barrick.us.damstraforms.com Open in urlscan Pro
52.73.131.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://barrick.us.damstraforms.com/users/B-Tahp_t3FBFlIzeG1gbyw/confirm
Effective URL:
https://barrick.us.damstraforms.com/signin
Submission: On March 29 via manual (March 29th 2024, 11:43:56 am UTC) from IN — Scanned from US

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 52.73.131.229, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is barrick.us.damstraforms.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 25th 2023. Valid for: a year.

This is the only time barrick.us.damstraforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	52.73.131.229 52.73.131.229	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:24f... 2600:9000:24f1:e00:14:a5e4:ed80:21	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
3	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
16	5

6 52.73.131.229 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-131-229.compute-1.amazonaws.com

barrick.us.damstraforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:24f1:e00:14:a5e4:ed80:21 (United States)

ASN16509 (AMAZON-02, US)

dk6ltolsor0l2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net dk6ltolsor0l2.cloudfront.net	2 MB
6	damstraforms.com 1 redirects barrick.us.damstraforms.com	132 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 244	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 636	32 KB
16	4

	Domain	Requested by
7	dk6ltolsor0l2.cloudfront.net	barrick.us.damstraforms.com
6	barrick.us.damstraforms.com	1 redirects barrick.us.damstraforms.com
3	bam.nr-data.net	barrick.us.damstraforms.com
1	js-agent.newrelic.com	barrick.us.damstraforms.com
16	4

This site contains links to these domains. Also see Links.

Domain
app.us.damstraforms.com

Subject Issuer	Validity	Valid
us.damstraforms.com Amazon RSA 2048 M01	`2023-07-25` - `2024-08-21`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://barrick.us.damstraforms.com/signin
Frame ID: EA4B7CE38AE1CC246883B75DFBE86BBF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Damstra Forms | Sign in

Page URL History Show full URLs

https://barrick.us.damstraforms.com/users/B-Tahp_t3FBFlIzeG1gbyw/confirm HTTP 302
https://barrick.us.damstraforms.com/signin Page URL

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

2144 kB
Transfer

6409 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.us.damstraforms.com/auth/authenticate?on_success_url=https%3A%2F%2Fbarrick.us.damstraforms.com%2Fsession%2Fpresigned&strategy_path=%2Fauth%2Fdamstraglobal&expires=2311712571&token=c37a1ae97fc32faae8835396cf36cd1cb94bd2de
Title: Sign in with Damstra Global

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://barrick.us.damstraforms.com/users/B-Tahp_t3FBFlIzeG1gbyw/confirm HTTP 302
https://barrick.us.damstraforms.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
barrick.us.damstraforms.com/
Redirect Chain

https://barrick.us.damstraforms.com/users/B-Tahp_t3FBFlIzeG1gbyw/confirm
https://barrick.us.damstraforms.com/signin

62 KB
63 KB

152ms
151ms

Document
text/html

52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://barrick.us.damstraforms.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-131-229.compute-1.amazonaws.com

Software

Resource Hash

7bea6c9e60ef2c3b4ec9d34b21265eb65ade7a7eb824562d97bade6fd7712510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, private, must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 29 Mar 2024 11:43:50 GMT
etag: W/"7bea6c9e60ef2c3b4ec9d34b21265eb6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 18179d37-2e41-4e14-8c10-46414baf2c25
x-runtime: 0.062580
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Fri, 29 Mar 2024 11:43:50 GMT
location: https://barrick.us.damstraforms.com/signin
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 851eef25-4426-4e68-97df-331902109b89
x-runtime: 0.024719
x-xss-protection: 1; mode=block

GET
H2 200 application-a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631.js Show response
barrick.us.damstraforms.com/assets/ 204 KB
62 KB 45ms
44ms Script
application/javascript 52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://barrick.us.damstraforms.com/assets/application-a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631.js
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-131-229.compute-1.amazonaws.com
Software: /
Resource Hash: a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/signin
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 11:43:50 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 00:29:30 GMT
content-length: 63017
vary: Accept-Encoding, Origin
content-type: application/javascript

