portal.fraud.ink Open in urlscan Pro
2606:4700:3031::ac43:9cf9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://spectrumsurveys.com/#/start-survey?survey_id=19829773&supplier_id=655&surveysig=2a61cf5d8ca7d684953f49f06a4d4ef62ee4...
Effective URL:
https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
Submission: On October 05 via api (October 5th 2023, 10:11:15 am UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3031::ac43:9cf9, located in United States and belongs to CLOUDFLARENET, US. The main domain is portal.fraud.ink. The Cisco Umbrella rank of the primary domain is 667609.
TLS certificate: Issued by E1 on August 13th 2023. Valid for: 3 months.

This is the only time portal.fraud.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	34.231.219.36 34.231.219.36	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
3	75.2.69.97 75.2.69.97	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	2606:4700:20:... 2606:4700:20::681a:5c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2606:4700:303... 2606:4700:3031::ac43:9cf9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:205... 2600:9000:2057:7600:15:ad1b:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.43.151.221 13.43.151.221	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2603:1020:201... 2603:1020:201:e::1ac	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700:303... 2606:4700:3031::6815:5132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.147.5 18.66.147.5	16509 (AMAZON-02) (AMAZON-02)
59	19

20 34.231.219.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-219-36.compute-1.amazonaws.com

spectrumsurveys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 75.2.69.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3f2c118684a26706.awsglobalaccelerator.com

prod.rtymgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.2 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5c5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.bitlabs.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3031::ac43:9cf9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

click.fraud.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portal.fraud.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:7600:15:ad1b:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

idsuite.navigatorsurveys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.43.151.221 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-151-221.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o494432.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1020:201:e::1ac (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

trkr6.fraud.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:5132 (United States)

ASN13335 (CLOUDFLARENET, US)

fraud.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	spectrumsurveys.com spectrumsurveys.com — Cisco Umbrella Rank: 255184	318 KB
11	fraud.ink 2 redirects click.fraud.ink — Cisco Umbrella Rank: 661097 portal.fraud.ink — Cisco Umbrella Rank: 667609 trkr6.fraud.ink — Cisco Umbrella Rank: 626563 fraud.ink — Cisco Umbrella Rank: 530033	162 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	102 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 59065 ads.anura.io — Cisco Umbrella Rank: 77350	21 KB
3	rtymgt.com prod.rtymgt.com — Cisco Umbrella Rank: 117745	24 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
2	navigatorsurveys.com idsuite.navigatorsurveys.com — Cisco Umbrella Rank: 326461	92 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 2586	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101	59 KB
1	sentry.io o494432.ingest.sentry.io — Cisco Umbrella Rank: 415126	324 B
1	bitlabs.ai 1 redirects api.bitlabs.ai — Cisco Umbrella Rank: 138573	476 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 456	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	81 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	349 B
0	yourlast.click Failed 5e43d207-5345-4743-b16d-464e7ecad44e-rlv.yourlast.click Failed
59	15

	Domain	Requested by
20	spectrumsurveys.com	spectrumsurveys.com
8	cdnjs.cloudflare.com	spectrumsurveys.com
6	portal.fraud.ink	1 redirects spectrumsurveys.com portal.fraud.ink
3	fraud.ink	portal.fraud.ink
3	prod.rtymgt.com	spectrumsurveys.com portal.fraud.ink
2	script.anura.io	idsuite.navigatorsurveys.com portal.fraud.ink
2	idsuite.navigatorsurveys.com	portal.fraud.ink idsuite.navigatorsurveys.com
2	bam-cell.nr-data.net	spectrumsurveys.com
2	www.google-analytics.com	spectrumsurveys.com
1	ads.anura.io	portal.fraud.ink
1	trkr6.fraud.ink	portal.fraud.ink
1	o494432.ingest.sentry.io	portal.fraud.ink
1	click.fraud.ink	1 redirects portal.fraud.ink
1	api.bitlabs.ai	1 redirects
1	js-agent.newrelic.com	spectrumsurveys.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	spectrumsurveys.com
1	stats.g.doubleclick.net	spectrumsurveys.com
1	script.hotjar.com	spectrumsurveys.com
1	static.hotjar.com	spectrumsurveys.com
0	5e43d207-5345-4743-b16d-464e7ecad44e-rlv.yourlast.click Failed	portal.fraud.ink
59	21

This site contains no links.

Subject Issuer	Validity	Valid
spectrumsurveys.com Amazon RSA 2048 M02	`2023-05-27` - `2024-06-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
prod.rtymgt.com Amazon RSA 2048 M01	`2023-07-20` - `2024-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
fraud.ink E1	`2023-08-13` - `2023-11-11`	3 months	crt.sh
idsuite.navigatorsurveys.com Amazon RSA 2048 M01	`2023-04-03` - `2024-04-30`	a year	crt.sh
script.anura.io Amazon RSA 2048 M01	`2023-06-12` - `2024-07-10`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
trkr6.fraud.ink R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
ads.anura.io Amazon RSA 2048 M01	`2023-05-30` - `2024-06-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
Frame ID: 7535DB4ACE7040ED7D0B55D23BA8A27B
Requests: 58 HTTP requests in this frame

Frame: https://idsuite.navigatorsurveys.com/orid.min.html
Frame ID: CFC68CC57C1863FA03881B118D0CD01D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fraud.ink

Page URL History Show full URLs

https://spectrumsurveys.com/ Page URL
https://api.bitlabs.ai/v1/networks/3/callback/screenout?supplier_id=655&survey_id=19829773&ps_rstat... HTTP 307
https://click.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e HTTP 303
https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e?mb=fg HTTP 307
https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

95 %
HTTPS

53 %
IPv6

15
Domains

21
Subdomains

19
IPs

5
Countries

899 kB
Transfer

2294 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://spectrumsurveys.com/ Page URL
https://api.bitlabs.ai/v1/networks/3/callback/screenout?supplier_id=655&survey_id=19829773&ps_rstatus=82&ps_supplier_sid=412376671&ps_supplier_respondent_id=177877372&ps_custom_svar1=19829773-0.35&ps_custom_svar2=9ffa45bfd08a108cb9aa1b15018a1eca4cdeb48b&ps_s_hash=d8077e164d1ba018c6519e775ad12467e6a0a62a HTTP 307
https://click.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e HTTP 303
https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e?mb=fg HTTP 307
https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
spectrumsurveys.com/ 31 KB
11 KB 390ms
127ms Document
text/html 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

6f6eb08b493d7cc7544dc24c1353a68c1ba8fde331fd5303cbccd7a751de8e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 05 Oct 2023 10:11:09 GMT
etag: W/"7ce2-18afa935450"
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 all.min.css
spectrumsurveys.com/js/ 185 KB
34 KB 132ms
121ms Stylesheet
text/css 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/all.min.css

