urlscan.io logo urlscan.io
SecurityTrails logo

au.ondemandassessment.com Open in urlscan Pro
13.35.147.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://5qzmb9gw.r.ap-southeast-2.awstrack.me/L0/https:%2F%2Fau.ondemandassessment.com%2Fverify%2Findex%2FDEPnQJacGDC9wUmB/1/0108018a4960b9d6-...
Effective URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Submission: On August 31 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 16 HTTP transactions. The main IP is 13.35.147.95, located in United States and belongs to AMAZON-02, US. The main domain is au.ondemandassessment.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 29th 2023. Valid for: a year.
This is the only time au.ondemandassessment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.24.101.122 16509 (AMAZON-02)
3 13.35.147.95 16509 (AMAZON-02)
1 142.250.204.10 15169 (GOOGLE)
1 13.35.148.205 16509 (AMAZON-02)
1 13.210.134.223 16509 (AMAZON-02)
1 151.101.130.137 54113 (FASTLY)
1 13.35.147.60 16509 (AMAZON-02)
1 162.247.241.2 23467 (NEWRELIC-...)
2 65.8.33.37 16509 (AMAZON-02)
1 44.209.16.165 14618 (AMAZON-AES)
2 13.55.28.243 16509 (AMAZON-02)
1 52.216.178.45 16509 (AMAZON-02)
1 3.33.152.127 16509 (AMAZON-02)
16 13
1    3.24.101.122 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-101-122.ap-southeast-2.compute.amazonaws.com
5qzmb9gw.r.ap-southeast-2.awstrack.me
3    13.35.147.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-95.syd1.r.cloudfront.net
au.ondemandassessment.com
1    142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net
fonts.googleapis.com
1    13.35.148.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-148-205.syd1.r.cloudfront.net
cdn.amplitude.com
1    13.210.134.223 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-134-223.ap-southeast-2.compute.amazonaws.com
api-au.criteriacorp.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    13.35.147.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-60.syd1.r.cloudfront.net
widget.intercom.io
1    162.247.241.2 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
2    65.8.33.37 (Ft. Pierce, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-33-37.mel50.r.cloudfront.net
js.intercomcdn.com
1    44.209.16.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-16-165.compute-1.amazonaws.com
api-iam.intercom.io
2    13.55.28.243 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-28-243.ap-southeast-2.compute.amazonaws.com
oda-node-server-au.ondemandassessment.com
1    52.216.178.45 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    3.33.152.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com
downloads.intercomcdn.com
Apex Domain
Subdomains		 Transfer
5 ondemandassessment.com
au.ondemandassessment.com
oda-node-server-au.ondemandassessment.com
457 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2393
downloads.intercomcdn.com — Cisco Umbrella Rank: 12371
224 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1849
api-iam.intercom.io — Cisco Umbrella Rank: 1933
6 KB
1 amazonaws.com
s3.amazonaws.com
5 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 2274
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 386
18 KB
1 criteriacorp.com
api-au.criteriacorp.com
76 KB
1 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2855
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
791 B
1 awstrack.me
5qzmb9gw.r.ap-southeast-2.awstrack.me
177 B
16 10
Domain Requested by
3 au.ondemandassessment.com au.ondemandassessment.com
2 oda-node-server-au.ondemandassessment.com au.ondemandassessment.com
2 js.intercomcdn.com widget.intercom.io
1 downloads.intercomcdn.com
1 s3.amazonaws.com
1 api-iam.intercom.io js.intercomcdn.com
1 bam-cell.nr-data.net au.ondemandassessment.com
1 widget.intercom.io au.ondemandassessment.com
1 js-agent.newrelic.com au.ondemandassessment.com
1 api-au.criteriacorp.com au.ondemandassessment.com
1 cdn.amplitude.com au.ondemandassessment.com
1 fonts.googleapis.com au.ondemandassessment.com
1 5qzmb9gw.r.ap-southeast-2.awstrack.me 1 redirects
16 13

This site contains links to these domains. Also see Links.

Domain
intercom.help
Subject Issuer Validity Valid
au.ondemandassessment.com
Amazon RSA 2048 M01		 2023-07-29 -
2024-08-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M01		 2023-01-12 -
2024-02-11		 a year crt.sh
api-au.criteriacorp.com
Amazon RSA 2048 M01		 2023-07-30 -
2024-08-27		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-06-21		 a year crt.sh
intercom-attachments-10.com
Amazon RSA 2048 M01		 2023-07-09 -
2024-08-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Frame ID: 889AF8C4FD3FE292BC1B9690CDA6047A
Requests: 14 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.af7a1537.js
Frame ID: BD3141DCDFB0C06800D155D61C3B8490
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

On Demand Assessment - Criteria Corp.

Page URL History Show full URLs

  1. https://5qzmb9gw.r.ap-southeast-2.awstrack.me/L0/https:%2F%2Fau.ondemandassessment.com%2Fverify%2Findex%2FDEPnQJacGDC9wUmB... HTTP 302
    https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

811 kB
Transfer

3299 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://5qzmb9gw.r.ap-southeast-2.awstrack.me/L0/https:%2F%2Fau.ondemandassessment.com%2Fverify%2Findex%2FDEPnQJacGDC9wUmB/1/0108018a4960b9d6-617bb6b0-df1e-459c-8cca-83c61bd9970d-000000/rFw43WbNpjVzjredb88oSxSkrQ4=118 HTTP 302
    https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DEPnQJacGDC9wUmB
au.ondemandassessment.com/verify/index/
Redirect Chain
  • https://5qzmb9gw.r.ap-southeast-2.awstrack.me/L0/https:%2F%2Fau.ondemandassessment.com%2Fverify%2Findex%2FDEPnQJacGDC9wUmB/1/0108018a4960b9d6-617bb6b0-df1e-459c-8cca-83c61bd9970d-000000/rFw43WbNpjV...
  • https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
accec453f3a9cc98c6e6722a98ed496cc990e219890c3a69dd5855f9e135e550

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
29905
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 18:00:53 GMT
etag
W/"389a990be8f24cacb99083b811bfb86d"
last-modified
Wed, 30 Aug 2023 17:51:49 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f7807c0a57cfa18eb5f00429067b5f6a.cloudfront.net (CloudFront)
x-amz-cf-id
chYjcVZKNIk_6-ZNTZ8-eZN3dY9svwH_JqjGTTsSVxbfzDLw123R5g==
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 31 Aug 2023 02:19:17 GMT
Location
https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
main.43621c1c.js
au.ondemandassessment.com/static/js/ 		2 MB
391 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.ondemandassessment.com/static/js/main.43621c1c.js
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e916abdaad9b792c92a5d77d5d6e2353d9938b61338aecc2f2c437ac315665d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 17:55:30 GMT
content-encoding
br
via
1.1 f7807c0a57cfa18eb5f00429067b5f6a.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 17:52:27 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
30228
etag
W/"515c0f4d3a026d0ed891d2cf20ff1b9a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-id
EKKzOoXSzPullz_0fsGf8erz-lTNG3f2vDLfsO9iJCch41vDydXgfw==
main.39b8bffb.css
au.ondemandassessment.com/static/css/ 		206 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://au.ondemandassessment.com/static/css/main.39b8bffb.css
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc18ea58a25c3d971bb28366269e90ded38d841fe9d1daa3e7bd8a8d7d3fa107

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 17:55:30 GMT
content-encoding
br
via
1.1 f7807c0a57cfa18eb5f00429067b5f6a.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 17:51:49 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
30228
etag
W/"9faf1f288ff41581fd2329fa5cba10a5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
tckwwv-MAKxRyQ5npIVndd0kMdpX_PG9RycEUoUOlvXjcClStSdGLw==
css2
fonts.googleapis.com/ 		761 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 31 Aug 2023 02:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 02:02:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Aug 2023 02:19:17 GMT
amplitude-8.11.0-min.gz.js
cdn.amplitude.com/libs/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.11.0-min.gz.js
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-148-205.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8db5c95a3a1e4b132ac70c3464eb8fc34eeb9519b029ae3e59be92681cf8ea8b

Request headers

Referer
https://au.ondemandassessment.com/
Origin
https://au.ondemandassessment.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 23:46:59 GMT
content-encoding
gzip
via
1.1 13ad48adfe7f5ca5b82509779525e518.cloudfront.net (CloudFront)
x-amz-version-id
jA0I3mzrxU2Hidw0N4LAgxW2dqMXn7NL
x-amz-cf-pop
SYD1-C1
age
786739
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23468
last-modified
Tue, 16 Nov 2021 06:26:45 GMT
server
AmazonS3
etag
"18efab50ae07ea3d6e7c55c5c7afaf84"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
BLBrJXA_Gp98r8OescN6YGfVQ5lg6-aJFZksRIYaoBZV9aj0jMkNtg==
DEPnQJacGDC9wUmB
api-au.criteriacorp.com/api/oda/event/ 		76 KB
76 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-au.criteriacorp.com/api/oda/event/DEPnQJacGDC9wUmB
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.210.134.223 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-134-223.ap-southeast-2.compute.amazonaws.com
Software
Apache/2.4.57 () OpenSSL/1.0.2k-fips /
Resource Hash
cb9339d905d58e49378c556e3a1bc34c2eacd0336da5ecf38c69a6b68c2d62c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 02:19:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
server
Apache/2.4.57 () OpenSSL/1.0.2k-fips
x-ratelimit-remaining
49
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
50
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Authorization, Accept
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80dcd99a9366830efb5665a905e2cf54a9ab0c70d0fb47ed2e7ab349e09d634f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32bf0cf3e3f5037789aa619877217e192b035d1fb20e86cfd069e6d1a3b24091