GET
H2 200 vendor.ape.js Show response
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/ 14 KB
6 KB 227ms
139ms Script
application/javascript 2600:9000:24f1:e00:14:a5e4:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/vendor.ape.js
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:e00:14:a5e4:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 529cf83de4cc5a06e1e5d48a2686d8b9b24bdbc46db9927e7ba933d59fa5bf9c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 22 Mar 2024 09:31:05 GMT
content-encoding: gzip
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 02:34:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 612766
etag: W/"11bdf66c04c82f6c3d57ed6bf3bf58cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=365000000, immutable
x-amz-cf-id: cmxS42bI5up6zMV2-Rc9CG9cfDAxOiadf5tjQJBaxAhd1HGXPg1hnA==

GET
H2 200 mainsite.ape.js Show response
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/ 4 MB
1 MB 148ms
61ms Script
application/javascript 2600:9000:24f1:e00:14:a5e4:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/mainsite.ape.js
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:e00:14:a5e4:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ec699e641e5c4f3a040fc2ea90291d451ddf6b2d712ab48c794941ac299b8f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 06:47:04 GMT
content-encoding: gzip
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 02:34:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 709007
etag: W/"b62ac1bf013430a902c4443197c5dd92"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=365000000, immutable
x-amz-cf-id: nV9bONVCqCH7IrGK8MuNVwvN1t52F-Fq3yAIeQOGVfzZdvXr7cUIyA==

GET
H2 200 liveview.ape.js Show response
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/ 2 MB
595 KB 265ms
181ms Script
application/javascript 2600:9000:24f1:e00:14:a5e4:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/liveview.ape.js
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:e00:14:a5e4:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4b5ccf5ce5c57874b71a1a4481e433e5015168e16dd8b8c4b799fb55402d316

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:36:25 GMT
content-encoding: gzip
via: 1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 02:34:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 83246
etag: W/"ed2343ada50d04f28c089b79b488266c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=365000000, immutable
x-amz-cf-id: 6juCT3m-Obwh3QdKtG_nRY73tFK8O5GEMnGrDUtw1pYqNXfIXviGKw==

GET
H2 200 15d5858eff9fa8aa25f4e97f673bf565.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/ 67 KB
67 KB 83ms
29ms Font
binary/octet-stream 2600:9000:24f1:e00:14:a5e4:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/15d5858eff9fa8aa25f4e97f673bf565.woff
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:e00:14:a5e4:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4e1d145f258c9669ca777b15445cb386bf79a21941463374634c67fccb03ed1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
Origin: https://barrick.us.damstraforms.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 03:12:19 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 117093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 68276
last-modified: Thu, 21 Mar 2024 02:34:19 GMT
server: AmazonS3
etag: "fbd50651219002dbddace9975d3e6251"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://barrick.us.damstraforms.com
cache-control: max-age=365000000, immutable
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: IoF4VZxu8QeE_RmRaxWEli4EXIwSEVTC4SrRivAeh0BnjaxutESYtg==

GET
H2 200 e36e1456fe17f1468ff8c3a056a80611.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/ 69 KB
69 KB 109ms
61ms Font
binary/octet-stream 2600:9000:24f1:e00:14:a5e4:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/e36e1456fe17f1468ff8c3a056a80611.woff
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:e00:14:a5e4:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96a1877406a2817690479126e5006d2ef6c44f77fb43640c7efeb90d973fe1d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
Origin: https://barrick.us.damstraforms.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 03:12:19 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 117093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70348
last-modified: Thu, 21 Mar 2024 02:34:19 GMT
server: AmazonS3
etag: "fe48f5fa5652f72b480e84420b0f6135"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://barrick.us.damstraforms.com
cache-control: max-age=365000000, immutable
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: KrU4OL10UFyHzKSEp_FPxdvakVQ1c2BoSHx2W7EfRzqNOlPqkI__pg==

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a38e89cfd0de6cfe6b68f6fdd0235c5195f192ad70c6e98a1bd4e8ef28da0ce

