urlscan.io logo urlscan.io
SecurityTrails logo

www.vantagemind.com Open in urlscan Pro
160.153.32.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shearwaterasia.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTE4MTc1MDk0NDk0NDE1MywiSW52aXRhdGlvbklkIjoxMTgyMDg2Mzg3NjIxOTg2fQ
Effective URL: https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
Submission: On February 23 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 19 HTTP transactions. The main IP is 160.153.32.32, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.vantagemind.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 28th 2023. Valid for: a year.
This is the only time www.vantagemind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 160.153.32.32 398101 (GO-DADDY-...)
5 52.222.236.53 16509 (AMAZON-02)
1 99.86.4.49 16509 (AMAZON-02)
10 151.101.194.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
19 5
1    2606:4700::6812:ca6 (United States)

ASN13335 (CLOUDFLARENET, US)
shearwaterasia.tellwise.com
2    160.153.32.32 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 32.32.153.160.host.secureserver.net
www.vantagemind.com
5    52.222.236.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-53.fra56.r.cloudfront.net
vantagemind.wufoo.com
static.wufoo.com
1    99.86.4.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-49.fra6.r.cloudfront.net
cdn.signalfx.com
10    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
10 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 341
22 KB
5 wufoo.com
vantagemind.wufoo.com
static.wufoo.com — Cisco Umbrella Rank: 33134
298 KB
2 vantagemind.com
www.vantagemind.com
150 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 222
527 B
1 signalfx.com
cdn.signalfx.com — Cisco Umbrella Rank: 12510
36 KB
1 tellwise.com
shearwaterasia.tellwise.com
602 B
19 6
Domain Requested by
10 js-agent.newrelic.com vantagemind.wufoo.com
3 vantagemind.wufoo.com www.vantagemind.com
vantagemind.wufoo.com
2 static.wufoo.com vantagemind.wufoo.com
2 www.vantagemind.com www.vantagemind.com
1 bam.nr-data.net js-agent.newrelic.com
1 cdn.signalfx.com vantagemind.wufoo.com
1 shearwaterasia.tellwise.com 1 redirects
19 7

This site contains no links.

Subject Issuer Validity Valid
vantagemind.com
Go Daddy Secure Certificate Authority - G2		 2023-01-28 -
2024-01-05		 a year crt.sh
wufoo.co.uk
Amazon		 2022-08-11 -
2023-09-10		 a year crt.sh
*.signalfx.com
Go Daddy Secure Certificate Authority - G2		 2022-11-09 -
2023-12-11		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
Frame ID: D4ECC20A89838672B61DE5B73BFCDE91
Requests: 2 HTTP requests in this frame

Frame: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Frame ID: 4457F49698491AC9D4FF50D436915AF6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Workday Experience Live Webinar

Page URL History Show full URLs

  1. https://shearwaterasia.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTE4MTc1MDk0NDk0NDE1MywiSW52aXRhdGlvbklkIjoxMTg... HTTP 302
    https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater Page URL

Page Statistics

19
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

506 kB
Transfer

652 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shearwaterasia.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTE4MTc1MDk0NDk0NDE1MywiSW52aXRhdGlvbklkIjoxMTgyMDg2Mzg3NjIxOTg2fQ HTTP 302
    https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request registration.html
www.vantagemind.com/events/Workday/230309/
Redirect Chain
  • https://shearwaterasia.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTE4MTc1MDk0NDk0NDE1MywiSW52aXRhdGlvbklkIjoxMTgyMDg2Mzg3NjIxOTg2fQ
  • https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.32.32 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
32.32.153.160.host.secureserver.net
Software
Apache /
Resource Hash
e938cc40f552d6befc2802ca9909d6de83d5d9e21f9530733d63841e6cee43d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
1129
content-type
text/html
date
Thu, 23 Feb 2023 06:14:11 GMT
etag
"98623ac-f68-5f26c08452d23-br"
last-modified
Tue, 17 Jan 2023 01:58:12 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Content-Type,Authorization,TellwiseDeviceId,TellwiseAppVersion,X-Requested-With,x-datadog-parent-id,x-datadog-origin,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-ziaccesstoken
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79ddd1dbaa26bbce-FRA
content-type
text/html
date
Thu, 23 Feb 2023 06:14:10 GMT
location
https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept
x-powered-by
ServiceStack/5.110 NetCore/Linux
event_banner_640.jpg
www.vantagemind.com/events/Workday/230309/images/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vantagemind.com/events/Workday/230309/images/event_banner_640.jpg
Requested by
Host: www.vantagemind.com
URL: https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.32.32 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
32.32.153.160.host.secureserver.net
Software
Apache /
Resource Hash
f13ac74e077a9cca27444e5705caf27b966d6fe98572a102b47c27a3a1cc3ea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 06:14:11 GMT
last-modified
Tue, 17 Jan 2023 01:57:02 GMT
server
Apache
accept-ranges
bytes
etag
"98623a3-251bc-5f26c0417f95e"
content-length
151996
content-type
image/jpeg
/
vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/ Frame 4457 		77 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Requested by
Host: www.vantagemind.com
URL: https://www.vantagemind.com/events/Workday/230309/registration.html?prl=Shearwater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-53.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
c69b5a62df2bbd9be43a63bff52cfe332d33ada90cf1a9470c3aa7aeec897e4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.vantagemind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, authorization
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin
*
content-type
text/html;charset=UTF-8
date
Thu, 23 Feb 2023 06:14:12 GMT
server
nginx/1.22.0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-id
3A0dPBdAJ1hp8jFBK-IdPKDlBnbj2gM3TfLWaSHOiScYUMi8SO9LzA==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
splunk-otel-web.js
cdn.signalfx.com/o11y-gdi-rum/latest/ Frame 4457 		158 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dabdd82e735a2076db0a2c0da8eb6b744a5b6416dab6bc23245ec5bbf93e7814