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

febb4bb629c655fea47dbf73371b931e8f53c6d92c2ed573cb9d185a81d90bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"2e389-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 isteven-multi-select.css
spectrumsurveys.com/css/ 7 KB
2 KB 129ms
118ms Stylesheet
text/css 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/css/isteven-multi-select.css

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

deb3ac54a98ff54432031bce03dde48eac51879106f6b22a61e46e4d7bc18773

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"1c63-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 bootstrap_3_3_4.min.js Show response
spectrumsurveys.com/js/cdnFiles/ 35 KB
10 KB 246ms
236ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/cdnFiles/bootstrap_3_3_4.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"8c73-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.0/ 151 KB
47 KB 92ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.0/angular.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d7f5425e16871d298c9e79b07ae5283ef0656f7ccbd8cdf6dc658673aef749

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1870783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47905
last-modified: Mon, 04 May 2020 16:04:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d27-25add"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sN5zDa%2BBe3WQWT3xLU7gQAASDZE97%2BtiAQssi5siMUSWDT2kC1ocYMoM3kJ2nZQcQCXY%2FI79%2FPRN7MWZHjZWfEd8IY9LuG1Vs5FOyVTsOJQrc0hfHH7vdfv1QmQbFX%2BgeDAf7mzXWRrDFKLbvHmtCG9I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e1008bff9b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 angular-touch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-touch/1.5.7/ 4 KB
2 KB 113ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-touch/1.5.7/angular-touch.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b0667b6b1a5fa3884a4f60a0d2673421f38173d26d6717ee724812aa9ccafd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9136526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1610
last-modified: Mon, 04 May 2020 16:04:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d23-f64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZednyJ3rvqQXGMJGwIYzTi19YT0GVY9b0cJcdW1F5PGeKzZu9U%2FkBvm2TVSZKiyXN37TcwOB9gDltdqa%2BcVYayh5wy1%2BygxwaiEet1JJZqw42j2NpB%2FNWKVn7xOgkn54vBabPv6xQnmNaJKFcwkIjbJ1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e1008c019b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.18/ 32 KB
11 KB 89ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.18/angular-ui-router.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14b2ac80e5b295ec1117257bd3038bfb7d0ccd8cbcf1dd3670ba6ed5f1f4f058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6110051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10825
last-modified: Thu, 22 Jun 2023 10:45:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494262f-2a49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb4ifY%2FifvJb%2BYWQlF3V5bSKZ5xNY3RiwAamqlt35g3p8pYWvWSn0hRQ1hUUNKQGEJmIPSNsATVhh7fdHBJbKJgZ73h5fsSrmKUz1uFs%2BLnL87yQEYEKbvjc%2Fg499A9poApeafAsz0UsEhdQNUX5TNfG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e1008c049b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 angular-local-storage.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-local-storage/0.2.6/ 5 KB
2 KB 87ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-local-storage/0.2.6/angular-local-storage.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a698d55dde7089eb58553567469e5c901fe48f0c794532e155e547b40a46cbe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2347692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1621
last-modified: Thu, 22 Jun 2023 10:45:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494262d-655"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwYBuaanp%2Bk2UFOvwJkADQZnrLNglWLhbjRGPTYlUc%2BzfA4Zp0N%2Flr2l6buoNSkd%2BwLXsZxJMCwRQYNAtHXi%2F%2BH4me0riRqKgx2gtFIHZSbbsQK68hjDZgRzH5HtwrBgNM4hd0I5x3kwDW%2B2LdcxygQS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e1008c059b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.0/ 1 KB
1010 B 90ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.0/angular-cookies.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28831b86f057b8ea27ce88e9de491d4209a45bb320b353b5775ce75dc0a55ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11029154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 686
last-modified: Mon, 04 May 2020 16:04:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d26-599"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSr%2F1udV84iu576l395x6%2Fk%2BcaybB7RddGlFGwu1GH2DBqK6nEqb0tSy3D5DnRypIT9rqK9MBL7D%2Ft4dqUTo3omGriqImG%2BuwugDsIJ6ttWAOH%2F8B7VdkZboMM%2BvYuHWbnIj%2FRDw1wUPbM6FhkDaL7Em"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e1008c069b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.5/ 25 KB
8 KB 89ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.5/angular-animate.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f477e1622f070acc4d9a2405d6b689891ce07ba8c0383e903e15886ba5ed17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1263495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8119
last-modified: Mon, 04 May 2020 16:04:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d26-6264"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwHuFQLc%2FnJvhx%2FR5Hn2YzbCf2Pdml0tZaVaa3c0Rpv7Agy5LoNJieMwJfimTzSeD1aID%2Fg0d%2BL5yvGzB5xgyloXdsjesae1B4ZA7zYz3ocXZZUnqO07lvt4To6wT3pty5CXPgeRdf%2BbyrivrQp737LE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e1008c079b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 bootstrap-switch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-switch/3.3.2/js/ 15 KB
3 KB 111ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-switch/3.3.2/js/bootstrap-switch.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b009172f00c548007f4b4f4908e591be7a0e9e11980eef55a8c9db08a0213332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10424908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2878
last-modified: Mon, 04 May 2020 16:06:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8f-3a37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vCSmS7mYs6UxfMIm3WaVK2DfILs0DR5DRAlbe%2BBAowK00LcwHWEfRhIkyB2VRMTZCikhxFmHOISDYzCTGh69BvV7Ept6Usc7GfPpnfcCnXcuYnHDtpaYyEhuzTIO%2BGNYyYQ4tFl9qYbBnRYHlUiHrnk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e1008c089b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 ui-bootstrap-2.5.0.js Show response
spectrumsurveys.com/js/cdnFiles/ 243 KB
53 KB 245ms
236ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/cdnFiles/ui-bootstrap-2.5.0.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

ece4fc1fabb14ad1ce24c644d937997c8f7ad09c8480d3e7f7e0c402f6a624f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"3cc29-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 ui-bootstrap-tpls-2.5.0.min.js Show response
spectrumsurveys.com/js/cdnFiles// 123 KB
32 KB 370ms
361ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/cdnFiles//ui-bootstrap-tpls-2.5.0.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

b727d65b62ed250348fa5dc5d21eb10d5fe28fa31f9fc97048a1d63ac9848173

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"1eb20-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 ua-device-detector.js Show response
spectrumsurveys.com/js/cdnFiles/ 23 KB
5 KB 128ms
119ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/cdnFiles/ua-device-detector.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

69bac717cf7058d09977900c1a67440630c01a7725cd7a078ecf635cad59722a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"5c42-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 re-tree.js Show response
spectrumsurveys.com/js/cdnFiles/ 2 KB
1 KB 127ms
119ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/cdnFiles/re-tree.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

c5e036fe8b354f66e115a08a0d2f2f9bd1cd8ae0c3a1a223c6849bd43e507fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"967-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 ng-device-detector.js Show response
spectrumsurveys.com/js/cdnFiles/ 3 KB
1 KB 128ms
120ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/cdnFiles/ng-device-detector.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