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1273fc499bfc664dba6a88890cfee07d.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/ 66 KB
67 KB 68ms
68ms Font
binary/octet-stream 2600:9000:24f1:e00:14:a5e4:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/1273fc499bfc664dba6a88890cfee07d.woff
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:e00:14:a5e4:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aca9b3d45984df3b40e7f82dca26269a71ff01d9c35ee76d22fe8d46931af8f4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
Origin: https://barrick.us.damstraforms.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:29:05 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 83687
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 67796
last-modified: Thu, 21 Mar 2024 02:34:19 GMT
server: AmazonS3
etag: "86013ad29c0374c81b4f25ec100036ff"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://barrick.us.damstraforms.com
cache-control: max-age=365000000, immutable
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: X_rNM8ybnMIQLdk8DGmfuxlxdEPVfQe2yUB_-Vwgd5syP4MCP_lJlA==

GET
H2 200 497895911cd9ae5b9bf111c461fcff03.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/ 68 KB
69 KB 36ms
35ms Font
binary/octet-stream 2600:9000:24f1:e00:14:a5e4:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.23.1/ed74112/497895911cd9ae5b9bf111c461fcff03.woff
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:e00:14:a5e4:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ee8eff7d41467ace92bb5c3533a0a7e6502da57cb5a90f1f07111648dfb51a9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
Origin: https://barrick.us.damstraforms.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 12:29:05 GMT
via: 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 83687
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 69740
last-modified: Thu, 21 Mar 2024 02:34:19 GMT
server: AmazonS3
etag: "71ba3bad71674aace3b0ef4ec878b548"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://barrick.us.damstraforms.com
cache-control: max-age=365000000, immutable
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: Bc7UgDVy95iM1yGwG_gUQbTnYZJLHp8JYC3j6B4i3o0_X1ZRr6q43Q==

GET
H2 200 signin.json Show response
barrick.us.damstraforms.com/ 454 B
1 KB 69ms
68ms Fetch
application/json 52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://barrick.us.damstraforms.com/signin.json

Requested by

Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-131-229.compute-1.amazonaws.com

Software

Resource Hash

0bb029acad03bca55d7abf66641008c7c351fed2adee17c09ca905a6fb4dff9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate: 2827013@nr=0-1-2827013-1119988702-de49ce04256743fa----1711712631897
x-csrf-token: oY1xleS6UrrYndYeUi3Kde2PBI4PQ6Ay0xqmle1SNYvRYz3ODnaZ6NjvhMsNitmyM1yq2I2/YGjQiqXerqW22A==
traceparent: 00-6fca4aa1684c8e4caccc15619236e327-de49ce04256743fa-01
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI4MjcwMTMiLCJhcCI6IjExMTk5ODg3MDIiLCJpZCI6ImRlNDljZTA0MjU2NzQzZmEiLCJ0ciI6IjZmY2E0YWExNjg0YzhlNGNhY2NjMTU2MTkyMzZlMzI3IiwidGkiOjE3MTE3MTI2MzE4OTd9fQ==
content-type: application/json
accept: application/json
Referer: https://barrick.us.damstraforms.com/signin
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.023077
date: Fri, 29 Mar 2024 11:43:51 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
etag: W/"0bb029acad03bca55d7abf66641008c7"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: 36b2c338-aec9-4bb5-a74c-26b4e6b0d593

GET
H2 200 nr-spa-1.253.0.min.js Show response
js-agent.newrelic.com/ 99 KB
32 KB 77ms
22ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.253.0.min.js

Requested by

Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e72e22c9fd71d91300781105175767a7275aa469946f7f72cdda5adaa5c548e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/
Origin: https://barrick.us.damstraforms.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fCBpomkNr2k.mGTnq1v.Ze6YZpq.zil8
content-encoding: br
via: 1.1 varnish
date: Fri, 29 Mar 2024 11:43:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: NT8997MRGSCCS5EY
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 32390
x-amz-id-2: T1NJV90tw4M7/inkgZ3xpi25vq+r+rkppIoSWOVCK0Cp/xW9RfA0h358w53gaiZHcG94tK6PajHL3kqIK1LCcA==
x-served-by: cache-nyc-kteb1890093-NYC
last-modified: Wed, 13 Mar 2024 21:07:25 GMT
server: AmazonS3
etag: "4a6ecb6da3c4e819773b0e3331ff5e7a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 15862