Request headers

Referer
https://vantagemind.wufoo.com/
Origin
https://vantagemind.wufoo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 06:14:14 GMT
content-encoding
br
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Wed, 11 Jan 2023 12:50:19 GMT
server
AmazonS3
etag
W/"930f1bc3802a070e5d8cdd0e8cc223e8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
CD6ztPFjJiNK40w1RVn7apisDpS1dVtx9qhicXU_LLI6hhV7vP6B8g==
index.0677.css
static.wufoo.com/stylesheets/public/forms/css/ Frame 4457 		35 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/stylesheets/public/forms/css/index.0677.css
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-53.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 06:14:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
server
nginx/1.22.0
x-amz-cf-pop
FRA56-P4
etag
2dbfdb7efa173f5546c5a6c335ec3baf
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=600; must-revalidate
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
yCKrY0k0uQa5IeiodrWjymRa1xhnQBQQXNNeNbcyIO4C-re0_izU6Q==
theme.css
vantagemind.wufoo.com/css/custom/340/ Frame 4457 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vantagemind.wufoo.com/css/custom/340/theme.css
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-53.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
871dc22f321d4ccd6d9591797b40332686901c814e403eaa34c7bd0a824eb54a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 06:14:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
server
nginx/1.22.0
x-amz-cf-pop
FRA56-P4
etag
dfcd396531a4a37fcc094fb8a5cdd451
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=600; must-revalidate
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
Ap8ljJt39K9aj9Ru5DSBrb1eJmbedjwkCwJ9YVYDqMdeLWY7G8pIKg==
dynamic.0677.js
static.wufoo.com/scripts/public/ Frame 4457 		171 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wufoo.com/scripts/public/dynamic.0677.js?language=english
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-53.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 06:14:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
last-modified
Thu, 16 Feb 2023 17:47:11GMT
server
nginx/1.22.0
x-amz-cf-pop
FRA56-P4
etag
a8181402ae095d4eab1d282a517ff079
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=600; must-revalidate
access-control-allow-headers
origin, x-requested-with, content-type, authorization
x-amz-cf-id
Qp0FNZTCDzmJbXHEmQ51KoVCBDBbGkauyqzRT_sSh7Dwui7kpKSZlA==
fieldbg.gif
vantagemind.wufoo.com/images/ Frame 4457 		46 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vantagemind.wufoo.com/images/fieldbg.gif
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/css/custom/340/theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-53.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/css/custom/340/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 06:14:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
last-modified
Wed, 30 Sep 2020 14:15:40 GMT
server
nginx/1.22.0
x-amz-cf-pop
FRA56-P4
etag
"5f74930c-2e"
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
origin, x-requested-with, content-type, authorization
content-length
46
x-amz-cf-id
88zLuvJn6FrLDKfCuzGi5q3jZfzsHuwJnYqSuFHKDKnVwfwJYYsTEQ==
async-api.6bb277af-1225.min.js
js-agent.newrelic.com/ Frame 4457 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
ccu4IA9M.iSFjMQAJQZ9WRC6vNK74xfk
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
87ZMH8RH0D8VZXGF
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1094
x-amz-id-2
Lt5AgkCax7VaO938x0/KPePc4XkKTsmu8umdNbeY21eT7ZKVdI/nHfiYNgrACjuhbtHTv3UV80o=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.144871,VS0,VE0
etag
"dd573d973dfb2a2559befdfb616d511d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6355
lazy-loader.48127245-1225.min.js
js-agent.newrelic.com/ Frame 4457 		2 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
x72sIi24uKUpr9UhD5QY7PCKtNgMfeY4
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
ZFPVBT3GMQ3HSS9D
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
520
x-amz-id-2
9vR0mJ3gYJ6akDVLAkAPpGgWPRfd/tfJUpaD/8399EbadQFN7DKBYnnjptyqgJuZLzsVU2uWniQ=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.144893,VS0,VE0
etag
"a3759bbbd15fffd73531bda1e8166ae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6351
118.d37755e4-1225.min.js
js-agent.newrelic.com/ Frame 4457 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/118.d37755e4-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
8iuwUwYODDWrlAN7lGJW4CKaVaPtd.FC
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
N4PBCM13EVY56HT8
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3412
x-amz-id-2
1HNNpatjy7/7YqsYpClx49CzurfQru47SPgczm5HuIaW77KXyAcNiAvyq1tDyI2zkt9HlIYyruY=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.156258,VS0,VE0
etag
"9c8a05b5703a1c30e0418f9ba42337df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6242
page_view_event-aggregate.29613e65-1225.min.js
js-agent.newrelic.com/ Frame 4457 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
Q2wYJMaFVSMNo7QiSpnsS727o5X3kt_1
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
11K6QQ36A62DGVY1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1682
x-amz-id-2
