redirect.bitlabs.ai Open in urlscan Pro
2606:4700:10::6816:1968 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.fraud.ink/tx/d6451227-2748-4441-9987-ea0024d92a4b
Effective URL:
https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&surv...
Submission: On December 07 via manual (December 7th 2023, 9:54:45 am UTC) from AE — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 2606:4700:10::6816:1968, located in United States and belongs to CLOUDFLARENET, US. The main domain is redirect.bitlabs.ai. The Cisco Umbrella rank of the primary domain is 687266.
TLS certificate: Issued by E1 on November 21st 2023. Valid for: 3 months.

This is the only time redirect.bitlabs.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:9cf9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:10:... 2606:4700:10::6816:1968	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	75.2.69.97 75.2.69.97	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:ac00:15:ad1b:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.10.186.13 3.10.186.13	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.5 18.66.147.5	16509 (AMAZON-02) (AMAZON-02)
16	5

1 2606:4700:3031::ac43:9cf9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.fraud.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:1968 (United States)

ASN13335 (CLOUDFLARENET, US)

redirect.bitlabs.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.bitlabs.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.69.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3f2c118684a26706.awsglobalaccelerator.com

prod.rtymgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:ac00:15:ad1b:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

idsuite.navigatorsurveys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.10.186.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-186-13.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bitlabs.ai redirect.bitlabs.ai — Cisco Umbrella Rank: 687266 api.bitlabs.ai — Cisco Umbrella Rank: 149382	385 KB
4	anura.io script.anura.io — Cisco Umbrella Rank: 55672 ads.anura.io — Cisco Umbrella Rank: 70839	21 KB
2	navigatorsurveys.com idsuite.navigatorsurveys.com — Cisco Umbrella Rank: 311041	93 KB
2	rtymgt.com prod.rtymgt.com — Cisco Umbrella Rank: 113393	9 KB
1	fraud.ink 1 redirects click.fraud.ink — Cisco Umbrella Rank: 497390	644 B
16	5

	Domain	Requested by
6	redirect.bitlabs.ai	redirect.bitlabs.ai
3	script.anura.io	idsuite.navigatorsurveys.com redirect.bitlabs.ai
2	api.bitlabs.ai	redirect.bitlabs.ai
2	idsuite.navigatorsurveys.com	redirect.bitlabs.ai idsuite.navigatorsurveys.com
2	prod.rtymgt.com	redirect.bitlabs.ai
1	ads.anura.io	redirect.bitlabs.ai
1	click.fraud.ink	1 redirects
16	7

This site contains no links.

Subject Issuer	Validity	Valid
bitlabs.ai E1	`2023-11-21` - `2024-02-19`	3 months	crt.sh
prod.rtymgt.com Amazon RSA 2048 M01	`2023-07-20` - `2024-08-17`	a year	crt.sh
idsuite.navigatorsurveys.com Amazon RSA 2048 M01	`2023-04-03` - `2024-04-30`	a year	crt.sh
script.anura.io Amazon RSA 2048 M02	`2023-10-16` - `2024-11-13`	a year	crt.sh
ads.anura.io Amazon RSA 2048 M01	`2023-05-30` - `2024-06-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b
Frame ID: E1E97441500F1D83793297C61213E324
Requests: 14 HTTP requests in this frame

Frame: https://idsuite.navigatorsurveys.com/orid.min.html
Frame ID: 427F835C05EE09806388F9B350AB02AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BitLabs - Redirect

Page URL History Show full URLs

https://click.fraud.ink/tx/d6451227-2748-4441-9987-ea0024d92a4b HTTP 303
https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&netwo... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

508 kB
Transfer

1174 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.fraud.ink/tx/d6451227-2748-4441-9987-ea0024d92a4b HTTP 303
https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
redirect.bitlabs.ai/
Redirect Chain

https://click.fraud.ink/tx/d6451227-2748-4441-9987-ea0024d92a4b
https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id...