76d20839597d65a036a59ff7ad7d301dcc1dc41c0b8b2225c71cd9d4cb1cf6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"b14-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 allFile.min.js Show response
spectrumsurveys.com/js/ 91 KB
25 KB 129ms
121ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/allFile.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

ec78b59e15dced29289e7c69c9a6621e6fcc67257de49b642904082761197017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"16db6-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 lib.min.js Show response
spectrumsurveys.com/js/ 73 KB
24 KB 244ms
237ms Script
application/javascript 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/js/lib.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

e3216c590444471de253fa87d207d07e7ad2e4d851a5075944e9750c49301832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"122a8-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 96ms
22ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 09:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1287
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Oct 2023 11:49:42 GMT

GET
H2 200 hotjar-1069357.js Show response
static.hotjar.com/c/ 10 KB
4 KB 108ms
26ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1069357.js?sv=6

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

94c03eca8a401bd68d7f1dc5e469baee18a4b49a381e3d121d82955d59ae811a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 10:10:28 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 41
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b3f3214b22bbfb8247211fea99ea9d4f
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: ZXxCeagbu1mC2pJg23OGVRIxnHnM-7Nw9DxolEKCaTYXwg5nGi8IvA==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/ 84 KB
27 KB 44ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://spectrumsurveys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 05 Oct 2023 10:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4805556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27046
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-69a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dEoDdm1QOtiLLVbKsXvyDj1AbRf%2FloQi7sBQhSvah3AXhHLHjJvNGHtFN%2BZxarKFggtjpbZrR3MzrNEiLdKjWhUtXx9aqk95n3dTIQBLSsm3XP1o4xUai4fsQDuIu2sKBzkBlOiVR7mX5dfSKgC8ZIj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8114e102ce729b55-FRA
expires: Tue, 24 Sep 2024 10:11:09 GMT

GET
H2 200 rd_sys_util.min.js Show response
prod.rtymgt.com/static/js/ 14 KB
14 KB 367ms
122ms Script
application/javascript 75.2.69.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.rtymgt.com/static/js/rd_sys_util.min.js
Requested by: Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3f2c118684a26706.awsglobalaccelerator.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: aba33594b6a6efd4746f61f17d7e87b4fc1472f32de1e379d69afffbb0679aab

Request headers

Referer: https://spectrumsurveys.com/
Origin: https://spectrumsurveys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:10 GMT
last-modified: Wed, 24 May 2023 14:08:07 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "1684937287.0-14156-1829117253"
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://spectrumsurveys.com
cache-control: public, max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 14156
expires: Thu, 05 Oct 2023 22:11:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
225 B 49ms
20ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=979992128&t=pageview&_s=1&dl=https%3A%2F%2Fspectrumsurveys.com%2F&ul=en-us&de=UTF-8&dt=PureSpectrum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=467753508&gjid=1564141049&cid=590508504.1696500670&tid=UA-90912933-1&_gid=956723947.1696500670&_r=1&_slc=1&z=1795023054

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

11459c4555b3d451356ebcdee95d5006bed3bb6518c8228013c3c9447d825b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://spectrumsurveys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:11:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://spectrumsurveys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.2d5bf596db9f70e52d73.js Show response
script.hotjar.com/ 225 KB
55 KB 110ms
28ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2d5bf596db9f70e52d73.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

63a06ddc1806396f825ef303ead232a2c586f1d67c14488365d5ae0ce9a3d819

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 9664
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55803
last-modified: Thu, 05 Oct 2023 07:29:34 GMT
etag: "06c5f6cf107dd86fc7bb151e03af913a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: w24jYdfen_78-p84FOMyND0i59KqYNn-VZtGlJnZePppxaEFStip9A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 95ms
31ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90912933-1&cid=590508504.1696500670&jid=467753508&gjid=1564141049&_gid=956723947.1696500670&_u=IEBAAEAAAAAAACAAI~&z=1840003926

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spectrumsurveys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:11:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://spectrumsurveys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 102ms
41ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CF554KGPKR&cx=c&_slc=1

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ff070314de11fced3c5cbcfdad87ac09c8233ed0e4712b819827c577a9fd4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83047
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 10:11:10 GMT

GET
H2 200 bootstrapping_data Show response
spectrumsurveys.com/v1/pss_screener/ 2 KB
1 KB 119ms
119ms XHR
application/json 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/v1/pss_screener/bootstrapping_data?from=screener

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

240c6b69601b072f0a231f2baea13f35e67688b6cf152dc0db73b01caa0bf14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://spectrumsurveys.com/
tracestate: 1554523@nr=0-1-1554523-402857516-a99f1f3b38aa7e9c----1696500670389
traceparent: 00-6ccea4241c72c9441e7319abbaf01340-a99f1f3b38aa7e9c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1NTQ1MjMiLCJhcCI6IjQwMjg1NzUxNiIsImlkIjoiYTk5ZjFmM2IzOGFhN2U5YyIsInRyIjoiNmNjZWE0MjQxYzcyYzk0NDFlNzMxOWFiYmFmMDEzNDAiLCJ0aSI6MTY5NjUwMDY3MDM4OX19

Response headers

date: Thu, 05 Oct 2023 10:11:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"916-KDEObbaWoCXgBz28DKFIwRaEAn4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
access-control-expose-headers: total
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0

GET
H2 200 screenerV3.html Show response
spectrumsurveys.com/ 15 KB
3 KB 137ms
137ms XHR
text/html 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/screenerV3.html

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

e545d8f10fd6775fc02728be0ff9e05e537b08aa44bb0ae2051f2930c120750f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/html
Referer: https://spectrumsurveys.com/
tracestate: 1554523@nr=0-1-1554523-402857516-b21367575b8f2134----1696500670392
traceparent: 00-2d431abfb8954b258ddbb27596ee8bb0-b21367575b8f2134-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1NTQ1MjMiLCJhcCI6IjQwMjg1NzUxNiIsImlkIjoiYjIxMzY3NTc1YjhmMjEzNCIsInRyIjoiMmQ0MzFhYmZiODk1NGIyNThkZGJiMjc1OTZlZThiYjAiLCJ0aSI6MTY5NjUwMDY3MDM5Mn19

Response headers

date: Thu, 05 Oct 2023 10:11:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"3d65-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 86ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CF554KGPKR&gtm=45je3a20&_p=979992128&ul=en-us&sr=1600x1200&cid=590508504.1696500670&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fspectrumsurveys.com%2F&dt=PureSpectrum&sid=1696500670&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CF554KGPKR&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:11:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://spectrumsurveys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1194.min.js Show response
js-agent.newrelic.com/ 38 KB
15 KB 81ms
21ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1194.min.js

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8834ddce6c2616d408815291510e0cdb40f167096470453cb1f507dd10f3874a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 varnish
date: Thu, 05 Oct 2023 10:11:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: 9YC61310NFEE16MP
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15269
x-amz-id-2: j7Pbq4nHOTJd1ISiwsWsinGFbq914SinJOk1Hwj6boCdoL4OPOmclQwTzWN0V7Xm+ljAW889QRc=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Wed, 06 Jan 2021 22:25:52 GMT
server: AmazonS3
x-timer: S1696500671.516263,VS0,VE1
etag: "358d2665ead3c6938bfd0db8a15a6ceb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 transactions Show response
spectrumsurveys.com/ 781 B
1 KB 249ms
249ms XHR
application/json 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/transactions