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
nr-spa-1214.min.js
js-agent.newrelic.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1214.min.js
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38e8fbc0dd2dced6baf868693d2de7da475e8d3de08434cc6ac6c0b4950ab1d7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
dU7oF32BLhGI7U7W.plhnY0tWsxdaArN
content-encoding
br
via
1.1 varnish
date
Thu, 31 Aug 2023 02:19:18 GMT
strict-transport-security
max-age=300
x-amz-request-id
Y35H8EY9G05D7XHF
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17734
x-amz-id-2
NtoEqd9rprsrWXACRUC9eGFVsW6XnoOk8uswaOA8ynvsK7AdzMyMMpLt/tek5PCiCqvExWe8xjA=
x-served-by
cache-bfi-kbfi7400061-BFI
last-modified
Tue, 04 Jan 2022 23:13:19 GMT
server
AmazonS3
x-timer
S1693448358.067740,VS0,VE0
etag
"709ab085dc6fdf2fd4cb719608244963"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2
o78exqrb
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/o78exqrb
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a87028bfd65253470c3c35d64267af7fb3a9feee6973af68adcd7b730e0b5cab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
mUSlpIYNNsmkOnchAc6M9gxoRUHVrsoB
content-encoding
gzip
via
1.1 7c4c2286abc7fc5145c880b21a28bb46.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 02:12:45 GMT
x-amz-cf-pop
SYD1-C1
age
554
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Wed, 30 Aug 2023 14:18:43 GMT
server
AmazonS3
etag
"ab9ea3ba5fda252d0e48ad8e15c27e2f"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
2MN-i3b1qkzUtt9-KdK00f6EnDFhgDc37jy6EBB0z_5VuBwqsOH24g==
a2567919da
bam-cell.nr-data.net/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/a2567919da?a=353284772&sa=1&v=1214.62a3223&t=Unnamed%20Transaction&rst=974&ck=1&ref=https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB&be=266&fe=506&dc=503&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1693448357200,%22n%22:0,%22f%22:151,%22dn%22:152,%22dne%22:158,%22c%22:158,%22s%22:160,%22ce%22:171,%22rq%22:172,%22rp%22:208,%22rpe%22:210,%22dl%22:216,%22di%22:430,%22ds%22:503,%22de%22:503,%22dc%22:506,%22l%22:506,%22le%22:506%7D,%22navigation%22:%7B%7D%7D&fp=511&jsonp=NREUM.setToken
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 02:19:18 GMT
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYIgeavioSOqRVfOSNQP4cSh4laYEyIruzmDSmjxdsBi%2B2Wu%2FiU8MsZ962QVxY7mtgI0nYKm%2FFD5bUOMKN3zhRywwC4xWAgcKzBd%2BW0ewAIfKBjslCOrV74cLiNKwqLZqXzY29pu"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain;charset=UTF-8
Connection
keep-alive
CF-RAY
7ff1c9af0dcb5509-SYD
Content-Length
2
frame-modern.af7a1537.js
js.intercomcdn.com/ Frame BD31 		489 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.af7a1537.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/o78exqrb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.33.37 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-33-37.mel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1de606724b66d1151923d8b65f7b52013106010c20e764e8ec800f4b69ddcb24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
OY.FmmJ16JkZIey6wa7zcnN2v2JLdbuF
content-encoding
gzip
via
1.1 d1d963d1b987e74904429c900aa75fd2.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 02:18:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MEL50-C2
age
31
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
139172
last-modified
Wed, 30 Aug 2023 14:17:06 GMT
server
AmazonS3
etag
"42eeda936d841ac175dcb7674fbb0eaf"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
JPsHFFA8wDPpwk1CUy6b6g-LZRZT9o3T8V4wgF5KOski3z1nRRcaFw==
vendor-modern.585e5941.js
js.intercomcdn.com/ Frame BD31 		267 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.585e5941.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/o78exqrb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.33.37 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-33-37.mel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99755425c264fc16bfc57c97cb1d1fe82b565f7b45c9004a9e4dd975c5851090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
D.pYbUTSIFZ3PNSba3bAU04LwU5Ze4c0
content-encoding
gzip
via
1.1 d1d963d1b987e74904429c900aa75fd2.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 00:45:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MEL50-C2
age
5643
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
84421
last-modified
Wed, 30 Aug 2023 12:42:58 GMT
server
AmazonS3
etag
"4f999761c7f9cbf29f2653b089c41698"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
N5gwc3evnKXKvFmLfEdFpNewvsFMdns1UVZ-lKTBjJyUjF0odTodiA==
ping
api-iam.intercom.io/messenger/web/ Frame BD31 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.af7a1537.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.209.16.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-16-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bff5dd1dfd5dc71d4d7c10f67a1c8d4f024a6101a6690f8d233e61c032577bd0
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 31 Aug 2023 02:19:19 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-02da4291faa34553c
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0017einvdn47itcs18pg
x-runtime
0.248655
server
nginx
etag
W/"bff5dd1dfd5dc71d4d7c10f67a1c8d4f"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://au.ondemandassessment.com
x-intercom-version
47d23e86107e44684f31b43728752e9adbb202b1
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
getMultipleChoiceQuestionNumber
oda-node-server-au.ondemandassessment.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oda-node-server-au.ondemandassessment.com/getMultipleChoiceQuestionNumber
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.55.28.243 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-28-243.ap-southeast-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://au.ondemandassessment.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Thu, 31 Aug 2023 02:19:19 GMT
server
nginx
vary
Access-Control-Request-Headers
x-powered-by
Express
getMultipleChoiceQuestionNumber
oda-node-server-au.ondemandassessment.com/ 		36 B
250 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oda-node-server-au.ondemandassessment.com/getMultipleChoiceQuestionNumber
Requested by
Host: au.ondemandassessment.com
URL: https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.55.28.243 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-28-243.ap-southeast-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
f34ce09ebb43d883986fb949d5ef74e548ad17c74fa213461db92a0958b9f1f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://au.ondemandassessment.com/
accept-language
en-AU,en;q=0.9
Authorization
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2OTM0NDgzNTgsImV4cCI6MTY5MzQ2NjM1OCwiZXZlbnRJZCI6IkRFUG5RSmFjR0RDOXdVbUIiLCJ0ZXN0RXZlbnRJZCI6OTgyMDY4MiwidGVzdFRha2VySWQiOjk3NzY4MjQsImFkZHJlc3NDb3VudHJ5IjoiIiwibG9jYWxlIjoiQVUifQ.Jj0vn8BRqdnSn-PEvtH5wYmbrara31Q4GK6KBUO2t1k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 02:19:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-powered-by
Express
etag
W/"24-u+X62KxWwcBW1njGBh8QzO3zvzc"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
36
department_of_defence2270.jpeg
s3.amazonaws.com/criteria-corp-object-store/ondemandassessment/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/criteria-corp-object-store/ondemandassessment/logos/department_of_defence2270.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.178.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
912780ab17be8145aa80f64c9f6931cddb598ef94d9251fc4adb02ba3912002e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 02:19:20 GMT
Last-Modified
Wed, 13 Oct 2021 09:58:47 GMT
Server
AmazonS3
x-amz-request-id
YEFANCN679NRWBZC
ETag
"cdae72d395217877c507f6cde3ce53df"
Content-Type
image/jpeg
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
5224
x-amz-id-2
f8w3N1uwgjwenjnNGLahOCKJu7e67zrCrH39hogI5/xBcA/AUdbTt6GXpPf9CyvrftssE0p2+6c=
ec874542ce95b068c16b7ecc17fe68d8.png
downloads.intercomcdn.com/i/o/259317/b272a9b1adb9bf57fa8dc3c2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloads.intercomcdn.com/i/o/259317/b272a9b1adb9bf57fa8dc3c2/ec874542ce95b068c16b7ecc17fe68d8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.33.152.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a69d63ecdf0f33068.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f391c3d737bd224be841aedaf6121db9a86bebd83f514a1dc762aafd4caffc09
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://au.ondemandassessment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 02:19:20 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-02da4291faa34553c
content-security-policy
default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status
200 OK
content-transfer-encoding
binary
content-disposition
inline; filename="ec874542ce95b068c16b7ecc17fe68d8.png"; filename*=UTF-8''ec874542ce95b068c16b7ecc17fe68d8.png
x-xss-protection
1; mode=block
x-request-id
0017skiornkv33jouic0
x-runtime
0.074097
last-modified
Thu, 11 Mar 2021 01:42:35 GMT
server
nginx
x-request-queueing
0
vary
Accept-Encoding
x-frame-options
deny
content-type
image/png
x-intercom-version
47d23e86107e44684f31b43728752e9adbb202b1
cache-control
max-age=86400, private

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| NREUM object| newrelic function| __nr_require function| Intercom object| amplitude object| __AMPLITUDE__ object| webpackChunknew_oda function| Color function| Chart object| __SENTRY__ function| __intercomAssignLocation function| __intercomReloadLocation

3 Cookies

Domain/Path Name / Value
.ondemandassessment.com/ Name: intercom-id-o78exqrb
Value: 01f69534-4b29-41ff-82a3-acfa7f84cf22
.ondemandassessment.com/ Name: intercom-session-o78exqrb
Value:
.ondemandassessment.com/ Name: intercom-device-id-o78exqrb
Value: 72644787-52d5-42d0-9c33-aa034831f505

1 Console Messages

Source Level URL
Text
network error URL: https://bam-cell.nr-data.net/1/a2567919da?a=353284772&sa=1&v=1214.62a3223&t=Unnamed%20Transaction&rst=974&ck=1&ref=https://au.ondemandassessment.com/verify/index/DEPnQJacGDC9wUmB&be=266&fe=506&dc=503&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1693448357200,%22n%22:0,%22f%22:151,%22dn%22:152,%22dne%22:158,%22c%22:158,%22s%22:160,%22ce%22:171,%22rq%22:172,%22rp%22:208,%22rpe%22:210,%22dl%22:216,%22di%22:430,%22ds%22:503,%22de%22:503,%22dc%22:506,%22l%22:506,%22le%22:506%7D,%22navigation%22:%7B%7D%7D&fp=511&jsonp=NREUM.setToken
Message:
Failed to load resource: the server responded with a status of 402 (Payment Required)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5qzmb9gw.r.ap-southeast-2.awstrack.me
api-au.criteriacorp.com
api-iam.intercom.io
au.ondemandassessment.com
bam-cell.nr-data.net
cdn.amplitude.com
downloads.intercomcdn.com
fonts.googleapis.com
js-agent.newrelic.com
js.intercomcdn.com
oda-node-server-au.ondemandassessment.com
s3.amazonaws.com
widget.intercom.io
13.210.134.223
13.35.147.60
13.35.147.95
13.35.148.205
13.55.28.243
142.250.204.10
151.101.130.137
162.247.241.2
3.24.101.122
3.33.152.127
44.209.16.165
52.216.178.45
65.8.33.37
1de606724b66d1151923d8b65f7b52013106010c20e764e8ec800f4b69ddcb24
32bf0cf3e3f5037789aa619877217e192b035d1fb20e86cfd069e6d1a3b24091
38e8fbc0dd2dced6baf868693d2de7da475e8d3de08434cc6ac6c0b4950ab1d7
80dcd99a9366830efb5665a905e2cf54a9ab0c70d0fb47ed2e7ab349e09d634f
8db5c95a3a1e4b132ac70c3464eb8fc34eeb9519b029ae3e59be92681cf8ea8b
912780ab17be8145aa80f64c9f6931cddb598ef94d9251fc4adb02ba3912002e
99755425c264fc16bfc57c97cb1d1fe82b565f7b45c9004a9e4dd975c5851090
a87028bfd65253470c3c35d64267af7fb3a9feee6973af68adcd7b730e0b5cab
accec453f3a9cc98c6e6722a98ed496cc990e219890c3a69dd5855f9e135e550
bc18ea58a25c3d971bb28366269e90ded38d841fe9d1daa3e7bd8a8d7d3fa107
bff5dd1dfd5dc71d4d7c10f67a1c8d4f024a6101a6690f8d233e61c032577bd0
cb9339d905d58e49378c556e3a1bc34c2eacd0336da5ecf38c69a6b68c2d62c9
e916abdaad9b792c92a5d77d5d6e2353d9938b61338aecc2f2c437ac315665d4
f34ce09ebb43d883986fb949d5ef74e548ad17c74fa213461db92a0958b9f1f6
f391c3d737bd224be841aedaf6121db9a86bebd83f514a1dc762aafd4caffc09
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c