downer.au.damstraforms.com Open in urlscan Pro
54.79.28.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://downer.au.damstraforms.com/export_requests/1342
Effective URL:
https://downer.au.damstraforms.com/signin
Submission: On October 27 via manual (October 27th 2021, 3:12:11 am UTC) from IN — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 54.79.28.68, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is downer.au.damstraforms.com.
TLS certificate: Issued by Amazon on July 26th 2021. Valid for: a year.

This is the only time downer.au.damstraforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	54.79.28.68 54.79.28.68	16509 (AMAZON-02) (AMAZON-02)
3	18.66.121.9 18.66.121.9	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	5

5 54.79.28.68 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-79-28-68.ap-southeast-2.compute.amazonaws.com

downer.au.damstraforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.121.9 (United States)

ASN16509 (AMAZON-02, US)

dk6ltolsor0l2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	damstraforms.com 1 redirects downer.au.damstraforms.com	85 KB
3	cloudfront.net dk6ltolsor0l2.cloudfront.net	2 MB
1	nr-data.net bam-cell.nr-data.net	715 B
1	newrelic.com js-agent.newrelic.com	13 KB
13	4

	Domain	Requested by
5	downer.au.damstraforms.com	1 redirects downer.au.damstraforms.com dk6ltolsor0l2.cloudfront.net
3	dk6ltolsor0l2.cloudfront.net	downer.au.damstraforms.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	downer.au.damstraforms.com
13	4

This site contains links to these domains. Also see Links.

Domain
app.au.damstraforms.com

Subject Issuer	Validity	Valid
damstraforms.com Amazon	`2021-07-26` - `2022-08-24`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://downer.au.damstraforms.com/signin
Frame ID: A40789391D6CE5510D0FF126F7A53F8F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Damstra Forms | Sign in

Page URL History Show full URLs

https://downer.au.damstraforms.com/export_requests/1342 HTTP 302
https://downer.au.damstraforms.com/signin Page URL

Page Statistics

13
Requests

69 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1690 kB
Transfer

5590 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.au.damstraforms.com/auth/authenticate?on_success_url=https%3A%2F%2Fdowner.au.damstraforms.com%2Fsession%2Fpresigned&strategy_path=%2Fauth%2Fmicrosoft_v2_auth&expires=2235304262&token=83bbac4f4d4b21f09b00ba08b80aa2c8e94e068a
Title: Sign in with Microsoft

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://downer.au.damstraforms.com/export_requests/1342 HTTP 302
https://downer.au.damstraforms.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
downer.au.damstraforms.com/
Redirect Chain

https://downer.au.damstraforms.com/export_requests/1342
https://downer.au.damstraforms.com/signin

12 KB
6 KB

342ms
341ms

Document
text/html

54.79.28.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://downer.au.damstraforms.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.79.28.68 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-79-28-68.ap-southeast-2.compute.amazonaws.com