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

0bb1b482422f3d4766a48e6517ffb86475a12ca2ba90a83bc063455ef22d2ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

tracestate: 1554523@nr=0-1-1554523-402857516-2e24d9835f72934c----1696500670582
traceparent: 00-d4d377b5e2929206a6022a4e255468c0-2e24d9835f72934c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1NTQ1MjMiLCJhcCI6IjQwMjg1NzUxNiIsImlkIjoiMmUyNGQ5ODM1ZjcyOTM0YyIsInRyIjoiZDRkMzc3YjVlMjkyOTIwNmE2MDIyYTRlMjU1NDY4YzAiLCJ0aSI6MTY5NjUwMDY3MDU4Mn19
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://spectrumsurveys.com/

Response headers

date: Thu, 05 Oct 2023 10:11:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 781
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"30d-AmIvvbhHqTSjZa0DCwA9aEu9fnY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
access-control-expose-headers: total
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0

GET
H2 200 long-arrow.png
spectrumsurveys.com/img/ 471 B
914 B 117ms
117ms Image
image/png 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spectrumsurveys.com/img/long-arrow.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

966df07744dfcd50a2bcbc4bb0d62049cdc4b86370baabe151116de803d962d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 471
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"1d7-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H/1.1 200
OK 4716993641 Show response
bam-cell.nr-data.net/1/ 56 B
948 B 711ms
577ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/4716993641?a=46874375&sa=1&v=1194.94d5a62&t=Unnamed%20Transaction&rst=1643&ck=1&ref=https://spectrumsurveys.com/&be=885&fe=1489&dc=1384&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1696500668961,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:26,%22c%22:26,%22s%22:141,%22ce%22:264,%22rq%22:264,%22rp%22:391,%22rpe%22:495,%22dl%22:414,%22di%22:997,%22ds%22:1384,%22de%22:1433,%22dc%22:1489,%22l%22:1489,%22le%22:1490%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spectrumsurveys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 10:11:11 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIxfqrV8Fbx4JC8VaVgE1VDSVfiUYApb26ts1oFm5261Aml8cM6Cj2yZPDePQ%2B0KLRaO6BlchYbRytZUg6IAcxZPGLPAR6v99Nykz5tPe5NK7SEGCl9gEtRTOaUDezPzdCUZDmxm"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8114e1082c59bbb5-FRA

GET
H2 200 getHash Show response
spectrumsurveys.com/ 94 B
630 B 118ms
118ms XHR
application/json 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/getHash?sn_ud=1Bl6TUxW5psDX5x1GolQf0&sy_nr=19829773&coordinates=1&postcode=1&rt_cy_ce=NG&usage_type=1&pass_params=MCMjMCMjZW4tVVMjIzIwMjMtMTAtNSAxMjoxMToxMCMjIyNkVzVrWldacGJtVmtKQ1FrSkhWdVpHVm1hVzVsWkNRa0pDUXhOakF3ZURFeU1EQTZNVFl3TUhneE1qZzFKQ1FrSkRFMk1EQjRNVEl3TURveU5Eb3lOQ1FrSkNRMEpDUWtKRGdrSkNRa1JYVnliM0JsTDBKbGNteHBiaVFrSkNRdE1USXdKQ1FrSkhWdVpHVm1hVzVsWkNRa0pDUjFibVJsWm1sdVpXUT0=

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

f4f023619a8480238b1f218c1592ef248e0bbe2b2dde2dfd6baa4fd17decd3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://spectrumsurveys.com/
tracestate: 1554523@nr=0-1-1554523-402857516-c9f1d5f6a8d3bd87----1696500670835
traceparent: 00-d667f445096f4959791b355119925050-c9f1d5f6a8d3bd87-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1NTQ1MjMiLCJhcCI6IjQwMjg1NzUxNiIsImlkIjoiYzlmMWQ1ZjZhOGQzYmQ4NyIsInRyIjoiZDY2N2Y0NDUwOTZmNDk1OTc5MWIzNTUxMTk5MjUwNTAiLCJ0aSI6MTY5NjUwMDY3MDgzNX19

Response headers

date: Thu, 05 Oct 2023 10:11:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 94
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"5e-fDph7Dsw+5osbmGfiajhWFxTKtA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
access-control-expose-headers: total
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0

GET
H2 200 ad7ee271-f073-4afd-a997-75873c5e886a Show response
prod.rtymgt.com/api/v4/respondents/search/ 1 KB
1 KB 690ms
480ms XHR
application/json 75.2.69.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.rtymgt.com/api/v4/respondents/search/ad7ee271-f073-4afd-a997-75873c5e886a?sn_ud=1Bl6TUxW5psDX5x1GolQf0&sy_nr=19829773&coordinates=1&postcode=1&rt_cy_ce=NG&usage_type=1&validation=f1d980af8e5100698e53540a8a3e1358271bfe510bcbf23bfc463e12ef313161&MCMjMCMjZW4tVVMjIzIwMjMtMTAtNSAxMjoxMToxMCMjIyNkVzVrWldacGJtVmtKQ1FrSkhWdVpHVm1hVzVsWkNRa0pDUXhOakF3ZURFeU1EQTZNVFl3TUhneE1qZzFKQ1FrSkRFMk1EQjRNVEl3TURveU5Eb3lOQ1FrSkNRMEpDUWtKRGdrSkNRa1JYVnliM0JsTDBKbGNteHBiaVFrSkNRdE1USXdKQ1FrSkhWdVpHVm1hVzVsWkNRa0pDUjFibVJsWm1sdVpXUT0=
Requested by: Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3f2c118684a26706.awsglobalaccelerator.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e341e3f0cb064693d261b25662cf5e2a7c35d8c02b99742b095d6356ee30490c

Request headers

Accept: application/json, text/plain, */*
Referer: https://spectrumsurveys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://spectrumsurveys.com
date: Thu, 05 Oct 2023 10:11:11 GMT
access-control-allow-credentials: true
server: nginx/1.10.3 (Ubuntu)
content-length: 1250
vary: Origin
content-type: application/json

POST
H2 200 research-defender-hashing Show response
spectrumsurveys.com/ 210 B
747 B 124ms
123ms XHR
application/json 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/research-defender-hashing

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

5ecb1db87547f3fe60034c599b707734be46de1e994ea53431a945bcd27c8ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

tracestate: 1554523@nr=0-1-1554523-402857516-5e1cfe7e42b32be8----1696500671693
traceparent: 00-6d56436dfcafcdbec67169ba54bb5090-5e1cfe7e42b32be8-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1NTQ1MjMiLCJhcCI6IjQwMjg1NzUxNiIsImlkIjoiNWUxY2ZlN2U0MmIzMmJlOCIsInRyIjoiNmQ1NjQzNmRmY2FmY2RiZWM2NzE2OWJhNTRiYjUwOTAiLCJ0aSI6MTY5NjUwMDY3MTY5M319
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://spectrumsurveys.com/