wCJv5IK1f2opSUJXWvx0bM26l6jdns6m7Sva/xcSSuQc+8SOvEYynqynZQjhagMdvjAPksyDgYE=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.156826,VS0,VE0
etag
"0743ee0ec30428f3654ee07d779efb64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6226
page_view_timing-aggregate.e791ce32-1225.min.js
js-agent.newrelic.com/ Frame 4457 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
5Hc0bLUe_lA8zF4035AV9Xl5FkevBdYq
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
EJPNNHZE9GZ78260
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2248
x-amz-id-2
o+8w9WCqmiMkUuqZ1LnHxE+zzUijrQcYmxL/b/CQuLKIEQlZQTGzeHe6hp5ddCwFmpjGx3aNUGI=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.157333,VS0,VE0
etag
"84ba19034cf0206a49ecf68893086bdd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6226
metrics-aggregate.b4a54ed9-1225.min.js
js-agent.newrelic.com/ Frame 4457 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
0sI71h2BU2Q4FabSOYi.9wzegJNG1fuh
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
XZ4XJ30TRZ2RES1C
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
730
x-amz-id-2
3Dt653pVx/94FdAbbwe0sJsYHCqc8U3Xxo+YmC4eqcyMB0M+OkapA5KL+Asx6hpe60tqdDtnkns=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.157459,VS0,VE0
etag
"395608505dac1e4fbe08bd146e09f5c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6224
jserrors-aggregate.ef250e1c-1225.min.js
js-agent.newrelic.com/ Frame 4457 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.ef250e1c-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d7c5406cd5476cc832d78d9965ac1370bea2ccd700512d91512bd93bb4cac7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
ZOM52KkW0qOLL2pO6zep8b6LBe5eLeAu
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
4JXT35PTS6XBQS49
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2947
x-amz-id-2
D1HEQV0DczsqMAsisBxieQ8l6bs0ME9Ykkku0PwG2vbqqzBVJ7C7u4PZSmR0h/2zhzIPgFtoaZI=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.158204,VS0,VE0
etag
"57226211458d66408fe8e6f2a870ac73"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4180
ajax-aggregate.fc672923-1225.min.js
js-agent.newrelic.com/ Frame 4457 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/ajax-aggregate.fc672923-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb9ded273eb670fb69a7063d6df6f6fd3aa3b4b185703f2c1e97dd5936138a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
frHq3kL0RCG6sqBZr8JQrpE1DTcTY4r.
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
JDK2NPB8Y4KQQT11
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2384
x-amz-id-2
zA3ump93obkPqiVBtUf63Tnx1J13H5xbQUwMkEhHgfnMvqNFVY/opyzF1XLCawMiOWXcoWYjzKo=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.158164,VS0,VE0
etag
"166e664a45eea3f57f277bbe4c918943"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4178
session_trace-aggregate.94c80cda-1225.min.js
js-agent.newrelic.com/ Frame 4457 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.94c80cda-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
983acf3ef5c106a8e903cbddc3c53c08f2b8b98313ea22e41a0acf7ca3a18150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
VTTWLoMb09kYDpNhQPhusVScECFKJVwU
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
JDK9WW17PRSKG8SB
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3743
x-amz-id-2
eSDqyEitDwHs+Q1G0ghpg4fZSaaYjAAe6lLRciLL5KUjN5P1hHLQUCkpBBygBaELsP/6EXCy2Yo=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.158159,VS0,VE0
etag
"424a549cc28afe269b792b20fdae0acb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4168
page_action-aggregate.92657d87-1225.min.js
js-agent.newrelic.com/ Frame 4457 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_action-aggregate.92657d87-1225.min.js
Requested by
Host: vantagemind.wufoo.com
URL: https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e1d37eede31b28e70a5ad04013b247aa16c1f1461e62a5d5db141a4bad735ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
LWJLU5TdVV0.TfnYrT4knyPvYg1S141q
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Feb 2023 06:14:14 GMT
x-amz-request-id
JDK1HB92EFWH28J8
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1200
x-amz-id-2
BMTVmmzMypkhtH08F7M8b5apZ0l0XPHLGJPVQlZOqNAYHUykjQYW3NHA34Z9D286YuCPcEClis4=
x-served-by
cache-hhn-etou8220056-HHN
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677132854.158158,VS0,VE0
etag
"44fd542c32559790db696a8ee7ade0b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4161
1e390569c3
bam.nr-data.net/1/ Frame 4457 		49 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1e390569c3?a=536297313&v=1225.PROD&to=YQdTbENQXUFVAUxbDFhNZEpYHlVdRg9LHQpYBlRAH1lHX1g%3D&rst=2607&ck=0&s=0&ref=https://vantagemind.wufoo.com/embed/sqbqfqh0gm91a0/&ap=107&be=1199&fe=1341&dc=744&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1677132851561,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:69,%22c%22:69,%22s%22:76,%22ce%22:86,%22rq%22:86,%22rp%22:884,%22rpe%22:1194,%22dl%22:886,%22di%22:1943,%22ds%22:1943,%22de%22:1946,%22dc%22:2540,%22l%22:2540,%22le%22:2545%7D,%22navigation%22:%7B%7D%7D&fp=1945&fcp=1945&at=TUBQGgtKTk8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vantagemind.wufoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 06:14:14 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
79ddd1f31da02bf5-FRA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange

4 Cookies

Domain/Path Name / Value
shearwaterasia.tellwise.com/ Name: ss-id
Value: fuOz1AsC2h0PcSCdzOtd
shearwaterasia.tellwise.com/ Name: ss-pid
Value: 2cF3QKMnWYrc3MXNgNRW
.wufoo.com/ Name: ep201
Value: YOgFl4pdgXXpsp/zWWRULN9VzJk=
vantagemind.wufoo.com/ Name: _splunk_rum_sid
Value: %7B%22id%22%3A%2233ff0cab457a9259695e222209023b14%22%2C%22startTime%22%3A1677132853281%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.signalfx.com
js-agent.newrelic.com
shearwaterasia.tellwise.com
static.wufoo.com
vantagemind.wufoo.com
www.vantagemind.com
151.101.194.137
160.153.32.32
162.247.241.14
2606:4700::6812:ca6
52.222.236.53
99.86.4.49
02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0
1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790
2e1d37eede31b28e70a5ad04013b247aa16c1f1461e62a5d5db141a4bad735ee
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
871dc22f321d4ccd6d9591797b40332686901c814e403eaa34c7bd0a824eb54a
983acf3ef5c106a8e903cbddc3c53c08f2b8b98313ea22e41a0acf7ca3a18150
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
b2d7c5406cd5476cc832d78d9965ac1370bea2ccd700512d91512bd93bb4cac7
c69b5a62df2bbd9be43a63bff52cfe332d33ada90cf1a9470c3aa7aeec897e4c
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
dabdd82e735a2076db0a2c0da8eb6b744a5b6416dab6bc23245ec5bbf93e7814
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e938cc40f552d6befc2802ca9909d6de83d5d9e21f9530733d63841e6cee43d2
eb9ded273eb670fb69a7063d6df6f6fd3aa3b4b185703f2c1e97dd5936138a8e
f13ac74e077a9cca27444e5705caf27b966d6fe98572a102b47c27a3a1cc3ea3
f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321