Software

WebServer /

Resource Hash

e588be4aade37bb4cc2b438f537d042fdc152affece59b9bc8523e3ffb695323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: downer.au.damstraforms.com
:scheme: https
:path: /signin
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: _APEMobileWeb_session=cU1nMXlUcTFmd214anZ2Tml4azhtZkVZeFl6V1JWeEJ5MmNXZjVoSEV5a0lMWjJ2YTFTL1ZYcVBjWWNpMTBIcVVKTDdVN3F6ZkRZSzBpa2JMYUFUV05YcmVwVVhvcHhaT042SmRDMFZrMWtmTkQ5RU5WVUhWTURUT3ByL3J3UEpnWXlNWEEvUkxNdmdtUDBnYnFpQjBmWStRZ1NNNUxCbFg5SElJeHlTTUc0PS0tdzhVTnF0MGxzZG4xb3VaSkliajBTdz09--8ed26fa04fdc1ac69f9ef519df07a93f7b307658
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 27 Oct 2021 03:12:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"e588be4aade37bb4cc2b438f537d042f"
cache-control: max-age=0, private, must-revalidate
set-cookie: _APEMobileWeb_session=eWNiZnkzMDhUbFNXYVFkbTZ5M3V0WjJ5S0hSOCt3c2pHa3kwbm1MbkZKcU1BRXRvZVMrZHNWcWtiaDFSUnVndWo3MmgyQWIvWldjMkRlaEhlM0FONWh1S3hWVkVHblpPbXF6WDhVbFRCODUvWC9Rb1k1VHY1Tkhtb2VmNDk5cGVGNDhXQUxsK3pTSlByZkNpR0lKWlVnMENiWGpFSHErV3RXbGdaM0ZzWXUvbU5JcEtmbUhySW9JRUl1MEFhK2kwdVlWNDgxemNIQTFVa2hIMVdyRWNmRlpMQ1Zmd2IrcDY3TFJyNjZaWTYvWDZ3dVBOTzdta05XempiTzJSYXpZMi0tRG14aGJydW5ZaDJ6UzNFTURkME9ZZz09--a438fd6a10474fe0c995609adc6d31a6d48e7c87; path=/; Secure; HttpOnly
x-request-id: f0d9bec6-9220-4e82-8e40-3f13453f2211
x-runtime: 0.065036
server: WebServer
x-server-hostname-ssl: ape-mobile-production-web-i-0ae6a9ed4137f9ffc
strict-transport-security: max-age=31536000; includeSubDomains
x-server-hostname: ape-mobile-production-web-i-0ae6a9ed4137f9ffc
content-encoding: gzip

Redirect headers

date: Wed, 27 Oct 2021 03:12:00 GMT
content-type: text/html; charset=utf-8
location: https://downer.au.damstraforms.com/signin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: _APEMobileWeb_session=cU1nMXlUcTFmd214anZ2Tml4azhtZkVZeFl6V1JWeEJ5MmNXZjVoSEV5a0lMWjJ2YTFTL1ZYcVBjWWNpMTBIcVVKTDdVN3F6ZkRZSzBpa2JMYUFUV05YcmVwVVhvcHhaT042SmRDMFZrMWtmTkQ5RU5WVUhWTURUT3ByL3J3UEpnWXlNWEEvUkxNdmdtUDBnYnFpQjBmWStRZ1NNNUxCbFg5SElJeHlTTUc0PS0tdzhVTnF0MGxzZG4xb3VaSkliajBTdz09--8ed26fa04fdc1ac69f9ef519df07a93f7b307658; path=/; Secure; HttpOnly
x-request-id: de16a498-60af-44fb-9aa9-74571fa82436
x-runtime: 0.040267
server: WebServer
x-server-hostname-ssl: ape-mobile-production-web-i-037578dfd29228045
strict-transport-security: max-age=31536000; includeSubDomains
x-server-hostname: ape-mobile-production-web-i-037578dfd29228045

GET
H2 200 application-a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631.js Show response
downer.au.damstraforms.com/assets/ 204 KB
71 KB 288ms
271ms Script
application/javascript 54.79.28.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downer.au.damstraforms.com/assets/application-a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631.js
Requested by: Host: downer.au.damstraforms.com
URL: https://downer.au.damstraforms.com/signin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.79.28.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-79-28-68.ap-southeast-2.compute.amazonaws.com
Software: WebServer /
Resource Hash: a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631

Request headers

:path: /assets/application-a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631.js
pragma: no-cache
cookie: _APEMobileWeb_session=eWNiZnkzMDhUbFNXYVFkbTZ5M3V0WjJ5S0hSOCt3c2pHa3kwbm1MbkZKcU1BRXRvZVMrZHNWcWtiaDFSUnVndWo3MmgyQWIvWldjMkRlaEhlM0FONWh1S3hWVkVHblpPbXF6WDhVbFRCODUvWC9Rb1k1VHY1Tkhtb2VmNDk5cGVGNDhXQUxsK3pTSlByZkNpR0lKWlVnMENiWGpFSHErV3RXbGdaM0ZzWXUvbU5JcEtmbUhySW9JRUl1MEFhK2kwdVlWNDgxemNIQTFVa2hIMVdyRWNmRlpMQ1Zmd2IrcDY3TFJyNjZaWTYvWDZ3dVBOTzdta05XempiTzJSYXpZMi0tRG14aGJydW5ZaDJ6UzNFTURkME9ZZz09--a438fd6a10474fe0c995609adc6d31a6d48e7c87
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: downer.au.damstraforms.com
referer: https://downer.au.damstraforms.com/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://downer.au.damstraforms.com/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:12:00 GMT
cache-control: max-age=315360000 public
content-type: application/javascript
last-modified: Mon, 03 May 2021 04:11:21 GMT
server: WebServer
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor.ape.js Show response
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/ 14 KB
6 KB 84ms
17ms Script
application/javascript 18.66.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/vendor.ape.js
Requested by: Host: downer.au.damstraforms.com
URL: https://downer.au.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9607f2068dc00b45612e775c69c835c045082b7c9ee108031a36cac413ca2125

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downer.au.damstraforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 04:18:12 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 03:34:37 GMT
server: AmazonS3
age: 514429
etag: W/"2ae0755a63bfe21450f4335434bafb09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
cache-control: max-age=365000000, immutable
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: XQpeIDQWzH2PrDWFD2sBvhdaoxPVyCYLbkg9KM4z_u__AKbK3yUhBA==

GET
H2 200 mainsite.ape.js Show response
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/ 3 MB
1 MB 118ms
52ms Script
application/javascript 18.66.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/mainsite.ape.js
Requested by: Host: downer.au.damstraforms.com
URL: https://downer.au.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d9799ac418e1ada01d2e3b6e28b0ec6e37899b5fb93ee841720be88eb76a85d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downer.au.damstraforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 04:18:11 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 03:34:36 GMT
server: AmazonS3
age: 514429
etag: W/"51ef18317dfd7268c51b6c0e79f0aa7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
cache-control: max-age=365000000, immutable
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: yW-oRslXgjoiCyGAfBRgTQDbfziCrfAWkbqmb3WTyn9yShzu0VxAYA==

GET
H2 200 liveview.ape.js Show response
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/ 2 MB
545 KB 84ms
18ms Script
application/javascript 18.66.121.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/liveview.ape.js
Requested by: Host: downer.au.damstraforms.com
URL: https://downer.au.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0156266fa50d635b30907e674d7dc0e03ecc72a9a22a3156095d7c440ca3cdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downer.au.damstraforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 04:18:11 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 03:34:36 GMT
server: AmazonS3
age: 514429
etag: W/"41ecd632d1d1006c58abdf7b68779242"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
cache-control: max-age=365000000, immutable
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: iqkH2WWknuSUWb2SgYO20K3MlZ4yBonQEMHCZulHflY-gg2D-xcWxw==

GET 15d5858eff9fa8aa25f4e97f673bf565.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/ 0
0

GET e36e1456fe17f1468ff8c3a056a80611.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/ 0
0

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a38e89cfd0de6cfe6b68f6fdd0235c5195f192ad70c6e98a1bd4e8ef28da0ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET 1273fc499bfc664dba6a88890cfee07d.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/ 0
0

GET 497895911cd9ae5b9bf111c461fcff03.woff
dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/ 0
0

GET
H2 200 signin.json Show response
downer.au.damstraforms.com/ 439 B
1 KB 359ms
359ms Fetch
application/json 54.79.28.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://downer.au.damstraforms.com/signin.json

Requested by

Host: dk6ltolsor0l2.cloudfront.net
URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/mainsite.ape.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.79.28.68 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-79-28-68.ap-southeast-2.compute.amazonaws.com

Software

WebServer /

Resource Hash

b9d2398b021a8ada6d41f0a291426610ac3bd3796b3a9057a6347c4d72c77691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
x-csrf-token: KNqt/LUoZj6tYE9sIghnlqtmWXat9b1UfqUtmwNzUEd0Bm2PLFOhM/wi0Ytk0OE86meoxYbDCLCd+qayPvkxtQ==
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: _APEMobileWeb_session=eWNiZnkzMDhUbFNXYVFkbTZ5M3V0WjJ5S0hSOCt3c2pHa3kwbm1MbkZKcU1BRXRvZVMrZHNWcWtiaDFSUnVndWo3MmgyQWIvWldjMkRlaEhlM0FONWh1S3hWVkVHblpPbXF6WDhVbFRCODUvWC9Rb1k1VHY1Tkhtb2VmNDk5cGVGNDhXQUxsK3pTSlByZkNpR0lKWlVnMENiWGpFSHErV3RXbGdaM0ZzWXUvbU5JcEtmbUhySW9JRUl1MEFhK2kwdVlWNDgxemNIQTFVa2hIMVdyRWNmRlpMQ1Zmd2IrcDY3TFJyNjZaWTYvWDZ3dVBOTzdta05XempiTzJSYXpZMi0tRG14aGJydW5ZaDJ6UzNFTURkME9ZZz09--a438fd6a10474fe0c995609adc6d31a6d48e7c87; dd_rum_test=test; _dd_s=logs=1&id=a974a28f-6d50-4d1f-afe0-550035fc4921&created=1635304322209&expire=1635305222209
:path: /signin.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: application/json
cache-control: no-cache
:authority: downer.au.damstraforms.com
referer: https://downer.au.damstraforms.com/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json
Referer: https://downer.au.damstraforms.com/signin
X-CSRF-Token: KNqt/LUoZj6tYE9sIghnlqtmWXat9b1UfqUtmwNzUEd0Bm2PLFOhM/wi0Ytk0OE86meoxYbDCLCd+qayPvkxtQ==
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Oct 2021 03:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-server-hostname-ssl: ape-mobile-production-web-i-0a3a2faf1c8aa786d
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 2568e962-fe85-4baf-9bcc-aa1cd95a01a0
x-runtime: 0.081768
x-server-hostname: ape-mobile-production-web-i-0a3a2faf1c8aa786d
referrer-policy: strict-origin-when-cross-origin
server: WebServer
etag: W/"b9d2398b021a8ada6d41f0a291426610"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
set-cookie: _APEMobileWeb_session=SkN1RUFiZEJwcGlGV0ZxbnEvQVlXd0xoU2V2T01TRFFCcUJiM0VYZ3lQQzlyME9YdjFzdmVLRFJMancrSXhWNitOOHhNbTlCcTcxYWYwOUZGdHkyeWl4TisyZUhwOTdJdTU2Ly84MjFCZm1yNE1QUXlRYzQ1aTVWNU9KNlQxdVVtcmpsaUF4dnlveXNEc1BKMjVNTjNWcVdmZW5xNkU0ZDlnSGZaMDQ0U2Ivc3VrNG1YSEtPK0ZobzNPWWdtcWpJQW4zQVRBU2JPOVpXeVA1N3RWc3pIb3FvZnZJdVRkbGlPSzNJNmFYR2dVcllQa2ZUUFBib3VVenh0QVNZWGxLMS0taUZsdGU3LzByMmx1M3l2SlNUbTlvdz09--956ca582b1bcabe676a9b8e0dec114f1983a90d0; path=/; Secure; HttpOnly

GET
H2 200 microsoft-8bce8e49b9f0bebd190a1cc23eeaad3bb8ff503ff154116cacdb68f2a165aa79.png
downer.au.damstraforms.com/assets/button-logos/ 5 KB
6 KB 282ms
279ms Image
image/png 54.79.28.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://downer.au.damstraforms.com/assets/button-logos/microsoft-8bce8e49b9f0bebd190a1cc23eeaad3bb8ff503ff154116cacdb68f2a165aa79.png
Requested by: Host: downer.au.damstraforms.com
URL: https://downer.au.damstraforms.com/signin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.79.28.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-79-28-68.ap-southeast-2.compute.amazonaws.com
Software: WebServer /
Resource Hash: 8bce8e49b9f0bebd190a1cc23eeaad3bb8ff503ff154116cacdb68f2a165aa79