Response headers

date: Thu, 05 Oct 2023 10:11:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 210
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"d2-GPeHqWoTAhYThobFaDDiJYP4Ntc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
access-control-expose-headers: total
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0

POST
H2 200 1Bl6TUxW5psDX5x1GolQf0
spectrumsurveys.com/transactions/ 398 B
937 B 141ms
138ms XHR
application/json 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/transactions/1Bl6TUxW5psDX5x1GolQf0

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

tracestate: 1554523@nr=0-1-1554523-402857516-b61ab355daad6146----1696500671829
traceparent: 00-99351f165469e49b8d78ca7d55d1ac00-b61ab355daad6146-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1NTQ1MjMiLCJhcCI6IjQwMjg1NzUxNiIsImlkIjoiYjYxYWIzNTVkYWFkNjE0NiIsInRyIjoiOTkzNTFmMTY1NDY5ZTQ5YjhkNzhjYTdkNTVkMWFjMDAiLCJ0aSI6MTY5NjUwMDY3MTgyOX19
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://spectrumsurveys.com/

Response headers

date: Thu, 05 Oct 2023 10:11:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 398
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"18e-KX9y2gwTUX3xGsnb3NZv2ek4u+M"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
access-control-expose-headers: total
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0

GET
H2

200

Primary Request / Show response
portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/
Redirect Chain

https://api.bitlabs.ai/v1/networks/3/callback/screenout?supplier_id=655&survey_id=19829773&ps_rstatus=82&ps_supplier_sid=412376671&ps_supplier_respondent_id=177877372&ps_custom_svar1=19829773-0.35&...
https://click.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e
https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e?mb=fg
https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg

3 KB
2 KB

97ms
96ms

Document
text/html

2606:4700:3031::ac43:9cf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/js/allFile.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9cf9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd42d1ab1e0c010a18dd70fbffc89bdfe76a6270ba16a5268ecca33eb71033b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://spectrumsurveys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8114e1159dac1c20-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 05 Oct 2023 10:11:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4XPy9Wt8HBmnBtnSevx%2F%2FVbfpZf7%2Fy9FAYikg%2FEljTHCM8ebJsayWXJLEwwhx76uG1USLXV%2FRKvhwoLdCf77RLBkI%2Fbl%2BtKY3atpcVvuSTaLnYohHw6rxuC7b%2FvcAK8X6al%2B%2BiLSTRWnsiMFU8M"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8114e1156d661c20-FRA
date: Thu, 05 Oct 2023 10:11:12 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn%2BxbdHkG9nbGDJA50SLXlay5dP%2BmbproKm6aqsEsAv1p4OXteDibgvuqgZJwuq8YeIcjrPOAWrkfRsg9gRRnRLrYvSb11b7TegWFi2j5Izm6gwd5pWX2PX7uUaL3D%2FN6RyvmlTy4mGSWMU9zGZD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 error.html
spectrumsurveys.com/ 387 B
859 B 117ms
117ms XHR
text/html 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/error.html

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/html
Referer: https://spectrumsurveys.com/
tracestate: 1554523@nr=0-1-1554523-402857516-f551231d1d9cd14c----1696500671979
traceparent: 00-2bbaf12b52363f810eca78eefa4d8500-f551231d1d9cd14c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE1NTQ1MjMiLCJhcCI6IjQwMjg1NzUxNiIsImlkIjoiZjU1MTIzMWQxZDljZDE0YyIsInRyIjoiMmJiYWYxMmI1MjM2M2Y4MTBlY2E3OGVlZmE0ZDg1MDAiLCJ0aSI6MTY5NjUwMDY3MTk3OX19

Response headers

date: Thu, 05 Oct 2023 10:11:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 387
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"183-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 OpenSans.woff
spectrumsurveys.com/fonts/ 110 KB
110 KB 117ms
117ms Font
font/woff 34.231.219.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spectrumsurveys.com/fonts/OpenSans.woff

Requested by

Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/js/all.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.219.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-219-36.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://spectrumsurveys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 112520
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Oct 2023 12:04:34 GMT
cross-origin-opener-policy: same-origin
etag: W/"1b788-18afa935450"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff
origin-agent-cluster: ?1
cache-control: public, max-age=0
accept-ranges: bytes

POST
H/1.1 200
OK 4716993641
bam-cell.nr-data.net/events/1/ 24 B
749 B 160ms
160ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/4716993641?a=46874375&sa=1&v=1194.94d5a62&t=Unnamed%20Transaction&rst=3150&ck=1&ref=https://spectrumsurveys.com/
Requested by: Host: spectrumsurveys.com
URL: https://spectrumsurveys.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spectrumsurveys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 05 Oct 2023 10:11:12 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://spectrumsurveys.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5nWoNsCBj35VBkKMOzUrfTl83zV9U7c2Ik8JgH%2BK88B6%2FekcB78QZJLt%2FswVBURIztp%2Bl6noTuA9Ceo%2BvQX3aMyYiDd7%2BpcbwNW%2F8WfiPvoFG%2Bp28AEsCl%2FzP4QhZ360SkuETfk"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8114e110b802bbb5-FRA
Content-Length: 24

GET
H2 200 loading.gif
portal.fraud.ink/ 66 KB
66 KB 35ms
33ms Image
image/gif 2606:4700:3031::ac43:9cf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.fraud.ink/loading.gif

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9cf9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea314fdb418403576b31ae91cefdd602e81f0154733cadce3f676f238b005f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1653
alt-svc: h3=":443"; ma=86400
content-length: 67389
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "f7a67b43eee13c998f214b521f8b1b65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Arqg32a2kHPGHEl68DQfH3oE1UmFlD7kyBhz7OqfdIqcdRf5uuBMv%2FaZLqlC3%2Fahy4bVW%2FkA1S9lSi7SjPdCJ5%2BBL%2FGdfdlmqEjT5Xqnpr8VePMNZOkSmnQkQW%2BtG07BESg8JzbSbFPgSQZrsEMb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8114e1164e961c20-FRA

GET
H2 200 finished.gif
portal.fraud.ink/ 10 KB
10 KB 57ms
54ms Image
image/gif 2606:4700:3031::ac43:9cf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.fraud.ink/finished.gif

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9cf9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee54e34257aca98e69ed6a4ce451c433fcaa560cd602cdf41880c96bff6bcb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096
alt-svc: h3=":443"; ma=86400
content-length: 10017
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "a50265dbe210d097608b51e7a9e300c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qetftrF84HACwx2U8P6ERT6%2F9vsvRo9jEMA2glWcq%2F7peILRa%2FQJSL%2BKN7jg6OMmW7ngJh%2FFqXkY3c9UeU6GeNYOIOXmEqtQgloY%2FiLjQoEde6f0YqF9nZhxPisRlFamm64YA3bb7mC6fNb26lbp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8114e1164e971c20-FRA

