survey-d.yoursurveynow.com Open in urlscan Pro
34.211.93.146  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.mailing.bein.com/l2/7fczvBw2x4/3320540/579973294.html Page URL
2. https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	579973294.html Show response t.mailing.bein.com/l2/7fczvBw2x4/3320540/	208 B 558 B	369ms 101ms	Document text/html	91.190.170.11 SPLIO-AS
General Check archive.org Show headers Download Go to Full URL https://t.mailing.bein.com/l2/7fczvBw2x4/3320540/579973294.html? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.190.170.11 , France, ASN31688 (SPLIO-AS, FR), Reverse DNS s3s.fr Software Apache / Resource Hash b8ec3a9737c1479971a86a3787dd8e4f79b81318889ed5edd3759518543715ee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Cache-Control no-cache Connection close Content-Length 208 Content-Type text/html Date Tue, 20 Dec 2022 08:18:37 GMT Expires Mon, 01 Jan 1990 00:00:00 GMT P3P policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA" Pragma no-cache Server Apache X-Robots-Tag noindex,nofollow
GET H/1.1	200 OK	Primary Request 2212180 Show response survey-d.yoursurveynow.com/survey/selfserve/53c/	31 KB 8 KB	628ms 194ms	Document text/html	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 17150f05391e7689ba1ab3ed1cc2b21a69b201f4d1a8285f1249bae497f9c57a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://t.mailing.bein.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 7317 Content-Type text/html; charset=utf-8 Date Tue, 20 Dec 2022 08:18:38 GMT Expires Wed, 27 Dec 1995 08:18:38 GMT Keep-Alive timeout=240, max=100 Server Apache Vary Accept-Encoding X-Content-Type-Options nosniff x-xss-protection 1; mode=block
GET H/1.1	200 OK	jquery-ui-1.9.2.custom.min.css survey-d.yoursurveynow.com/s/support/jquery-ui-1.9.2.custom/css/smoothness/	25 KB 5 KB	159ms 159ms	Stylesheet text/css	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/s/support/jquery-ui-1.9.2.custom/css/smoothness/jquery-ui-1.9.2.custom.min.css?ad7753b880 Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 0084b814961b71fabbffc1405f766616f5e94831b1df8381ff64db78fdf70306 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Mon, 28 Sep 2015 12:56:15 GMT Server Apache ETag "65ef-520ce38fcd9c0-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=240, max=99 Content-Length 4837
GET H/1.1	200 OK	jquery-ui-1.9.2.beacon.css survey-d.yoursurveynow.com/s/support/jquery-ui-1.9.2.custom/css/smoothness/	4 KB 2 KB	169ms 167ms	Stylesheet text/css	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/s/support/jquery-ui-1.9.2.custom/css/smoothness/jquery-ui-1.9.2.beacon.css?4ddb951d43 Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 4ca5c539a62c510de8b9a6c4e824be57494679dc13f88691ff130bdfb4a40f5a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Mon, 09 Jul 2018 07:25:22 GMT Server Apache ETag "10d9-5708bea95bc80-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=240, max=100 Content-Length 1187
GET H/1.1	200 OK	company-theme_dk-compiled.css survey-d.yoursurveynow.com/survey/selfserve/53c/2212180/	75 KB 14 KB	321ms 161ms	Stylesheet text/css	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180/company-theme_dk-compiled.css?a5c260cd3b01d643516dc98a8cecd743 Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 66b2e1b53ad99ebad65e9743ad34ee410686c3ee00d8b419e7efbf0eb660f4a7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Mon, 19 Dec 2022 15:14:45 GMT Server Apache ETag "12cc0-5f02fc7904631-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=240, max=98 Content-Length 13573
GET H/1.1	200 OK	caaa730ed462680b3c3fc324ca591ac5.js Show response survey-d.yoursurveynow.com/s/exp/tmp/	139 KB 49 KB	345ms 175ms	Script application/javascript	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/s/exp/tmp/caaa730ed462680b3c3fc324ca591ac5.js Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 02450116f8c89895906079390c99dbb6ffa32307cd40ac4de363ac4125b51838 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 15 Sep 2021 17:34:13 GMT Server Apache ETag "22c1d-5cc0c1b56a864-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=240, max=99 Content-Length 50024
GET H/1.1	200 OK	163988f16ec1839cb18c4961d6951288.js Show response survey-d.yoursurveynow.com/s/exp/tmp/	277 KB 77 KB	491ms 170ms	Script application/javascript	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/s/exp/tmp/163988f16ec1839cb18c4961d6951288.js Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 53d1ec88850541fbe7ed72c46faf487f89e0261463d1403b0c32b5619bf7a5c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 13 Jul 2022 07:26:03 GMT Server Apache ETag "455fa-5e3aab2977675-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=240, max=97
GET H/1.1	200 OK	rnjslib.js Show response survey-d.yoursurveynow.com/survey/selfserve/rnstarlib/res/	7 KB 3 KB	487ms 163ms	Script application/javascript	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/survey/selfserve/rnstarlib/res/rnjslib.js?imgsecurity=standard Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 9e3a1183919c8ce62130c9aaea84c0dc2c94844dfcf1183180c246f84b5b8269 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 03 May 2017 15:58:42 GMT Server Apache ETag "1d3b-54ea0baf67080-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=240, max=100 Content-Length 2708
GET H2	200	jquery.fancybox.min.css surveyfiles.dynata.com/rnd/migration/2021/plugins/fancybox/3.5.6/	12 KB 3 KB	417ms 44ms	Stylesheet text/css	2600:9000:2304:7e00:1e:8286:a600:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://surveyfiles.dynata.com/rnd/migration/2021/plugins/fancybox/3.5.6/jquery.fancybox.min.css Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:7e00:1e:8286:a600:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id D_bm4gu0UZxynwJd4JZ428Va_ikadg3Q content-encoding gzip via 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront) date Tue, 20 Dec 2022 08:11:30 GMT last-modified Fri, 21 Oct 2022 15:50:14 GMT server AmazonS3 x-amz-cf-pop VIE50-P1 age 428 etag W/"a2d42584292f64c5827e8b67b1b38726" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id jIN7jUQPg3gdVxSsptdyZY_nLVF6p3aq_nGx1Je9iW-lvpdrX_YbMg==
GET H2	200	jquery.fancybox.min.js Show response surveyfiles.dynata.com/rnd/migration/2021/plugins/fancybox/3.5.6/	67 KB 22 KB	427ms 54ms	Script application/javascript	2600:9000:2304:7e00:1e:8286:a600:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://surveyfiles.dynata.com/rnd/migration/2021/plugins/fancybox/3.5.6/jquery.fancybox.min.js Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:7e00:1e:8286:a600:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8c53c7c7c83c02d6e7315dbae64c7890a845324e2b8d443b0bcfee0dd8f1f8e8 Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id OJAsfz0P0hPfNfcP7zF1eSFCRF7mx9Bk content-encoding gzip via 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront) date Tue, 20 Dec 2022 08:18:38 GMT last-modified Fri, 21 Oct 2022 15:50:15 GMT server AmazonS3 x-amz-cf-pop VIE50-P1 age 103 etag W/"a3a4507a81ac03776701cf28a75b3b66" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id fU93G92FwWmO40cocy84dKsPNT7LNNH3xggpI3ex4GG_WD6RDHWqtA==
GET H2	200	jquery.easing-1.3.pack.js Show response surveyfiles.dynata.com/rnd/migration/2021/popups/	7 KB 3 KB	430ms 57ms	Script application/javascript	2600:9000:2304:7e00:1e:8286:a600:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://surveyfiles.dynata.com/rnd/migration/2021/popups/jquery.easing-1.3.pack.js Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:7e00:1e:8286:a600:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111 Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront) date Tue, 20 Dec 2022 08:18:38 GMT last-modified Wed, 10 Nov 2021 21:55:50 GMT server AmazonS3 x-amz-cf-pop VIE50-P1 age 129 etag W/"def257dbb0ab805c4996fd8abb1a6b49" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id O8pU4LgI0SDpooUjejzYaxVs7piRZP2u8wEh1_-n3YdEtQdeJQolyA==
GET H/1.1	200 OK	appversion.js Show response survey-d.dynata.com/page/	65 B 549 B	537ms 164ms	Script text/javascript	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.dynata.com/page/appversion.js Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 633c40d9db084d925263c46e2ddfbb8b2e745ecccedc0b4f27200cd0a590a0ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:39 GMT X-Content-Type-Options nosniff Last-Modified Fri, 13 Jan 2012 22:58:41 GMT Server Apache ETag zz2d6v3r48qx6e5d Content-Type text/javascript Cache-Control private, must-revalidate, max-age=9999999 Connection Keep-Alive Keep-Alive timeout=240, max=100 Content-Length 65 x-xss-protection 1; mode=block
GET H/1.1	200 OK	swfobject22.js Show response survey-d.yoursurveynow.com/s/iq/	25 KB 8 KB	494ms 168ms	Script application/javascript	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/s/iq/swfobject22.js?8c2ec4bc2c Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 73e3fbd3b6c791205f9b2b90a80b881f418fb06ed8b18924638eb907e904d2b9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Mon, 28 Sep 2015 12:56:15 GMT Server Apache ETag "63d8-520ce38fcd9c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=240, max=100 Content-Length 7595
GET H2	200	qslib1.0.js Show response d2cjqdos4nhnz5.cloudfront.net/	203 KB 204 KB	406ms 34ms	Script application/javascript	2600:9000:206e:3400:18:e956:a840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2cjqdos4nhnz5.cloudfront.net/qslib1.0.js Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206e:3400:18:e956:a840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash aa54c88043e91c42d30c07d3903f775a0e32b2f5177cc3a2a3536dcbb5b5e2f5 Request headers accept-language fr-FR,fr;q=0.9 Referer https://survey-d.yoursurveynow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 20:54:35 GMT via 1.1 0b828d2972235c5e8de186e29f1866fc.cloudfront.net (CloudFront) last-modified Wed, 31 Aug 2022 03:32:47 GMT server AmazonS3 x-amz-cf-pop VIE50-C1 age 41046 x-amz-server-side-encryption AES256 etag "da167e57c68fda6d0be7171aaaf5712d" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 208143 x-amz-cf-id OWv8oO1Lj0N8DHN2dSUy9sjVnYq6BffGhBkJ-8g5Tk9uOXCbTflKxA==
OPTIONS H2	204	status qualityscore.imperium.com/	0 0	339ms 97ms	Preflight	3.217.88.90 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://qualityscore.imperium.com/status Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.88.90 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-88-90.compute-1.amazonaws.com Software Kestrel / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://survey-d.yoursurveynow.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin * date Tue, 20 Dec 2022 08:18:39 GMT server Kestrel
GET H2	200	status Show response qualityscore.imperium.com/	71 B 187 B	96ms 96ms	XHR application/json	3.217.88.90 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://qualityscore.imperium.com/status Requested by Host: d2cjqdos4nhnz5.cloudfront.net URL: https://d2cjqdos4nhnz5.cloudfront.net/qslib1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.217.88.90 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-217-88-90.compute-1.amazonaws.com Software Kestrel / Resource Hash 16355ea806e6b7359b593a7e8ae2e5a2841ce222c795db38e515923161935e35 Request headers Referer https://survey-d.yoursurveynow.com/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Tue, 20 Dec 2022 08:18:39 GMT server Kestrel content-length 71 content-type application/json; charset=utf-8
GET H2	200	identifier Show response ra.imperium.com/	89 B 205 B	104ms 104ms	XHR application/json	50.17.67.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ra.imperium.com/identifier Requested by Host: d2cjqdos4nhnz5.cloudfront.net URL: https://d2cjqdos4nhnz5.cloudfront.net/qslib1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.17.67.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-67-194.compute-1.amazonaws.com Software Kestrel / Resource Hash 0a6b4d9005929321f8383967aa7508d0fe5b3f4a45bc3243719cf46240852f9c Request headers Referer https://survey-d.yoursurveynow.com/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Tue, 20 Dec 2022 08:18:39 GMT server Kestrel content-length 89 content-type application/json; charset=utf-8
OPTIONS H2	204	identifier ra.imperium.com/	0 0	361ms 104ms	Preflight	50.17.67.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ra.imperium.com/identifier Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.17.67.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-17-67-194.compute-1.amazonaws.com Software Kestrel / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://survey-d.yoursurveynow.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin * date Tue, 20 Dec 2022 08:18:39 GMT server Kestrel
GET H/1.1	200 OK	2212180 Show response survey-d.yoursurveynow.com/survey/selfserve/53c/	2 B 403 B	172ms 172ms	XHR application/javascript	34.211.93.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?v2timing=v02j7v4n1ktfn0vk,erush2v0eaw7dh5x,630,1396,1396 Requested by Host: survey-d.yoursurveynow.com URL: https://survey-d.yoursurveynow.com/s/exp/tmp/caaa730ed462680b3c3fc324ca591ac5.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.211.93.146 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-211-93-146.us-west-2.compute.amazonaws.com Software Apache / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://survey-d.yoursurveynow.com/survey/selfserve/53c/2212180?list=3&cp_pack=1&cp_sample=1&C=53&ID=f2EtWC5-rZDhsbVWJ3Tmwg X-Requested-With XMLHttpRequest accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Tue, 20 Dec 2022 08:18:39 GMT X-Content-Type-Options nosniff Server Apache Content-Type application/javascript Connection Keep-Alive Keep-Alive timeout=240, max=98 Content-Length 2 x-xss-protection 1; mode=block Expires Wed, 27 Dec 1995 08:18:39 GMT

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| Except function| AssertionError function| assert function| fail object| Assert string| version object| all object| special_keys object| shift_nums function| add function| remove object| textutil object| BeaconSession function| generateId function| getObj function| postIt function| setControl function| focusFirstElement function| runExtraReport function| affectSegment function| $FV function| changePred function| populateBuddy function| maybeRename function| renameKeyPress function| checkFolderEnter function| deleteReport function| editReport function| openOEWindow function| toggleDetailedIncidence function| showDetailedIncidence function| openSendDetailWindow function| openConditionDetailWindow function| openChartWindow function| hideWelcomeMessage function| randomChoice function| getRandomAnswers function| fillOE function| generateData function| randomlyPopulate function| loadFixedPage function| restoreFixedPosition function| reportRestorePosition function| getX function| getY function| setXY function| ddInit function| checkFirstChild function| findChartDiv function| hideChart function| forceChartRefresh function| showChart function| suggestPassword function| setChartPane function| changeSurveyFolder function| removeFolder function| uncheck function| approveWarning function| toggleQAMode function| toggleQACodeMode function| gotoTranslation function| addDirectionClassToBody function| addHandler function| setupFavorites function| selectPicture function| customPPTCheckAll function| customPPTCheckNone function| toggleCollapse function| toggleElement function| toggleUI function| togglePanel function| dedent function| setProgress function| stopUpdate function| updateProgress function| runReport function| accessVideoAnalyzer function| loadReport function| cancelReport function| switchToAnswers function| switchToQuestions function| initLocalAjax function| extractCookie function| switchAdvanced function| runLoadHandlers function| popUp function| initAjax function| extendCampaign function| dashboardSelectSplit function| dashboardStyle function| clickLink function| elementHighlight function| elementUnhighlight function| makeHotCells function| _$_ function| setAppVersion function| setFlashVersion function| reportHasError function| mailqueueShowAll function| editInline_keypress function| requireField function| executeExternal function| panelChangeCampaignType function| applyDateVerifier function| ajaxReportCall function| centerInObject function| dashboardWait function| dashboardWaitDone function| ddDrop function| ddPickup function| ddMove function| editInline function| formMarkError object| GenericEditor function| getReportURL function| jsonAjax object| loadHandlers function| rand_text function| randomString function| renameSegment function| reportSavePosition function| setCheckboxes function| setFolderName function| showElement function| simpleAjax object| Survey boolean| xmlhttp boolean| skippedDevs boolean| segmentWasRenamed string| lastSentSegmentText number| lastSegmentRenamed number| ddInitialized number| ddLastZ object| ddObject object| ddSlots undefined| ddStartX undefined| ddStartY undefined| ddObjStartX undefined| ddObjStartY number| configProgress number| reportStage number| progressCookie number| currentTimeout object| currentSurveyPath number| outstandingRequests function| appendSurvey object| ImageSwap object| survey_popUp object| respview function| DP_jQuery_1671524319283 string| _$_$ function| setupExclusive function| goForward object| swfobject object| jQuery18309481800081145297 number| QsIsTesting string| QsLangCode function| RealAnswerComplete object| a0_0xdc72 function| a0_0x43fc object| imperium_qualityscore object| realAnswerQuestions number| rnd2 string| rnd1 string| val1 string| uuid number| timeOnoe8941.0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			survey-d.yoursurveynow.com/	1970-01-20 09:01:56	Name: IRIS_SESSION Value: 3ekc6qktbz0ucehg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2cjqdos4nhnz5.cloudfront.net
qualityscore.imperium.com
ra.imperium.com
survey-d.dynata.com
survey-d.yoursurveynow.com
surveyfiles.dynata.com
t.mailing.bein.com
2600:9000:206e:3400:18:e956:a840:21
2600:9000:2304:7e00:1e:8286:a600:93a1
3.217.88.90
34.211.93.146
50.17.67.194
91.190.170.11
0084b814961b71fabbffc1405f766616f5e94831b1df8381ff64db78fdf70306
02450116f8c89895906079390c99dbb6ffa32307cd40ac4de363ac4125b51838
0a6b4d9005929321f8383967aa7508d0fe5b3f4a45bc3243719cf46240852f9c
16355ea806e6b7359b593a7e8ae2e5a2841ce222c795db38e515923161935e35
17150f05391e7689ba1ab3ed1cc2b21a69b201f4d1a8285f1249bae497f9c57a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ca5c539a62c510de8b9a6c4e824be57494679dc13f88691ff130bdfb4a40f5a
53d1ec88850541fbe7ed72c46faf487f89e0261463d1403b0c32b5619bf7a5c6
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
633c40d9db084d925263c46e2ddfbb8b2e745ecccedc0b4f27200cd0a590a0ca
66b2e1b53ad99ebad65e9743ad34ee410686c3ee00d8b419e7efbf0eb660f4a7
73e3fbd3b6c791205f9b2b90a80b881f418fb06ed8b18924638eb907e904d2b9
8c53c7c7c83c02d6e7315dbae64c7890a845324e2b8d443b0bcfee0dd8f1f8e8
9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111
9e3a1183919c8ce62130c9aaea84c0dc2c94844dfcf1183180c246f84b5b8269
aa54c88043e91c42d30c07d3903f775a0e32b2f5177cc3a2a3536dcbb5b5e2f5
b8ec3a9737c1479971a86a3787dd8e4f79b81318889ed5edd3759518543715ee