Request headers

:path: /assets/button-logos/microsoft-8bce8e49b9f0bebd190a1cc23eeaad3bb8ff503ff154116cacdb68f2a165aa79.png
pragma: no-cache
cookie: dd_rum_test=test; _dd_s=logs=1&id=a974a28f-6d50-4d1f-afe0-550035fc4921&created=1635304322209&expire=1635305222209; _APEMobileWeb_session=SkN1RUFiZEJwcGlGV0ZxbnEvQVlXd0xoU2V2T01TRFFCcUJiM0VYZ3lQQzlyME9YdjFzdmVLRFJMancrSXhWNitOOHhNbTlCcTcxYWYwOUZGdHkyeWl4TisyZUhwOTdJdTU2Ly84MjFCZm1yNE1QUXlRYzQ1aTVWNU9KNlQxdVVtcmpsaUF4dnlveXNEc1BKMjVNTjNWcVdmZW5xNkU0ZDlnSGZaMDQ0U2Ivc3VrNG1YSEtPK0ZobzNPWWdtcWpJQW4zQVRBU2JPOVpXeVA1N3RWc3pIb3FvZnZJdVRkbGlPSzNJNmFYR2dVcllQa2ZUUFBib3VVenh0QVNZWGxLMS0taUZsdGU3LzByMmx1M3l2SlNUbTlvdz09--956ca582b1bcabe676a9b8e0dec114f1983a90d0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: downer.au.damstraforms.com
referer: https://downer.au.damstraforms.com/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://downer.au.damstraforms.com/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:12:02 GMT
last-modified: Mon, 03 May 2021 04:07:45 GMT
server: WebServer
content-type: image/png
cache-control: max-age=315360000 public
accept-ranges: bytes
content-length: 5598
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 620ms
11ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: downer.au.damstraforms.com
URL: https://downer.au.damstraforms.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downer.au.damstraforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: AVTH4FS16E8233K7
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: 2tuSKKHgv0Gnez3uDvObk6hLwQ8iuD9gc7ol0THBhcBhUhhziKcdH9SFph396VEKpqK2bwfbwRs=
x-served-by: cache-hhn4071-HHN
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1635304324.050437,VS0,VE0
date: Wed, 27 Oct 2021 03:12:04 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8171

GET
H/1.1 200
OK NRBR-edb81c4ca39909dd0e8 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 920ms
881ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRBR-edb81c4ca39909dd0e8?a=742909455&v=1211.ba193a8&to=cgpbEkZZDlkGS0pFVEIWXAlaRU1bBk4%3D&rst=4751&ck=1&ref=https://downer.au.damstraforms.com/signin&ap=65&be=2174&fe=4123&dc=3011&perf=%7B%22timing%22:%7B%22of%22:1635304319309,%22n%22:0,%22r%22:2,%22re%22:904,%22f%22:904,%22dn%22:904,%22dne%22:904,%22c%22:904,%22ce%22:904,%22rq%22:906,%22rp%22:1248,%22rpe%22:1251,%22dl%22:1298,%22di%22:2943,%22ds%22:2943,%22de%22:3066,%22dc%22:4110,%22l%22:4110,%22le%22:4124%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=2933&fcp=2933&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downer.au.damstraforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 03:12:04 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a48bd99ac897160-DUS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dk6ltolsor0l2.cloudfront.net
URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/15d5858eff9fa8aa25f4e97f673bf565.woff

Domain: dk6ltolsor0l2.cloudfront.net
URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/e36e1456fe17f1468ff8c3a056a80611.woff

Domain: dk6ltolsor0l2.cloudfront.net
URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/1273fc499bfc664dba6a88890cfee07d.woff

Domain: dk6ltolsor0l2.cloudfront.net
URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/497895911cd9ae5b9bf111c461fcff03.woff

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
downer.au.damstraforms.com/	1970-01-19 22:15:05	Name: _dd_s Value: logs=1&id=a974a28f-6d50-4d1f-afe0-550035fc4921&created=1635304322209&expire=1635305222209
downer.au.damstraforms.com/	1969-12-31 23:59:59	Name: _APEMobileWeb_session Value: SkN1RUFiZEJwcGlGV0ZxbnEvQVlXd0xoU2V2T01TRFFCcUJiM0VYZ3lQQzlyME9YdjFzdmVLRFJMancrSXhWNitOOHhNbTlCcTcxYWYwOUZGdHkyeWl4TisyZUhwOTdJdTU2Ly84MjFCZm1yNE1QUXlRYzQ1aTVWNU9KNlQxdVVtcmpsaUF4dnlveXNEc1BKMjVNTjNWcVdmZW5xNkU0ZDlnSGZaMDQ0U2Ivc3VrNG1YSEtPK0ZobzNPWWdtcWpJQW4zQVRBU2JPOVpXeVA1N3RWc3pIb3FvZnZJdVRkbGlPSzNJNmFYR2dVcllQa2ZUUFBib3VVenh0QVNZWGxLMS0taUZsdGU3LzByMmx1M3l2SlNUbTlvdz09--956ca582b1bcabe676a9b8e0dec114f1983a90d0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9bbd058f72a7d4f6

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://downer.au.damstraforms.com/signin Message: Access to font at 'https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/15d5858eff9fa8aa25f4e97f673bf565.woff' from origin 'https://downer.au.damstraforms.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/15d5858eff9fa8aa25f4e97f673bf565.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://downer.au.damstraforms.com/signin Message: Access to font at 'https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/e36e1456fe17f1468ff8c3a056a80611.woff' from origin 'https://downer.au.damstraforms.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/e36e1456fe17f1468ff8c3a056a80611.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://downer.au.damstraforms.com/signin Message: Access to font at 'https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/1273fc499bfc664dba6a88890cfee07d.woff' from origin 'https://downer.au.damstraforms.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/1273fc499bfc664dba6a88890cfee07d.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://downer.au.damstraforms.com/signin Message: Access to font at 'https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/497895911cd9ae5b9bf111c461fcff03.woff' from origin 'https://downer.au.damstraforms.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dk6ltolsor0l2.cloudfront.net/ape-client/master/3.0.0/cf9dc44/497895911cd9ae5b9bf111c461fcff03.woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
dk6ltolsor0l2.cloudfront.net
downer.au.damstraforms.com
js-agent.newrelic.com
dk6ltolsor0l2.cloudfront.net
151.101.130.137
162.247.243.147
18.66.121.9
54.79.28.68
1d9799ac418e1ada01d2e3b6e28b0ec6e37899b5fb93ee841720be88eb76a85d
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
7a38e89cfd0de6cfe6b68f6fdd0235c5195f192ad70c6e98a1bd4e8ef28da0ce
8bce8e49b9f0bebd190a1cc23eeaad3bb8ff503ff154116cacdb68f2a165aa79
9607f2068dc00b45612e775c69c835c045082b7c9ee108031a36cac413ca2125
a2437ec63539628424ddeab09faf26be4d6922170272bd23dc63c2683d318631
b9d2398b021a8ada6d41f0a291426610ac3bd3796b3a9057a6347c4d72c77691
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e0156266fa50d635b30907e674d7dc0e03ecc72a9a22a3156095d7c440ca3cdb
e588be4aade37bb4cc2b438f537d042fdc152affece59b9bc8523e3ffb695323

downer.au.damstraforms.com Open in urlscan Pro 54.79.28.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

69 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

1690 kBTransfer

5590 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

3 Cookies

8 Console Messages

Security Headers

Indicators

downer.au.damstraforms.com Open in urlscan Pro
54.79.28.68 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

69 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

1690 kB
Transfer

5590 kB
Size

3
Cookies

13 HTTP transactions
1 data transactions