GET
H2 200 sc_review_lib_secured_v1-2.min.js Show response
prod.rtymgt.com/static/js/review/ 9 KB
9 KB 139ms
137ms Script
application/javascript 75.2.69.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.rtymgt.com/static/js/review/sc_review_lib_secured_v1-2.min.js?v=1.0.1
Requested by: Host: portal.fraud.ink
URL: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3f2c118684a26706.awsglobalaccelerator.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 688eeeaf91db19ffca01e7f4653986a6b14f2c48ca6abc4235de377c25824932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
last-modified: Fri, 06 Mar 2020 08:13:03 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "1583482383.0-8788-1388455265"
content-type: application/javascript
cache-control: public, max-age=43200
accept-ranges: bytes
content-length: 8788
expires: Thu, 05 Oct 2023 22:11:13 GMT

GET
H2 200 cleanid-v3.current.min.js Show response
idsuite.navigatorsurveys.com/ 91 KB
91 KB 147ms
27ms Script
application/x-javascript 2600:9000:2057:7600:15:ad1b:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idsuite.navigatorsurveys.com/cleanid-v3.current.min.js
Requested by: Host: portal.fraud.ink
URL: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:15:ad1b:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d05c9546b8ecc4f9a2e40becf83a1d67f9df1103706219998a5a939e8d8ea67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:24:50 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified: Thu, 07 Sep 2023 09:12:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 38868
x-amz-server-side-encryption: AES256
etag: "5b5c0252cde500e5b45385d8d9c16f7c"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 92909
x-amz-cf-id: QC6uKqhvttZ9N5RKuJPD4YvPrPoJmbYf2mpcJl4ezK1_NdD-Nzx33g==

GET
H2 200 index-10d702d7.js Show response
portal.fraud.ink/assets/ 105 KB
35 KB 57ms
55ms Script
application/javascript 2606:4700:3031::ac43:9cf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fraud.ink/assets/index-10d702d7.js

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9cf9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cdca09ba4888e7ff84a44276026a31ab89ca9e5af164f7592675c8cb784e95d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
Origin: https://portal.fraud.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3212
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d15a601a26e5d0f1ff06bf2265523fc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2A3XWjJV0ucdujon%2BWuQDLz4ZrXtCe7gZ%2FhlQHsigjhh3Hvu05U4OK7N9BN%2FTk%2FJjVBVDT6XU3fO79EdX%2BmXX3KoF6HR2MMk1HcvUHHq9B5kP6e4ugCJc7xqjHwgpwn6AUlCDpMWHP3xSfQHWjG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8114e1164e951c20-FRA

GET
H2 200 index-a8b915e8.css
portal.fraud.ink/assets/ 207 B
499 B 33ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:9cf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fraud.ink/assets/index-a8b915e8.css

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9cf9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8b915e863f867447a763852dae9303abf202594342465adbac5f46555a11547

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1653
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"37e45680a77572d6cac141d254d9e383"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gykO0mgXmM2q%2FYiSy63Ple6PgRTPzt0ncbK2cNR3t8yM3ZjC%2FvzF1xwyGN6tqx32A02irtzdfi%2Fvd0DaFgGNrww7Qd%2FUsBJfFuaUuQT9YET6SqMFck5%2BjMWxDUW79PClYIXV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8114e1164e931c20-FRA

GET
H2 200 request.js Show response
script.anura.io/ 54 KB
20 KB 231ms
129ms Script
application/javascript 13.43.151.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=842046990&source=5D2D900AFE163478D92478A2BBDF5E51-30005-1&callback=IDSuite.anuraCallback&63547286697

Requested by

Host: idsuite.navigatorsurveys.com
URL: https://idsuite.navigatorsurveys.com/cleanid-v3.current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.43.151.221 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-43-151-221.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a7b32fa5cb8885e7f16b16d4dd1f35e1de57ff445f95df4c98a9a67878d34a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 / Show response
o494432.ingest.sentry.io/api/4505034569089024/envelope/ 2 B
324 B 99ms
30ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o494432.ingest.sentry.io/api/4505034569089024/envelope/?sentry_key=167353bb7c5141308b120e473e8f9ce0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.48.0

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/assets/index-10d702d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://portal.fraud.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 5e43d207-5345-4743-b16d-464e7ecad44e
trkr6.fraud.ink/v2/ 0
0 105ms
31ms Fetch 2603:1020:201:e::1ac
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://trkr6.fraud.ink/v2/5e43d207-5345-4743-b16d-464e7ecad44e
Requested by: Host: portal.fraud.ink
URL: https://portal.fraud.ink/assets/index-10d702d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:201:e::1ac Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Oct 2023 10:11:13 GMT
content-length: 0
vary: Origin

GET
H2 200 YPgyyJwT5CiEdABa Show response
fraud.ink/f710gooQjG1ZfKwS/ 127 KB
46 KB 135ms
44ms Script
text/javascript 2606:4700:3031::6815:5132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.ink/f710gooQjG1ZfKwS/YPgyyJwT5CiEdABa?apiKey=H5GYk2ozDguZKwJ03vbl

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/assets/index-10d702d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:5132 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f83799aaed597550feff6a938ce9d55789d17ee9e39f78dd46520661369890

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.fraud.ink/
Origin: https://portal.fraud.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
x-amz-cf-pop: FRA56-P5
content-encoding: br
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"fhEpa41UfxvnDvAx1lbiCHv7c7I"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81RX3tdK4te8KjNFMf6477%2BEq%2FJJi6nLT1R2MFri5KuLxzjgGq9iA0a%2BAQ0kvJJQ8N0fK1EGLV0w7myVyeVelxuBViMheiieVM9jSEqLGtiWjA8RTaXzl%2FiL7yvpKOjdY6p8RzhBaDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 8114e1183d921b9f-FRA
timing-allow-origin: *
x-amz-cf-id: GosiWIJ0oq7Mh7gMXBXmu4VwLrjoTHlgUDLO7xduX2FhwycmwQZq9g==

GET /
5e43d207-5345-4743-b16d-464e7ecad44e-rlv.yourlast.click/ 0
0

GET
BLOB 200
OK ed92e28f-25ae-4099-82d5-1e95be5f740b
https://portal.fraud.ink/ 185 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.fraud.ink/ed92e28f-25ae-4099-82d5-1e95be5f740b
Requested by: Host: portal.fraud.ink
URL: https://portal.fraud.ink/tx/5e43d207-5345-4743-b16d-464e7ecad44e/?mb=fg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 852941709b55524e1a728401963117506c38343fb0983164bd61ceaf153a55cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 185
Content-Type: text/javascript