GET
H2 200 damstra-D-login-button-5212cd6be49a5b3742168193af58bc2931b0215b747b0b7692b26f09882ee5c4.png
barrick.us.damstraforms.com/assets/button-logos/ 3 KB
3 KB 45ms
44ms Image
image/png 52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://barrick.us.damstraforms.com/assets/button-logos/damstra-D-login-button-5212cd6be49a5b3742168193af58bc2931b0215b747b0b7692b26f09882ee5c4.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-131-229.compute-1.amazonaws.com
Software: /
Resource Hash: 5212cd6be49a5b3742168193af58bc2931b0215b747b0b7692b26f09882ee5c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/signin
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 11:43:52 GMT
last-modified: Fri, 22 Mar 2024 00:27:08 GMT
content-length: 2684
vary: Origin
content-type: image/png

GET
H2 200 favicon.ico
barrick.us.damstraforms.com/ 2 KB
2 KB 40ms
39ms Other
image/vnd.microsoft.icon 52.73.131.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://barrick.us.damstraforms.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.131.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-131-229.compute-1.amazonaws.com
Software: /
Resource Hash: b7f40a4eeab60d741415eced9a30db395ffd72c109c4b0ce5da9006fb68dfe80

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://barrick.us.damstraforms.com/signin
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 11:43:52 GMT
last-modified: Fri, 22 Mar 2024 00:27:08 GMT
content-length: 2388
content-type: image/vnd.microsoft.icon

POST
H/1.1 200
OK NRBR-edb81c4ca39909dd0e8 Show response
bam.nr-data.net/1/ 136 B
716 B 168ms
83ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRBR-edb81c4ca39909dd0e8?a=992223411&v=1.253.0&to=cgpbEkZZDlkGS0pFVEIWXAlaRU1bBk4%3D&rst=2171&ck=0&s=87c7ed00741cd49e&ref=https://barrick.us.damstraforms.com/signin&hr=0&af=err,xhr,stn,ins,spa&ap=64&be=405&fe=1655&dc=1573&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1711712629911,%22n%22:0,%22r%22:1,%22re%22:253,%22f%22:253,%22dn%22:253,%22dne%22:253,%22c%22:253,%22s%22:253,%22ce%22:253,%22rq%22:254,%22rp%22:405,%22rpe%22:441,%22di%22:1939,%22ds%22:1939,%22de%22:1978,%22dc%22:2056,%22l%22:2056,%22le%22:2060%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1916&fcp=1916
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9c3ebb765d4fa13d8208014e7b2f4ea02f3bada2e5970086e0b635ac769bc7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://barrick.us.damstraforms.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 29 Mar 2024 11:43:52 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://barrick.us.damstraforms.com
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 86bf9acf19615407-YYZ
timing-allow-origin: https://barrick.us.damstraforms.com

POST
H/1.1 200
OK NRBR-edb81c4ca39909dd0e8 Show response
bam.nr-data.net/resources/1/ 36 B
428 B 77ms
77ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRBR-edb81c4ca39909dd0e8?a=992223411&v=1.253.0&to=cgpbEkZZDlkGS0pFVEIWXAlaRU1bBk4%3D&rst=2355&ck=0&s=87c7ed00741cd49e&ref=https://barrick.us.damstraforms.com/signin&st=1711712629911&hr=0&fts=1711712629911&n=26&fsh=1
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50a6010d1e71c622bbdab42426c11f2c7a7d98adedcd65fb950373370708a1b6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://barrick.us.damstraforms.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 29 Mar 2024 11:43:52 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://barrick.us.damstraforms.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 86bf9acfba145407-YYZ
Content-Length: 36

POST
H/1.1 200
OK NRBR-edb81c4ca39909dd0e8 Show response
bam.nr-data.net/events/1/ 24 B
415 B 194ms
142ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRBR-edb81c4ca39909dd0e8?a=992223411&v=1.253.0&to=cgpbEkZZDlkGS0pFVEIWXAlaRU1bBk4%3D&rst=2364&ck=0&s=87c7ed00741cd49e&ref=https://barrick.us.damstraforms.com/signin&hr=0
Requested by: Host: barrick.us.damstraforms.com
URL: https://barrick.us.damstraforms.com/signin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://barrick.us.damstraforms.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 29 Mar 2024 11:43:52 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://barrick.us.damstraforms.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 86bf9ad01b2339de-YYZ
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			barrick.us.damstraforms.com/	1970-01-20 19:28:33	Name: _dd_s Value: logs=1&id=abee5649-b31c-4d48-a50c-2768c2ef02be&created=1711712631619&expire=1711713531619
			barrick.us.damstraforms.com/	1969-12-31 23:59:59	Name: _APEMobileWeb_session Value: V3VBeDJLZEU3THFjcm1RR2lHRmF4TThiQTF4TTlzTEpBVzNDMThoS2poK1A1V0NKYWN1ZHRPYzJEajMwQmwvc0lmSXUyUEhpN2NtT3Foc1NWNFpCVVN6SFk5dEQzUVVrVkpnRWx4NzV1RCtHeWpXS0tpU3ZTRHhaRzBCcHAzd05MbkdreHoyNmR4VmRtemptTWQxa1RnPT0tLWFGK3czbDVLMTJKeTBlL05VWUFtOEE9PQ%3D%3D--9bf3d4d78afb66ce272cd9bf03bb67ee8f7d739e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
barrick.us.damstraforms.com
dk6ltolsor0l2.cloudfront.net
js-agent.newrelic.com
162.247.241.14
2600:9000:24f1:e00:14:a5e4:ed80:21
2602:816:5001::39
52.73.131.229
0bb029acad03bca55d7abf66641008c7c351fed2adee17c09ca905a6fb4dff9c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
50a6010d1e71c622bbdab42426c11f2c7a7d98adedcd65fb950373370708a1b6
5212cd6be49a5b3742168193af58bc2931b0215b747b0b7692b26f09882ee5c4
529cf83de4cc5a06e1e5d48a2686d8b9b24bdbc46db9927e7ba933d59fa5bf9c
5b9c3ebb765d4fa13d8208014e7b2f4ea02f3bada2e5970086e0b635ac769bc7
5ec699e641e5c4f3a040fc2ea90291d451ddf6b2d712ab48c794941ac299b8f2
6ee8eff7d41467ace92bb5c3533a0a7e6502da57cb5a90f1f07111648dfb51a9
7a38e89cfd0de6cfe6b68f6fdd0235c5195f192ad70c6e98a1bd4e8ef28da0ce
7bea6c9e60ef2c3b4ec9d34b21265eb65ade7a7eb824562d97bade6fd7712510
96a1877406a2817690479126e5006d2ef6c44f77fb43640c7efeb90d973fe1d8
a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631
aca9b3d45984df3b40e7f82dca26269a71ff01d9c35ee76d22fe8d46931af8f4
b7f40a4eeab60d741415eced9a30db395ffd72c109c4b0ce5da9006fb68dfe80
d4b5ccf5ce5c57874b71a1a4481e433e5015168e16dd8b8c4b799fb55402d316
e4e1d145f258c9669ca777b15445cb386bf79a21941463374634c67fccb03ed1
e72e22c9fd71d91300781105175767a7275aa469946f7f72cdda5adaa5c548e1

barrick.us.damstraforms.com Open in urlscan Pro 52.73.131.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

1 Countries

2144 kBTransfer

6409 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

barrick.us.damstraforms.com Open in urlscan Pro
52.73.131.229 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

2144 kB
Transfer

6409 kB
Size

2
Cookies

16 HTTP transactions
1 data transactions