1 KB
939 B

245ms
164ms

Document
text/html

2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c7116ac35f2e14bff4ac0f00ab43aadd9e2efbd6264f00026b821c64bf9ea0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=5184000, immutable
cf-cache-status: DYNAMIC
cf-ray: 831be37bbe271d9e-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 07 Dec 2023 09:54:40 GMT
last-modified: Fri, 05 May 2023 16:36:28 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831be37a9d3c9b80-FRA
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 09:54:40 GMT
location: https://redirect.bitlabs.ai?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSXm7zWD9ZAJ96hQwFXlKdjtSeKcylSl57xbw%2FTCKoSh0%2BYDki3PTbcZF5wRs1uUNZ2dSf%2FaEYgQuHx8LA7rYFjXBtJrvkKCfoT0Z52bLvccIcgfEwAMLfJUzxbAHQNK4gzmvpETi3awRwIAC%2BA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H2 200 sc_review_lib_secured_v1-2.min.js Show response
prod.rtymgt.com/static/js/review/ 9 KB
9 KB 340ms
124ms Script
application/javascript 75.2.69.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.rtymgt.com/static/js/review/sc_review_lib_secured_v1-2.min.js?v=1.0.1
Requested by: Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3f2c118684a26706.awsglobalaccelerator.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 688eeeaf91db19ffca01e7f4653986a6b14f2c48ca6abc4235de377c25824932

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:54:41 GMT
last-modified: Fri, 06 Mar 2020 08:13:03 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "1583482383.0-8788-1388455265"
content-type: application/javascript
cache-control: max-age=43200, public
accept-ranges: bytes
content-length: 8788
expires: Thu, 07 Dec 2023 21:54:41 GMT

GET
H2 200 cleanid-v3.current.min.js Show response
idsuite.navigatorsurveys.com/ 91 KB
92 KB 126ms
32ms Script
application/x-javascript 2600:9000:2057:ac00:15:ad1b:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idsuite.navigatorsurveys.com/cleanid-v3.current.min.js
Requested by: Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:15:ad1b:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c2d1281b26ee9ba8d5a61ce3a70eaa59fe7707c3d43030dbdc881cb9c5ebf83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 05:06:17 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 10:05:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 17315
x-amz-server-side-encryption: AES256
etag: "f45f317bdf0ba2167605df1259f2a2f8"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 93287
x-amz-cf-id: 1J_wDSUAIbj9EQstTJNb0tGs6rPQCKivnpqoTc9Ez5FT_lWBc9lJSw==

GET
H2 200 chunk-vendors.10855e6e.js Show response
redirect.bitlabs.ai/js/ 540 KB
220 KB 41ms
41ms Script
text/javascript 2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.bitlabs.ai/js/chunk-vendors.10855e6e.js

Requested by

Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dbcbb3c144bfc5e165583c0eb1019a764322d6d001bd2f36cf3ea9791b595c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; includeSubDomains; preload
cf-cache-status: HIT
age: 718565
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 05 May 2023 16:36:28 GMT
server: cloudflare
etag: "39807387"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 831be37dc8e71d9e-FRA

GET
H2 200 app.eaa5ddfa.js Show response
redirect.bitlabs.ai/js/ 12 KB
6 KB 44ms
43ms Script
text/javascript 2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.bitlabs.ai/js/app.eaa5ddfa.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

447d7d3187f8438a72766a84e1c60919169fb49313c9d3df35bc5c277f9d8146

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; includeSubDomains; preload
cf-cache-status: HIT
age: 533607
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 05 May 2023 16:36:28 GMT
server: cloudflare
etag: "39807387"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 831be37e89da1d9e-FRA

GET
H2 200 app.0c7d4d39.css
redirect.bitlabs.ai/css/ 173 KB
24 KB 45ms
45ms Stylesheet
text/css 2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.bitlabs.ai/css/app.0c7d4d39.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f5f6939b271ad531f04cecaa3a1819f6d6e75400492ebf7d84ca4c04555344

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redirect.bitlabs.ai/?app=470&cid=false&clk=3b228e30-a20f-4b4e-a895-5f894983aeb0&country=AE&network=13&sc_s=true&survey=594836&token=b37880e1-c5f4-48b8-8fbe-6b05858d3509&tx=455385724&user_id=270826901&fitx=d6451227-2748-4441-9987-ea0024d92a4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; includeSubDomains; preload
cf-cache-status: HIT
age: 2522023
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 05 May 2023 16:36:28 GMT
server: cloudflare
etag: "39807387"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
cf-ray: 831be37ccf871d9e-FRA

GET
H2 200 request.js Show response
script.anura.io/ 55 KB
20 KB 208ms
106ms Script
application/javascript 3.10.186.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=842046990&source=5D2D900AFE163478D92478A2BBDF5E51-30005-1&callback=IDSuite.anuraCallback&993294755399

Requested by

Host: idsuite.navigatorsurveys.com
URL: https://idsuite.navigatorsurveys.com/cleanid-v3.current.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.10.186.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-186-13.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

258cb38c3359f1fb679350ae20a76d04c57c1698360f2b13a1dd145fda50ff39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 09:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 a7de1e80-b19e-4fc0-8366-fc0a17b4a8ad Show response
prod.rtymgt.com/api/v3/respondents/get_token/ 186 B
468 B 457ms
169ms XHR
application/json 75.2.69.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.rtymgt.com/api/v3/respondents/get_token/a7de1e80-b19e-4fc0-8366-fc0a17b4a8ad
Requested by: Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/js/chunk-vendors.10855e6e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3f2c118684a26706.awsglobalaccelerator.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9a157d6d46d7d0595a26a88749fd05acc2f89733ea8fbd0d53eab185f0a0be22

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: https://redirect.bitlabs.ai
date: Thu, 07 Dec 2023 09:54:41 GMT
access-control-allow-credentials: true
server: nginx/1.10.3 (Ubuntu)
content-length: 186
vary: Origin
content-type: application/json

GET
H2 200 poppins-regular-400.497ba086.ttf
redirect.bitlabs.ai/fonts/ 141 KB
65 KB 50ms
50ms Font
font/ttf 2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.bitlabs.ai/fonts/poppins-regular-400.497ba086.ttf

Requested by

Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/css/app.0c7d4d39.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redirect.bitlabs.ai/css/app.0c7d4d39.css
Origin: https://redirect.bitlabs.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:54:41 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2187983
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 05 May 2023 16:36:28 GMT
server: cloudflare
etag: W/"39807387"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
cf-ray: 831be37f3b031d9e-FRA

GET
H2 200 orid.min.html Show response
idsuite.navigatorsurveys.com/ Frame 427F 793 B
1 KB 29ms
28ms Document
text/html 2600:9000:2057:ac00:15:ad1b:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://idsuite.navigatorsurveys.com/orid.min.html
Requested by: Host: idsuite.navigatorsurveys.com
URL: https://idsuite.navigatorsurveys.com/cleanid-v3.current.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:15:ad1b:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a70b6b0c23364446cc6edbb5b488b1d9124dde88aeb128174dae1b2018fc8024

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17525
content-length: 793
content-type: text/html
date: Thu, 07 Dec 2023 05:06:35 GMT
etag: "cb69550948c82c76210bc704121c8124"
last-modified: Tue, 02 Aug 2022 08:38:52 GMT
server: AmazonS3
vary: Origin
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-id: dzlyzmONK6Yyy2GR-S6cBjbKaabaUf6KtclmnJN-Hs5MPbOarnL3tg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 showads.js Show response
ads.anura.io/ 0
353 B 96ms
28ms XHR
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?700011717330
Requested by: Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/js/chunk-vendors.10855e6e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:40:27 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 51254
vary: Accept-Encoding
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
x-amz-cf-id: OIP5w_YgysGQLErObeG3i7-eMzy44XJSRzpAeBMguHXJCXBlQODDqw==

POST
H2 406 455385724 Show response
api.bitlabs.ai/v1/client/networks/13/surveys/594836/continue/ 120 B
204 B 71ms
71ms XHR
application/json 2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bitlabs.ai/v1/client/networks/13/surveys/594836/continue/455385724?fitx=d6451227-2748-4441-9987-ea0024d92a4b&user_id=270826901

Requested by

Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/js/chunk-vendors.10855e6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70bb6b490569e1cc59f0547b2435eb643d89f989389d16f8ae4db38c38e6e3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer
baggage: sentry-transaction=check,sentry-public_key=c00d2a3377f046139fec9a6714a5f177,sentry-trace_id=005614106fe9445f83835404c91c1697,sentry-sample_rate=0.01
sentry-trace: 005614106fe9445f83835404c91c1697-9aae46dfeec8ef87-0
X-User-Id: 270826901
X-Api-Token: b37880e1-c5f4-48b8-8fbe-6b05858d3509

Response headers

date: Thu, 07 Dec 2023 09:54:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 831be382ee821e49-FRA
content-length: 120

OPTIONS
H2 200 455385724
api.bitlabs.ai/v1/client/networks/13/surveys/594836/continue/ Frame 0
0 141ms
63ms Preflight 2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bitlabs.ai/v1/client/networks/13/surveys/594836/continue/455385724?fitx=d6451227-2748-4441-9987-ea0024d92a4b&user_id=270826901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,content-type,sentry-trace,x-api-token,x-user-id
Access-Control-Request-Method: POST
Origin: https://redirect.bitlabs.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-headers: Baggage, Content-Type, Sentry-Trace, X-Api-Token, X-User-Id
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 300
cf-cache-status: DYNAMIC
cf-ray: 831be3828e111e49-FRA
content-length: 0
date: Thu, 07 Dec 2023 09:54:41 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 response.json Show response
script.anura.io/ 216 B
529 B 207ms
131ms XHR
application/json 3.10.186.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/js/chunk-vendors.10855e6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.10.186.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-186-13.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e5d9ef54f025662928520940ed13c36229ddaf2aeb90c8bf92a8e9c5c6d80614

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 09:54:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 poppins-bold-700.3b6def8c.ttf
redirect.bitlabs.ai/fonts/ 150 KB
69 KB 49ms
49ms Font
font/ttf 2606:4700:10::6816:1968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.bitlabs.ai/fonts/poppins-bold-700.3b6def8c.ttf

Requested by

Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/css/app.0c7d4d39.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c24de5695a67f26e8e1a2770f7a62f82d1aae59a68c498412bf7986beeb7d84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redirect.bitlabs.ai/css/app.0c7d4d39.css
Origin: https://redirect.bitlabs.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 09:54:41 GMT
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 800685
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 05 May 2023 16:36:28 GMT
server: cloudflare
etag: W/"39807387"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
cf-ray: 831be383798a1d9e-FRA

POST
H2 200 cnf.php Show response
script.anura.io/ 0
349 B 520ms
520ms XHR
text/html 3.10.186.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/cnf.php

Requested by

Host: redirect.bitlabs.ai
URL: https://redirect.bitlabs.ai/js/chunk-vendors.10855e6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.10.186.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-186-13.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 09:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.bitlabs.ai/v1/client/networks/13/surveys/594836/continue/455385724?fitx=d6451227-2748-4441-9987-ea0024d92a4b&user_id=270826901 Message: Failed to load resource: the server responded with a status of 406 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
api.bitlabs.ai
click.fraud.ink
idsuite.navigatorsurveys.com
prod.rtymgt.com
redirect.bitlabs.ai
script.anura.io
18.66.147.5
2600:9000:2057:ac00:15:ad1b:c280:93a1
2606:4700:10::6816:1968
2606:4700:3031::ac43:9cf9
3.10.186.13
75.2.69.97
0dbcbb3c144bfc5e165583c0eb1019a764322d6d001bd2f36cf3ea9791b595c9
258cb38c3359f1fb679350ae20a76d04c57c1698360f2b13a1dd145fda50ff39
447d7d3187f8438a72766a84e1c60919169fb49313c9d3df35bc5c277f9d8146
577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9
688eeeaf91db19ffca01e7f4653986a6b14f2c48ca6abc4235de377c25824932
70bb6b490569e1cc59f0547b2435eb643d89f989389d16f8ae4db38c38e6e3fa
72f5f6939b271ad531f04cecaa3a1819f6d6e75400492ebf7d84ca4c04555344
8c7116ac35f2e14bff4ac0f00ab43aadd9e2efbd6264f00026b821c64bf9ea0f
9a157d6d46d7d0595a26a88749fd05acc2f89733ea8fbd0d53eab185f0a0be22
9c2d1281b26ee9ba8d5a61ce3a70eaa59fe7707c3d43030dbdc881cb9c5ebf83
a70b6b0c23364446cc6edbb5b488b1d9124dde88aeb128174dae1b2018fc8024
c24de5695a67f26e8e1a2770f7a62f82d1aae59a68c498412bf7986beeb7d84b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d9ef54f025662928520940ed13c36229ddaf2aeb90c8bf92a8e9c5c6d80614

redirect.bitlabs.ai Open in urlscan Pro 2606:4700:10::6816:1968 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

5 Domains

7 Subdomains

5 IPs

2 Countries

508 kBTransfer

1174 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

redirect.bitlabs.ai Open in urlscan Pro
2606:4700:10::6816:1968 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

508 kB
Transfer

1174 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions