sirotaus.mercer.com Open in urlscan Pro
205.156.140.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sirotaus.mercer.com/Vesuvius2022/Survey/Default.aspx?surveyid=E0609DB1&USERID=CFD7B655
Effective URL:
https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
Submission: On October 03 via manual (October 3rd 2022, 12:05:48 pm UTC) from IN — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 205.156.140.32, located in United States and belongs to MARSH, US. The main domain is sirotaus.mercer.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 23rd 2022. Valid for: a year.

This is the only time sirotaus.mercer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 13	205.156.140.32 205.156.140.32		17161 (MARSH) (MARSH)
12	1

13 205.156.140.32 (United States) 1 redirects

ASN17161 (MARSH, US)
PTR: www.plandebeneficiosflexibles.com

sirotaus.mercer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mercer.com 1 redirects sirotaus.mercer.com	242 KB
12	1

	Domain	Requested by
13	sirotaus.mercer.com	1 redirects sirotaus.mercer.com
12	1

This site contains no links.

Subject Issuer	Validity	Valid
www.sirotaus.mercer.com COMODO RSA Organization Validation Secure Server CA	`2022-01-23` - `2023-01-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
Frame ID: 9031EB78A2A7B1E999B7CA74690E206F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercer | Sirota

Page URL History Show full URLs

https://sirotaus.mercer.com/Vesuvius2022/Survey/Default.aspx?surveyid=E0609DB1&USERID=CFD7B655 HTTP 302
https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

274 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sirotaus.mercer.com/Vesuvius2022/Survey/Default.aspx?surveyid=E0609DB1&USERID=CFD7B655 HTTP 302
https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request languageSelection.aspx Show response
sirotaus.mercer.com/Vesuvius2022/Survey/
Redirect Chain

https://sirotaus.mercer.com/Vesuvius2022/Survey/Default.aspx?surveyid=E0609DB1&USERID=CFD7B655
https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

8 KB
9 KB

163ms
162ms

Document
text/html

205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

ba6a1d663ba7ec4bb3d3940c4f834d56df4896fcd1393cc3649a24ccaad38727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 8666
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Oct 2022 12:05:42 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Mercer: yes
X-NID: S41178

Redirect headers

Cache-Control: no-cache
Content-Length: 160
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Oct 2022 12:05:42 GMT
Expires: -1
Location: /Vesuvius2022/Survey/languageSelection.aspx
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Mercer: yes
X-NID: S41178

GET
H/1.1 200
OK bootstrap.min.css
sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/ 97 KB
98 KB 146ms
145ms Stylesheet
text/css 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/bootstrap.min.css

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

809ccc4ac3899f8172c55962af2e45e1dbe3a141750c2ffa81b7389eb75baf6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 03 Oct 2022 12:05:42 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-NID: S41178
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 99526

GET
H/1.1 200
OK font.css
sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/ 1 KB
1 KB 146ms
145ms Stylesheet
text/css 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/font.css

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

87db1645a467a3cffb9f4fbbc745889c04bdbc16b41af89ee6b11407c9dabb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 12:05:41 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-NID: S41177
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 652

GET
H/1.1 200
OK theme.css
sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/ 4 KB
1 KB 287ms
140ms Stylesheet
text/css 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/theme.css

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

9d3cbe40b9e4e2aec5b1ad0b8708f389cd00ebc409896b19a4f464dc5f1f336b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 12:05:41 GMT
Last-Modified: Mon, 03 Oct 2022 12:04:50 GMT
ETag: "0dda45620d7d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-NID: S41177
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 916

GET
H/1.1 200
OK tweeks.css
sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/ 20 KB
5 KB 415ms
144ms Stylesheet
text/css 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/tweeks.css

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

6f29d1881a5fe4565e8c0fcb05bd15a41fe525843afe0cded51771d38b0c87b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 12:05:43 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-NID: S41177
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 4659

GET
H/1.1 200
OK Jquery-3.6.0.min.js Show response
sirotaus.mercer.com/Vesuvius2022/Survey/assets/js/vendor/ 87 KB
88 KB 552ms
281ms Script
application/javascript 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/js/vendor/Jquery-3.6.0.min.js

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 03 Oct 2022 12:05:43 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-NID: S41178
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 89503

GET
H/1.1 200
OK bootstrap.min.js Show response
sirotaus.mercer.com/Vesuvius2022/Survey/assets/js/ 28 KB
8 KB 416ms
145ms Script
application/javascript 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/js/bootstrap.min.js

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

e59731a05ac4ea5c4df6a4a3b36107d9ec13c08bb59857fd6b71868f1e8f0115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Date: Mon, 03 Oct 2022 12:05:42 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-NID: S41176
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 7697

