1-C1 accept-ranges bytes content-length 235197 x-amz-cf-id** z5ZVF1Lti5T1rF8nEsnUZvebZqqyOKfRpQ4JSDnepggHm_Le46AqYg==

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dkr1.ssisurveys.com/	1970-02-07 01:17:48	Name: sfcRelevantId Value: H4sIAAAAAAAAAIVW21LjOBD9lZSfE8o3jMlbSDYDszA7NQzL1rxsKZZsCyzJK8m5MMW_b0u2YoWBXaqAalnqy-nTR_oZSNKQLeL6Bq-QRsH8Z8BQUVNOblbBPLjMVqtFlCSzq6tkMUt_i1ezq3UYzs7zRZgv40USL8Ng6o7cF0KSYH6ZT4OKiJt2KTqu5QH8rL_BLiwYojyY865ppsFGip0i8hbx6g9l_t5RxZAuardB2NVPRLz94J1856umjPwQnPziriyvRSfV0W4J_yrF_uAWSok6PJQQxeE0KFCrO0kcLko1UElkCiFbWhB9aGFnYOovG6RqwtGmIXhYUkQpKnghxDMlajj4S8w9Mz617Ah8RZ2uhdwh6dwy9CTklkgw80uwaYswtlZ8FoXwm59FUWoSoqpt0OGAW4oK3aFmcFATWtXaBI9Dm6dXolkL_gNlTCUptJCDK8i01rqV5J-OKD0mDahASLp1Obe8Goot-u5zxIhjQNmWUQhGiRpFBjv2bKjVgObqNZ-jMRQjmCJTJ3FJmQ2plwttwEMz1Ow2JF6Atge__ya4VkwIDdSthrUByP1bID3P8J_sh-W-8n0BnqRolM-GAQQvZ_8gExsKXLE88tIrqDbZfUWSqsAMUfEsNh1tMEbaAdwgTXWHjZnmZ_l5kkahRZtBc5SqXmg7xIYZMf5bVDwPZ81svMBsYFqWsBQ7RJSWIwaFaITEpNWmhtjQ6wltkSokbfXIcRNgR7Gu4Ru1g5GFfXq86pTtEOGzh3uDkmjGxr5BuREVLY4wbzdvw1iKvplcG3aMCAx8JgdFX3pS5yYx1DK0xwDfsDzsO_XbN2EY45Gwjqwdh27syOaEcUz1IxuO-wuBjwS31aPKhYQ8VGdr2hBJXdzWgKGgSH2qDt4Un8KiyV4PhdiZZZQ7XTDmoIeGI6bBsHqPQLgwOkwnnztOJnE2ncRhHE3ieRrPExOrEbxyNIrPkjTPwyN1HVEv4ecNVxniXWkmQ9roD_yZix0_ociYl-vmO5wfRMFIFD7iaXyMHXIzARgOsQFns3UWnadJmGZ5krsZ8TS0n8jTRktS9eRbmBO41r7q9hp5ZHEvlA5hoEefJgXpZMdOlQ1tU7j0XENhJkshGZiPlGPoxiRy6pOdllJBk3boKEGw4XxMhSqbhkl9CDS0FqxlLQWzGiE4B2GGgrwLaEPMHfUeG5jNOYvTLMuj8yhJvT0fKL-QRgr-JLxTk6tOwcWu1GQpGIOJKJCJrCa3lFENAPc1nEq6r-hDJCti41CM5SenR9NT08MGrMyzIFH_sjgLz9IE_l3E_dYLz4-7yHz9NVRDbQvtdaLds7OokXyXEC1GY9L5aZaXnvnR60OSkkg5ysgx2kcaqkCUCfPS7WfJB7J3IiQFJbFt6an6vw8r0GPr4XUacLIL5jb3qfcSXMJzjny37OpPbFFD8Q0D4aIduxvfh6YbRksQJngN_LQHjw5rpO4V9bbb9VfTkap_QzzuP22_yNv0EH3ZZ_W-_NF8VnfnLOMXFzldXodX6-u_kejy4qbmrbx-Wl183_yV3NXR7-yxzdfr9cO3Z6l3LTtkcrGptw3qNvnCDIkkFpGVvTeP9I_DLHz9F1qvVRX0CgAA
dkr1.ssisurveys.com/	1969-12-31 23:59:59	Name: dkp___pid Value: VlgyMDA1UlA4NTM3T1dHQzQ5MzhKUDMxNDU3WE8*
dkr1.ssisurveys.com/	1969-12-31 23:59:59	Name: dkp___params Value: ZWtleT1QSVMyYmthWVllREgwZUtkSjljRXR3KiomaWQ9VlgyMDA1UlA4NTM3T1dHQzQ5MzhKUDMxNDU3WE8*
dkr1.ssisurveys.com/	1970-01-20 04:03:24	Name: dkp___eid Value: 94mUddoHeevS9RA6_ngvzA**
dkr1.ssisurveys.com/	1969-12-31 23:59:59	Name: SESSION Value: f91b6f63-9feb-4d4b-b53c-b5fe89b3071e
dkr1.ssisurveys.com/projects	1970-01-20 04:03:24	Name: RVIDExtId Value: 96DDA133-BB3A-4E2D-BF00-58A08C2A32C0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://borderless.survalidate.com/sv2.js(Line 2889) Message: 61c4b5f167d43cac826fa0fa5f6c6e03
console-api	log	URL: https://borderless.survalidate.com/sv2.js(Line 2902) Message: https://borderless.survalidate.com/callfunction-2_1.php?cid=BRLSSVOP&caid=3065&paid=UB3436UD41431NGKU6408GH18068TN&st1=1624668148&xlist=0;Windows%2010;Chrome;89.0.4389.72;89.0;89;0;0;0;0;0;0;0;0;0;yes;1600;1600;1200;1200;24;24;20;2;0;0;0;0;0;0;en-US;true;0;true;true;true;0;0;Yes;1;1;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;1624668148959;Saturday,%20June%2026,%202021%202:42:28;0;0;0;0;0;&fp=4e554e005d2f5c0b6972780599adace1&daid=61c4b5f167d43cac826fa0fa5f6c6e03&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72&language=en-US&color_depth=24&pixel_ratio=1&hardware_concurrency=12&resolution=1600,1200&available_resolution=1600,1200&timezone_offset=-120&session_storage=1&indexed_db=1&cpu_class=unknown&navigator_platform=Linux%20x86_64&do_not_track=unknown&regular_plugins=&canvas=canvas%20winding:yes~canvas%20fp:data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB9AAAADICAYAAACwGnoBAAAgA&adblock=false&has_lied_languages=false&has_lied_resolution=false&has_lied_os=true&has_lied_browser=false&touch_support=0,false,false&js_fonts=Andale%20Mono,Arial,Arial%20Black,Bitstream%20Vera%20Sans%20Mono,Calibri,Cambria,Comic%20Sans%20MS,Courier,Courier&LocalIP=
console-api	log	URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0(Line 368) Message: 2-299
console-api	log	URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0(Line 368) Message: 2-298
console-api	log	URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0(Line 368) Message: 2-297
console-api	log	URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0(Line 368) Message: 2-296
console-api	log	URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0(Line 368) Message: 2-295
console-api	log	URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0(Line 368) Message: 2-294
console-api	log	URL: https://smartsight.mdforlives.com/UserValidationByRelevantID.aspx?UID=UB3436UD41431NGKU6408GH18068TN&CID=External&PID=UB3436UD41431NGKU6408GH18068TN&ID=3065&SID=16660&RID=0(Line 368) Message: 2-293

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44652.clicks.dattanet.com
borderless.survalidate.com
d1wey2f3vomiar.cloudfront.net
darwin-assets.dynata.com
dkr1.ssisurveys.com
rvid.imperium.com
smartsight.mdforlives.com
200.58.97.252
208.53.56.105
2600:9000:2104:3e00:17:5070:d6c0:93a1
2600:9000:2104:aa00:12:e77a:88c0:21
34.212.145.80
52.21.97.179
52.254.13.109
13b7d2fc75fba1f194c6472cdea652c8b7196168cd04f393fa998d8821fd082d
21eb6262689c647f66e42c2f12673989627b8a3b9c49a54e48972e04d53120c1
3e7e241ba0523a661a98ef3d52548786b2b8aad440ef0c37e535717ad47b1b81
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
5747e9f2bdb6b9463c948a5a719f7f37759e9e758a812380cd2e82b13bebdc86
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f
a41e7043b455f67ca63b6a6ff98f8cb9fda13e7ab3072ad2eb1d18114d0df851
af50e2d39fadfc18e5e1b4ddf9c59a8b6cb83d90cadc3fb1589649294f77b16f
b49812ec1043eccb7258e91c5eea868318481f1642036f7cf88f6162703277e3
c8593ab793ba45fa607680b9607a7e0a1acfbd74737f70c6b71533846dadd2bf
ca8d871ecd7d411935efcb5b0ed3a9a17a1cc65ce31b328ed79c06050bccbd5e
dc3179f2efb03048915ced7e0ea8fbb7789a3a9d8b39bf2bdd4ecc67697f0c5f
ee6025e704a28e41787187e8b7e09f1a74370e627356640d8d8db704f0cc5006

dkr1.ssisurveys.com Open in urlscan Pro 208.53.56.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

60 %HTTPS

29 %IPv6

7 Domains

7 Subdomains

6 IPs

2 Countries

528 kBTransfer

786 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

6 Cookies

9 Console Messages

Indicators

dkr1.ssisurveys.com Open in urlscan Pro
208.53.56.105 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

60 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

528 kB
Transfer

786 kB
Size

6
Cookies

15 HTTP transactions
0 data transactions