GET
H2 200 orid.min.html Show response
idsuite.navigatorsurveys.com/ Frame CFC6 793 B
1 KB 24ms
24ms Document
text/html 2600:9000:2057:7600:15:ad1b:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idsuite.navigatorsurveys.com/orid.min.html
Requested by: Host: idsuite.navigatorsurveys.com
URL: https://idsuite.navigatorsurveys.com/cleanid-v3.current.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:15:ad1b:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a70b6b0c23364446cc6edbb5b488b1d9124dde88aeb128174dae1b2018fc8024

Request headers

Referer: https://portal.fraud.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85161
content-length: 793
content-type: text/html
date: Wed, 04 Oct 2023 10:31:54 GMT
etag: "cb69550948c82c76210bc704121c8124"
last-modified: Tue, 02 Aug 2022 08:38:52 GMT
server: AmazonS3
vary: Origin
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-id: t5qfOWKB3wq2L75hBtnFMaYKtHiEzTWC0U1CWkyVIF6G52n6JNPycQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 showads.js Show response
ads.anura.io/ 0
352 B 103ms
23ms XHR
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?382968369797
Requested by: Host: portal.fraud.ink
URL: https://portal.fraud.ink/assets/index-10d702d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:42:55 GMT
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 34098
vary: Accept-Encoding
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 5V7sNtiyfXeDIRlWOZyIc17nIx1SmAzwmILQxiXoYIrAAv2PR7GRdw==

GET
H2 200 4GWb_ Show response
fraud.ink/f710gooQjG1ZfKwS/gLtg0Pey3cTCG1l8/R6JpC/_yXaBL/r4vX2zR/ 96 B
567 B 46ms
46ms XHR
text/plain 2606:4700:3031::6815:5132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.ink/f710gooQjG1ZfKwS/gLtg0Pey3cTCG1l8/R6JpC/_yXaBL/r4vX2zR/4GWb_?region=eu

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/assets/index-10d702d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:5132 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c81b2baab4e1c091e4c3871e1b6fb53bfdbb35037d20ebbd057093d6ca3fcfa6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.fraud.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:11:13 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B62cTmgmskFgvB8lFKKvmxRLztpU9tMrI3bJWlYfL538jTXZKUDK8hfJPzeHLo8SK7H2BHv7P0E3kpSzAdtNkRRx8X29r58z%2FNsJZKuz3%2FSlAkd1qYR6VTbulqm6JEOS%2B7lVrnHndHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31534000, immutable, private
vary: Accept-Encoding
cf-ray: 8114e11a889d1b9f-FRA
timing-allow-origin: *
x-robots-tag: noindex

POST
H2 200 response.json Show response
script.anura.io/ 146 B
481 B 199ms
124ms XHR
application/json 13.43.151.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/assets/index-10d702d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.43.151.221 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-43-151-221.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1e8731864f6066fe5041d6b6017ca1f04620e5b2ff235216e4146972e033b74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.fraud.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 10:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H3 200 gLtg0Pey3cTCG1l8 Show response
fraud.ink/f710gooQjG1ZfKwS/ 396 B
1 KB 126ms
97ms XHR
text/plain 2606:4700:3031::6815:5132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.ink/f710gooQjG1ZfKwS/gLtg0Pey3cTCG1l8?region=eu&ci=js/3.8.25&ii=fingerprintjs-pro-cloudflare/1.4.0/procdn

Requested by

Host: portal.fraud.ink
URL: https://portal.fraud.ink/assets/index-10d702d7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:5132 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2a5f9950c56d6e0942f03f27e82201cbed958d6ff3a60683e6da88ea826dc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portal.fraud.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 10:11:14 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer
server: cloudflare
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://portal.fraud.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5v60RKaTcOfCmWU%2FUA1yFCSrd9XMgWMA5SCn7RIRHJgkX2ddA6k1x%2Bo0OsdX4YAW7xrFwP8alC%2BRnM85iB5C66HZAyU62hnBZqbi0CXozQ32SNASpJpWgLOw%2FioGQwC9vCit%2FCt9ILE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
cf-ray: 8114e11e8cb39966-FRA
timing-allow-origin: *

GET challenge
click.fraud.ink/v1/results/5e43d207-5345-4743-b16d-464e7ecad44e/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 5e43d207-5345-4743-b16d-464e7ecad44e-rlv.yourlast.click
URL: https://5e43d207-5345-4743-b16d-464e7ecad44e-rlv.yourlast.click/

Domain: click.fraud.ink
URL: https://click.fraud.ink/v1/results/5e43d207-5345-4743-b16d-464e7ecad44e/challenge

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spectrumsurveys.com/	1970-01-21 00:51:00	Name: _ga Value: GA1.2.590508504.1696500670
.spectrumsurveys.com/	1970-01-20 15:16:27	Name: _gid Value: GA1.2.956723947.1696500670
.spectrumsurveys.com/	1970-01-20 15:15:00	Name: _gat Value: 1
.spectrumsurveys.com/	1970-01-21 00:00:36	Name: _hjSessionUser_1069357 Value: eyJpZCI6IjI0YmRmYmFhLWE1YmQtNTUwOS05OWFmLTM0NzkxZDIxNDQ1ZSIsImNyZWF0ZWQiOjE2OTY1MDA2NzAyNDAsImV4aXN0aW5nIjpmYWxzZX0=
.spectrumsurveys.com/	1970-01-20 15:15:02	Name: _hjFirstSeen Value: 1
.spectrumsurveys.com/	1970-01-20 15:15:00	Name: _hjIncludedInSessionSample_1069357 Value: 0
.spectrumsurveys.com/	1970-01-20 15:15:02	Name: _hjSession_1069357 Value: eyJpZCI6Ijk0ZmIyMTI5LWVlZGUtNDczMy05OTJiLTVhZjkzZTE3ZjEwMCIsImNyZWF0ZWQiOjE2OTY1MDA2NzAyNDIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.spectrumsurveys.com/	1970-01-20 15:15:02	Name: _hjAbsoluteSessionInProgress Value: 0
spectrumsurveys.com/	1970-01-21 00:00:36	Name: rt_ce_ud Value: 00132919-50a9-411f-bbce-240dcbe655be
.spectrumsurveys.com/	1970-01-21 00:51:00	Name: _ga_CF554KGPKR Value: GS1.2.1696500670.1.0.1696500670.0.0.0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1cb5b62fffe06bcf
prod.rtymgt.com/	1970-01-21 00:02:03	Name: rt_ce_ud Value: 915c23ea-e86a-40b5-8ddc-174ddf6aea61
.fraud.ink/	1970-01-21 00:00:36	Name: _iidt Value: 9ErHfvrrPr68W3oRJIyQft6zkmuVod7a2kkPA6YDi+iJ65RceieKckWcGVwgURgjn9PNJFu61Ujo9OePn8U/B3qfA8IYP3Qizg==
.fraud.ink/	1970-01-21 00:00:36	Name: _vid_t Value: GfU0rUjUuJxvfnxUEXskAfzf+/dPPkAzhRw1GvDb6BJbYb96dVVVFfsQekx/iRN/E9C2ExJGWuHeupIoV+SuTp21f38txsu/8w==
portal.fraud.ink/	1970-01-20 15:16:27	Name: visitorId Value: WH8B2KQ6Wvq4yCQYfNFQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://spectrumsurveys.com/(Line 60) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://spectrumsurveys.com/(Line 60) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5e43d207-5345-4743-b16d-464e7ecad44e-rlv.yourlast.click
ads.anura.io
api.bitlabs.ai
bam-cell.nr-data.net
cdnjs.cloudflare.com
click.fraud.ink
fraud.ink
idsuite.navigatorsurveys.com
js-agent.newrelic.com
o494432.ingest.sentry.io
portal.fraud.ink
prod.rtymgt.com
region1.google-analytics.com
script.anura.io
script.hotjar.com
spectrumsurveys.com
static.hotjar.com
stats.g.doubleclick.net
trkr6.fraud.ink
www.google-analytics.com
www.googletagmanager.com
5e43d207-5345-4743-b16d-464e7ecad44e-rlv.yourlast.click
click.fraud.ink
13.32.27.54
13.43.151.221
151.101.194.137
162.247.241.2
18.66.147.5
18.66.97.49
2001:4860:4802:32::36
2600:9000:2057:7600:15:ad1b:c280:93a1
2603:1020:201:e::1ac
2606:4700:20::681a:5c5
2606:4700:3031::6815:5132
2606:4700:3031::ac43:9cf9
2606:4700::6811:190e
2a00:1450:4001:802::200e
2a00:1450:4001:806::2008
2a00:1450:400c:c07::9b
34.120.195.249
34.231.219.36
75.2.69.97
0bb1b482422f3d4766a48e6517ffb86475a12ca2ba90a83bc063455ef22d2ce1
0d05c9546b8ecc4f9a2e40becf83a1d67f9df1103706219998a5a939e8d8ea67
11459c4555b3d451356ebcdee95d5006bed3bb6518c8228013c3c9447d825b6a
14b2ac80e5b295ec1117257bd3038bfb7d0ccd8cbcf1dd3670ba6ed5f1f4f058
1b0667b6b1a5fa3884a4f60a0d2673421f38173d26d6717ee724812aa9ccafd9
1e8731864f6066fe5041d6b6017ca1f04620e5b2ff235216e4146972e033b74d
21f83799aaed597550feff6a938ce9d55789d17ee9e39f78dd46520661369890
240c6b69601b072f0a231f2baea13f35e67688b6cf152dc0db73b01caa0bf14b
28831b86f057b8ea27ce88e9de491d4209a45bb320b353b5775ce75dc0a55ec6
3ff070314de11fced3c5cbcfdad87ac09c8233ed0e4712b819827c577a9fd4c7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48f477e1622f070acc4d9a2405d6b689891ce07ba8c0383e903e15886ba5ed17
4a2a5f9950c56d6e0942f03f27e82201cbed958d6ff3a60683e6da88ea826dc9
4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab
5cdca09ba4888e7ff84a44276026a31ab89ca9e5af164f7592675c8cb784e95d
5ecb1db87547f3fe60034c599b707734be46de1e994ea53431a945bcd27c8ea6
63a06ddc1806396f825ef303ead232a2c586f1d67c14488365d5ae0ce9a3d819
688eeeaf91db19ffca01e7f4653986a6b14f2c48ca6abc4235de377c25824932
69bac717cf7058d09977900c1a67440630c01a7725cd7a078ecf635cad59722a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6eb08b493d7cc7544dc24c1353a68c1ba8fde331fd5303cbccd7a751de8e46
76d20839597d65a036a59ff7ad7d301dcc1dc41c0b8b2225c71cd9d4cb1cf6ec
7ee54e34257aca98e69ed6a4ce451c433fcaa560cd602cdf41880c96bff6bcb9
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
852941709b55524e1a728401963117506c38343fb0983164bd61ceaf153a55cb
8834ddce6c2616d408815291510e0cdb40f167096470453cb1f507dd10f3874a
94c03eca8a401bd68d7f1dc5e469baee18a4b49a381e3d121d82955d59ae811a
966df07744dfcd50a2bcbc4bb0d62049cdc4b86370baabe151116de803d962d5
a698d55dde7089eb58553567469e5c901fe48f0c794532e155e547b40a46cbe1
a70b6b0c23364446cc6edbb5b488b1d9124dde88aeb128174dae1b2018fc8024
a7b32fa5cb8885e7f16b16d4dd1f35e1de57ff445f95df4c98a9a67878d34a09
a8b915e863f867447a763852dae9303abf202594342465adbac5f46555a11547
aba33594b6a6efd4746f61f17d7e87b4fc1472f32de1e379d69afffbb0679aab
b009172f00c548007f4b4f4908e591be7a0e9e11980eef55a8c9db08a0213332
b727d65b62ed250348fa5dc5d21eb10d5fe28fa31f9fc97048a1d63ac9848173
c5e036fe8b354f66e115a08a0d2f2f9bd1cd8ae0c3a1a223c6849bd43e507fa6
c81b2baab4e1c091e4c3871e1b6fb53bfdbb35037d20ebbd057093d6ca3fcfa6
cd42d1ab1e0c010a18dd70fbffc89bdfe76a6270ba16a5268ecca33eb71033b3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb3ac54a98ff54432031bce03dde48eac51879106f6b22a61e46e4d7bc18773
e3216c590444471de253fa87d207d07e7ad2e4d851a5075944e9750c49301832
e341e3f0cb064693d261b25662cf5e2a7c35d8c02b99742b095d6356ee30490c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e545d8f10fd6775fc02728be0ff9e05e537b08aa44bb0ae2051f2930c120750f
e9d7f5425e16871d298c9e79b07ae5283ef0656f7ccbd8cdf6dc658673aef749
ea314fdb418403576b31ae91cefdd602e81f0154733cadce3f676f238b005f11
ec78b59e15dced29289e7c69c9a6621e6fcc67257de49b642904082761197017
ece4fc1fabb14ad1ce24c644d937997c8f7ad09c8480d3e7f7e0c402f6a624f8
f4f023619a8480238b1f218c1592ef248e0bbe2b2dde2dfd6baa4fd17decd3da
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
febb4bb629c655fea47dbf73371b931e8f53c6d92c2ed573cb9d185a81d90bf6

portal.fraud.ink Open in urlscan Pro 2606:4700:3031::ac43:9cf9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

95 %HTTPS

53 %IPv6

15 Domains

21 Subdomains

19 IPs

5 Countries

899 kBTransfer

2294 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portal.fraud.ink Open in urlscan Pro
2606:4700:3031::ac43:9cf9 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

95 %
HTTPS

53 %
IPv6

15
Domains

21
Subdomains

19
IPs

5
Countries

899 kB
Transfer

2294 kB
Size

15
Cookies

59 HTTP transactions
0 data transactions