GET
H/1.1 200
OK SurveyLogo.ashx
sirotaus.mercer.com/Vesuvius2022/Survey/ 12 KB
12 KB 154ms
154ms Image
image/png 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/SurveyLogo.ashx

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

f2882a815eabbc7fa58090a96a72f579e035aaf2095530aa7efaaca4009c5ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 03 Oct 2022 12:05:43 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-NID: S41178
Cache-Control: no-cache
X-Mercer: yes
Content-Length: 12268
Expires: -1

GET
H/1.1 200
OK sirota.png
sirotaus.mercer.com/Vesuvius2022/Survey/assets/img/ 14 KB
14 KB 140ms
139ms Image
image/png 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/img/sirota.png

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

aa8043bfe019cc746eaff60fc3bd511012c544632b83ac049c2caca581bf127d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 03 Oct 2022 12:05:43 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-NID: S41178
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 13830

GET
H/1.1 200
OK jquery.ui.totop.js Show response
sirotaus.mercer.com/Vesuvius2022/Survey/assets/js/ 2 KB
3 KB 141ms
141ms Script
application/javascript 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/js/jquery.ui.totop.js

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

64b518dc2b0e06d255d643ed884618b28833e60b87b3c0b65250c7d463112785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 03 Oct 2022 12:05:43 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-NID: S41178
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 2115

GET
H/1.1 200
OK bg-page.png
sirotaus.mercer.com/Vesuvius2022/Survey/assets/img/ 184 B
721 B 142ms
142ms Image
image/png 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/img/bg-page.png

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/theme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

3979a4ae29288e416504fc6f34d9e3226f4915ba60911f79311b72b14fb87906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 03 Oct 2022 12:05:43 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-NID: S41176
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 184

GET
H/1.1 200
OK bg-footer.gif
sirotaus.mercer.com/Vesuvius2022/Survey/assets/img/ 66 B
602 B 142ms
141ms Image
image/gif 205.156.140.32
MARSH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sirotaus.mercer.com/Vesuvius2022/Survey/assets/img/bg-footer.gif

Requested by

Host: sirotaus.mercer.com
URL: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.156.140.32 , United States, ASN17161 (MARSH, US),

Reverse DNS

www.plandebeneficiosflexibles.com

Software

Resource Hash

4437de0a508a4cca67660b460a466a17ccdacc2c9489e857d7716ceeebbfebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sirotaus.mercer.com/Vesuvius2022/Survey/languageSelection.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Mon, 03 Oct 2022 12:05:43 GMT
Last-Modified: Wed, 01 Jun 2022 11:59:02 GMT
ETag: "047fffbae75d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-NID: S41177
X-Mercer: yes
Accept-Ranges: bytes
Content-Length: 66

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sirotaus.mercer.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: aw2um53tx0pqnud0daiqdlm4
			.sirotaus.mercer.com/	1969-12-31 23:59:59	Name: TS016f48b6 Value: 011c2377627b6cf80b50cce589e2ff691f1aeb67c3dee2a18ffd04a13310ef8d6aee27777972207a2bad9f7353a4003a122e5d5983a5d3ffaea9a927f098f819555fbeb3b4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sirotaus.mercer.com
205.156.140.32
3979a4ae29288e416504fc6f34d9e3226f4915ba60911f79311b72b14fb87906
4437de0a508a4cca67660b460a466a17ccdacc2c9489e857d7716ceeebbfebe6
64b518dc2b0e06d255d643ed884618b28833e60b87b3c0b65250c7d463112785
6f29d1881a5fe4565e8c0fcb05bd15a41fe525843afe0cded51771d38b0c87b9
809ccc4ac3899f8172c55962af2e45e1dbe3a141750c2ffa81b7389eb75baf6c
87db1645a467a3cffb9f4fbbc745889c04bdbc16b41af89ee6b11407c9dabb95
9d3cbe40b9e4e2aec5b1ad0b8708f389cd00ebc409896b19a4f464dc5f1f336b
aa8043bfe019cc746eaff60fc3bd511012c544632b83ac049c2caca581bf127d
ba6a1d663ba7ec4bb3d3940c4f834d56df4896fcd1393cc3649a24ccaad38727
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
e59731a05ac4ea5c4df6a4a3b36107d9ec13c08bb59857fd6b71868f1e8f0115
f2882a815eabbc7fa58090a96a72f579e035aaf2095530aa7efaaca4009c5ee5

sirotaus.mercer.com Open in urlscan Pro 205.156.140.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

241 kBTransfer

274 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

sirotaus.mercer.com Open in urlscan Pro
205.156.140.32 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

241 kB
Transfer

274 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions