app.userevidence.com Open in urlscan Pro
54.91.59.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231Z...
Effective URL:
https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-...
Submission: On June 24 via manual (June 24th 2024, 7:45:35 pm UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 54.91.59.199, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.userevidence.com.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.

This is the only time app.userevidence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 12	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.219.110.242 52.219.110.242	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
3	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
21	9

1 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.91.59.199 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

app.userevidence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.110.242 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

ue-development.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	userevidence.com 1 redirects app.userevidence.com	992 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 311	1 KB
3	recordedfuture.com 1 redirects go.recordedfuture.com — Cisco Umbrella Rank: 577642	6 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 900	34 KB
1	amazonaws.com ue-development.s3.us-east-2.amazonaws.com	39 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 770	151 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	67 KB
21	8

	Domain	Requested by
12	app.userevidence.com	1 redirects go.recordedfuture.com app.userevidence.com
3	bam.nr-data.net	app.userevidence.com
3	go.recordedfuture.com	1 redirects
1	js-agent.newrelic.com	app.userevidence.com
1	ue-development.s3.us-east-2.amazonaws.com	app.userevidence.com
1	cdn.pendo.io	app.userevidence.com
1	fonts.googleapis.com	client
1	www.googletagmanager.com	app.userevidence.com
21	8

This site contains links to these domains. Also see Links.

Domain
www.userevidence.com

Subject Issuer	Validity	Valid
go.recordedfuture.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
app.userevidence.com R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cdn.pendo.io WR3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Frame ID: F972D63DA6FAF353658632210DFF0AE5
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Recorded Future Customer Survey from Recorded Future | Powered by UserEvidence

Page URL History Show full URLs

https://go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8w... Page URL
https://go.recordedfuture.com/events/public/v1/encoded/track/tc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7... HTTP 307
https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

21
Requests

95 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

1288 kB
Transfer

5481 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.userevidence.com/?utm_campaign=survey-taking-experience_logo

Search URL Search Domain Scan URL

URL: https://www.userevidence.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204 Page URL
https://go.recordedfuture.com/events/public/v1/encoded/track/tc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204?_ud=d2e9c563-d278-4cb8-9abe-7883a7a0fbe3&_jss=1&_fl=8&_pl=5&_hc=12&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://app.userevidence.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBLy9TQVE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--46389a993bb5b348d9d07c96dbabddba9a5dbb15/Primary%20Logo%20-%20Digital%20(RGB)%20(5)%20(1).png HTTP 302
https://ue-development.s3.us-east-2.amazonaws.com/yascqqmcx2oet0ypjeuolusvp6gf?response-content-disposition=inline%3B%20filename%3D%22Primary%20Logo%20-%20Digital%20%2528RGB%2529%20%25285%2529%20%25281%2529.png%22%3B%20filename%2A%3DUTF-8%27%27Primary%2520Logo%2520-%2520Digital%2520%2528RGB%2529%2520%25285%2529%2520%25281%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVACP53OQSTZE5KOM%2F20240624%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20240624T194530Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=d3ef921e5ad1457dc8bedadb02dda572d7d556b1cadc0f482f8dba1274d18141

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6...
go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/ 8 KB
4 KB 564ms
251ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 898f37e85bc1195e-FRA
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Mon, 24 Jun 2024 19:45:28 GMT
last-modified: Mon, 24 Jun 2024 19:45:28 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BkEV6B%2FuOfjZPj2qryfnNmiaeGWAGCds%2F8tpO%2BLO%2BUSwwzlaSIjSVbgxNIZykvYzjDUaTYgwoSRBnqYBLJ5OXAoR93MB0WY6ozWamuygb%2BVe1W%2BKdjjJZUoKjEBArIE1k5gg7lse%2Bget2QdtnYBgqYtGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation-rules?url=go.recordedfuture.com%2Fe3t%2FCtc%2FF7%2B113%2Fc1CFj04%2FVWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204"
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 9
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7cdccfd85d-2zvq7
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: b7df2fcc-bf56-4011-afca-ec418332d8d2
x-request-id: b7df2fcc-bf56-4011-afca-ec418332d8d2
x-robots-tag: none

GET
H3 500 speculation-rules
go.recordedfuture.com/cdn-cgi/ 0
0 86ms
85ms Other
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.recordedfuture.com/cdn-cgi/speculation-rules?url=go.recordedfuture.com%2Fe3t%2FCtc%2FF7%2B113%2Fc1CFj04%2FVWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://go.recordedfuture.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 19:45:28 GMT
referrer-policy: same-origin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation-rules?url=go.recordedfuture.com%2Fcdn-cgi%2Fspeculation-rules%3Furl%3Dgo.recordedfuture.com%252Fe3t%252FCtc%252FF7%252B113%252Fc1CFj04%252FVWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204"
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y20rEvk%2F5MRHYn4Ej2ki3IruHXo643Sw%2FMA%2BTsH36zB%2FYl%2BQbgGnrpFiIMpw55fca3eygiAkgjjIVWjy1PxpOYeXFribtc7Zy32PRdoOCpE0CrCj1XHfUtfoKyarwkroDo5MhqdrCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 898f37e9fc75900a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4317
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

Primary Request share Show response
app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/encoded/track/tc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5C...
https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0U...

62 KB
64 KB

396ms
126ms

Document
text/html

54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

9cc63e5dc1ca38002f590f96b7db4135e2d7419e411cbcdd2fca856062cfed56

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Security-Policy-Report-Only: base-uri 'self'; default-src 'self' https:; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com http://*.hotjar.io wss://*.pusher.com https://*.getkoala.com wss://*.getkoala.com; font-src 'self' https: https://*.hotjar.com data:; img-src 'self' https: data: gravatar.com *.hsforms.net *.hsforms.com https://*.hotjar.com; object-src 'none'; script-src 'self' 'unsafe-eval' *.hotjar.com *.hsforms.net *.hsforms.com https://*.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-IOnpnW1u5cih/pppEnbPBA=='; style-src-elem 'self' https: 'unsafe-inline'; style-src 'self' *.hotjar.com https: 'nonce-IOnpnW1u5cih/pppEnbPBA=='; report-uri /csp_violation_report_endpoint
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Jun 2024 19:45:28 GMT
Etag: W/"9cc63e5dc1ca38002f590f96b7db4135"
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'none'
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258329&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=QFc98rwDgCWXzpDl2W3UouSEm9FqY7BgLVFIpBL5Tco%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258329&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=QFc98rwDgCWXzpDl2W3UouSEm9FqY7BgLVFIpBL5Tco%3D
Server: Cowboy
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Origin
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: d850eb04-4cde-4fef-976b-024e601d311b
X-Runtime: 0.014103
X-Xss-Protection: 1; mode=block

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 898f37ea1ca4900a-FRA
content-security-policy: upgrade-insecure-requests
date: Mon, 24 Jun 2024 19:45:28 GMT
link: <https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email>; rel="canonical"
location: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0suiB8CcxtMPdZsmBlj%2B1HQyxhEv6YAOOxalXGnTy1mzT0fPBe0MAjPsL3%2FBtAIUknRAgTDlsEmAO7sU8loxyzWaRr1lmqUTkaHLuhmsaXdzp3JgdOjDYPsYrVit11DdkyAZQtLhjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 33
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7cdccfd85d-9k6nq
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 1891b7da-1dc8-4155-81b2-553c117a4bff
x-request-id: 1891b7da-1dc8-4155-81b2-553c117a4bff
x-robots-tag: none

GET
H/1.1 200
OK survey-256c1a16.css
app.userevidence.com/packs/css/ 8 KB
2 KB 114ms
113ms Stylesheet
text/css 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/packs/css/survey-256c1a16.css

Requested by

Host: app.userevidence.com
URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

0e94f4244c02dd51c6d9e7ef4f607d7b24152ee01a8e4fbb558b3ccf20538416

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 19:45:29 GMT
Content-Encoding: br
Via: 1.1 vegur
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Mon, 24 Jun 2024 15:00:27 GMT
Vary: Accept-Encoding, Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258329&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=QFc98rwDgCWXzpDl2W3UouSEm9FqY7BgLVFIpBL5Tco%3D"}]}
Content-Type: text/css
Connection: keep-alive
Content-Length: 1695
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258329&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=QFc98rwDgCWXzpDl2W3UouSEm9FqY7BgLVFIpBL5Tco%3D

GET
H/1.1 200
OK survey-ba43f5ab937599f7df60.js Show response
app.userevidence.com/packs/js/ 4 MB
693 KB 226ms
112ms Script
application/javascript 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/packs/js/survey-ba43f5ab937599f7df60.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

b6dca6cea5e5b5531a1f3fbac28aa05a8fba235e93ddbc92f4eda186acebf051

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 19:45:29 GMT
Content-Encoding: br
Via: 1.1 vegur
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Mon, 24 Jun 2024 15:00:27 GMT
Vary: Accept-Encoding, Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258329&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=QFc98rwDgCWXzpDl2W3UouSEm9FqY7BgLVFIpBL5Tco%3D"}]}
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 708992
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258329&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=QFc98rwDgCWXzpDl2W3UouSEm9FqY7BgLVFIpBL5Tco%3D

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 163ms
70ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-WHLBRKMQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21258aded958a8fbb7c4834c6de21ed0714e6ea6f281be8785ae98fc95d3abd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 19:45:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68500
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 18:20:36 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jun 2024 19:45:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
2 KB 188ms
51ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Lora:ital,wght@0,400..700;1,400..700&family=PT+Sans:wght@400;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5efcc75bf236b9885b0c74929b2b4cae7a4a04437ecb614f16a52de243fbc68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 19:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 19:45:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 19:45:30 GMT

POST
H/1.1 200
OK csp_violation_report_endpoint
app.userevidence.com/ 0
2 KB 117ms
117ms Other
text/html 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/csp_violation_report_endpoint

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Mon, 24 Jun 2024 19:45:30 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Content-Security-Policy-Report-Only: base-uri 'self'; default-src 'self' https:; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com http://*.hotjar.io wss://*.pusher.com https://*.getkoala.com wss://*.getkoala.com; font-src 'self' https: https://*.hotjar.com data:; img-src 'self' https: data: gravatar.com *.hsforms.net *.hsforms.com https://*.hotjar.com; object-src 'none'; script-src 'self' 'unsafe-eval' *.hotjar.com *.hsforms.net *.hsforms.com https://*.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-MxpYs3sIvDFCrWN6JRr4NA=='; style-src-elem 'self' https: 'unsafe-inline'; style-src 'self' *.hotjar.com https: 'nonce-MxpYs3sIvDFCrWN6JRr4NA=='; report-uri /csp_violation_report_endpoint
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D
X-Request-Id: b8e50700-b65f-425f-a97d-ccdc71c05323
X-Runtime: 0.005725
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D"}]}
Content-Type: text/html
Vary: Origin
Cache-Control: no-cache
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'none'

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/adaa3bd4-034c-481d-536e-cb9860d7d5d9/ 461 KB
151 KB 99ms
26ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/adaa3bd4-034c-481d-536e-cb9860d7d5d9/pendo.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

beefed0917d7fe6c8e3e57e9a545eeeb5b55b3b15ace0e1ec2870f16915dca45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 07:44:36 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 43254
x-guploader-uploadid: ACJd0Nrpa2VDYvh6VKbgHhxKg6SZVOxq4PHy9C8sfvjpJ57FxkhvWuSV2WqAaeaqiITTtbL_BBo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154006
last-modified: Thu, 20 Jun 2024 18:11:38 GMT
server: UploadServer
etag: "156af9a9db627bab76c5ad6e6252c071"
vary: Accept-Encoding
x-goog-generation: 1718907098498348
x-goog-hash: crc32c=e8bsZg==, md5=FWr5qdtie6t2xa1uYlLAcQ==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 154006
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK dcd245bc-772d-40ae-af71-2fc8ae021ab4.json Show response
app.userevidence.com/api/surveys/ 773 B
3 KB 131ms
130ms XHR
application/json 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/api/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4.json

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

74299238127ddd99c1d2724e291cf94ba4eb84aa8db3d7f9fe7acfcf932b9598

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-NewRelic-ID: UAIAUlBWARABVFZbDgEDUVMB
tracestate: 4473659@nr=0-1-4473659-1120306733-ea725b6d471d86e2----1719258330467
traceparent: 00-2d116550360ce3ce127e1f5e0ccf9c6b-ea725b6d471d86e2-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQ0NzM2NTkiLCJhcCI6IjExMjAzMDY3MzMiLCJpZCI6ImVhNzI1YjZkNDcxZDg2ZTIiLCJ0ciI6IjJkMTE2NTUwMzYwY2UzY2UxMjdlMWY1ZTBjY2Y5YzZiIiwidGkiOjE3MTkyNTgzMzA0Njd9fQ==
Accept: application/json, text/plain, */*
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 19:45:30 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Content-Security-Policy-Report-Only: base-uri 'self'; default-src 'self' https:; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com http://*.hotjar.io wss://*.pusher.com https://*.getkoala.com wss://*.getkoala.com; font-src 'self' https: https://*.hotjar.com data:; img-src 'self' https: data: gravatar.com *.hsforms.net *.hsforms.com https://*.hotjar.com; object-src 'none'; script-src 'self' 'unsafe-eval' *.hotjar.com *.hsforms.net *.hsforms.com https://*.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-7ux9/7974U9FQIlHBo5xsQ=='; style-src-elem 'self' https: 'unsafe-inline'; style-src 'self' *.hotjar.com https: 'nonce-7ux9/7974U9FQIlHBo5xsQ=='; report-uri /csp_violation_report_endpoint
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D
X-Request-Id: 741fb4fb-0a23-46b4-93ee-bab5a176fa74
X-Runtime: 0.016556
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Etag: W/"74299238127ddd99c1d2724e291cf94b"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D"}]}
Content-Type: application/json; charset=utf-8
Vary: Origin
Cache-Control: max-age=0, private, must-revalidate
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'none'

GET
H/1.1

200
OK

yascqqmcx2oet0ypjeuolusvp6gf
ue-development.s3.us-east-2.amazonaws.com/
Redirect Chain

https://app.userevidence.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBLy9TQVE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--46389a993bb5b348d9d07c96dbabddba9a5dbb15/P...
https://ue-development.s3.us-east-2.amazonaws.com/yascqqmcx2oet0ypjeuolusvp6gf?response-content-disposition=inline%3B%20filename%3D%22Primary%20Logo%20-%20Digital%20%2528RGB%2529%20%25285%2529%20%2...

38 KB
39 KB

428ms
161ms

Image
image/png

52.219.110.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ue-development.s3.us-east-2.amazonaws.com/yascqqmcx2oet0ypjeuolusvp6gf?response-content-disposition=inline%3B%20filename%3D%22Primary%20Logo%20-%20Digital%20%2528RGB%2529%20%25285%2529%20%25281%2529.png%22%3B%20filename%2A%3DUTF-8%27%27Primary%2520Logo%2520-%2520Digital%2520%2528RGB%2529%2520%25285%2529%2520%25281%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVACP53OQSTZE5KOM%2F20240624%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20240624T194530Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=d3ef921e5ad1457dc8bedadb02dda572d7d556b1cadc0f482f8dba1274d18141
Requested by: Host: app.userevidence.com
URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.219.110.242 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5adee0dfe67a97c4498be0a12a756436479d66d89029056a00c54e1199300d9e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://app.userevidence.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 24 Jun 2024 19:45:32 GMT
Last-Modified: Fri, 21 Jun 2024 18:53:08 GMT
Server: AmazonS3
x-amz-request-id: 9S33ZAEBC97NJS7G
ETag: "311fea9fb620ad582b51f51532995239"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Content-Disposition: inline; filename="Primary Logo - Digital %28RGB%29 %285%29 %281%29.png"; filename*=UTF-8''Primary%20Logo%20-%20Digital%20%28RGB%29%20%285%29%20%281%29.png
Accept-Ranges: bytes
Content-Length: 39310
x-amz-id-2: tUop9qZoMYTwhQz6TNipiYvxPt7FXYsKCAmWj5XGcpeMZipJJSuUoMU0JlCuj2N7qF3sdH2oypI=

Redirect headers

Date: Mon, 24 Jun 2024 19:45:30 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Content-Security-Policy-Report-Only: base-uri 'self'; default-src 'self' https:; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com http://*.hotjar.io wss://*.pusher.com https://*.getkoala.com wss://*.getkoala.com; font-src 'self' https: https://*.hotjar.com data:; img-src 'self' https: data: gravatar.com *.hsforms.net *.hsforms.com https://*.hotjar.com; object-src 'none'; script-src 'self' 'unsafe-eval' *.hotjar.com *.hsforms.net *.hsforms.com https://*.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-euPF9GUuotE64P1XLjlXRQ=='; style-src-elem 'self' https: 'unsafe-inline'; style-src 'self' *.hotjar.com https: 'nonce-euPF9GUuotE64P1XLjlXRQ=='; report-uri /csp_violation_report_endpoint
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D
X-Request-Id: 721ff413-a69f-4d42-874f-13603bd30f04
X-Runtime: 0.009106
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D"}]}
Content-Type: text/html; charset=utf-8
Location: https://ue-development.s3.us-east-2.amazonaws.com/yascqqmcx2oet0ypjeuolusvp6gf?response-content-disposition=inline%3B%20filename%3D%22Primary%20Logo%20-%20Digital%20%2528RGB%2529%20%25285%2529%20%25281%2529.png%22%3B%20filename%2A%3DUTF-8%27%27Primary%2520Logo%2520-%2520Digital%2520%2528RGB%2529%2520%25285%2529%2520%25281%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVACP53OQSTZE5KOM%2F20240624%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20240624T194530Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=d3ef921e5ad1457dc8bedadb02dda572d7d556b1cadc0f482f8dba1274d18141
Cache-Control: max-age=300, private
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'none'
Vary: Origin

GET
H/1.1 200
OK Inter-Regular-26a30a5f1103393aac705d28b5e3aeb9.woff2
app.userevidence.com/packs/media/styles/fonts/ 96 KB
97 KB 112ms
112ms Font
application/font-woff2 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/packs/media/styles/fonts/Inter-Regular-26a30a5f1103393aac705d28b5e3aeb9.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

3787e2f283651744e0b93d1fefb5936c7af26db8014c0def6651d050c56dd47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Origin: https://app.userevidence.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 19:45:30 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Mon, 24 Jun 2024 15:00:27 GMT
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D"}]}
Content-Type: application/font-woff2
Connection: keep-alive
Content-Length: 98804
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D

GET
H/1.1 200
OK Inter-Bold-74a8620796c795315a6210b5ae416529.woff2
app.userevidence.com/packs/media/styles/fonts/ 106 KB
107 KB 225ms
115ms Font
application/font-woff2 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/packs/media/styles/fonts/Inter-Bold-74a8620796c795315a6210b5ae416529.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

b275913f02873d0cd13872bab81abb5585a6efd1f24103ad32b3cd39e2039678

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Origin: https://app.userevidence.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 19:45:30 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Mon, 24 Jun 2024 15:00:27 GMT
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D"}]}
Content-Type: application/font-woff2
Connection: keep-alive
Content-Length: 108580
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258330&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=XgUrAjUyUb0L6GyfTNjgUPJj3zPyzS34mXf0uIrPvHc%3D

GET
H2 200 nr-spa-1.260.1.min.js Show response
js-agent.newrelic.com/ 106 KB
34 KB 81ms
7ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.260.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f941e01a27c4568da7a81f5cb516b5d2056b14b88cccf3c53f647bde767e0919

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/
Origin: https://app.userevidence.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Yrbdc1GL627m.B3Rf5_UelmBfBfYfLKU
content-encoding: br
via: 1.1 varnish
date: Mon, 24 Jun 2024 19:45:31 GMT
strict-transport-security: max-age=300
x-amz-request-id: C18Q9GZGDB76CJP0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 34121
x-amz-id-2: I4CtaVD3/eXa3oqlW9MTF7VBxUZO5h7vaoHIdfibg6XM7vGmbEkSqaX1jOHmNKquyhCQ3Dp/eO8=
x-served-by: cache-fra-eddf8230101-FRA
last-modified: Mon, 20 May 2024 17:44:49 GMT
server: AmazonS3
etag: "1221654800ab387071aa9e0bf5b47dde"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 1831389

GET
H/1.1 200
OK favicon.ico
app.userevidence.com/ 15 KB
16 KB 112ms
111ms Other
image/vnd.microsoft.icon 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

d0ab2f167962ec36e087e89cc83ca10a17ba30f31613e67eee8694cf82a0cab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 19:45:31 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Mon, 24 Jun 2024 14:39:47 GMT
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258331&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=pNWxCHu64ZQfp1SD2S4gRTabug%2FdevrA05kSJd8eXxs%3D"}]}
Content-Type: image/vnd.microsoft.icon
Connection: keep-alive
Content-Length: 15086
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258331&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=pNWxCHu64ZQfp1SD2S4gRTabug%2FdevrA05kSJd8eXxs%3D

POST
H/1.1 200
OK csp_violation_report_endpoint
app.userevidence.com/ 0
2 KB 117ms
116ms Other
text/html 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/csp_violation_report_endpoint

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Mon, 24 Jun 2024 19:45:31 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Content-Security-Policy-Report-Only: base-uri 'self'; default-src 'self' https:; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com http://*.hotjar.io wss://*.pusher.com https://*.getkoala.com wss://*.getkoala.com; font-src 'self' https: https://*.hotjar.com data:; img-src 'self' https: data: gravatar.com *.hsforms.net *.hsforms.com https://*.hotjar.com; object-src 'none'; script-src 'self' 'unsafe-eval' *.hotjar.com *.hsforms.net *.hsforms.com https://*.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-W6e/42iEfFL7SXG4Vtzynw=='; style-src-elem 'self' https: 'unsafe-inline'; style-src 'self' *.hotjar.com https: 'nonce-W6e/42iEfFL7SXG4Vtzynw=='; report-uri /csp_violation_report_endpoint
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258331&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=pNWxCHu64ZQfp1SD2S4gRTabug%2FdevrA05kSJd8eXxs%3D
X-Request-Id: 22e145da-07a0-463c-86c9-3aacb0641e7f
X-Runtime: 0.004972
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258331&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=pNWxCHu64ZQfp1SD2S4gRTabug%2FdevrA05kSJd8eXxs%3D"}]}
Content-Type: text/html
Vary: Origin
Cache-Control: no-cache
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'none'

POST
H/1.1 200 NRJS-4378fa3c7020abad50b Show response
bam.nr-data.net/1/ 63 B
519 B 770ms
571ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-4378fa3c7020abad50b?a=1079904770&v=1.260.1&to=J1xWQEtZVV0ARxwXExZFXU1KGUpZBEdW&rst=2733&ck=0&s=20bb929b2f9b675b&ref=https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share&ptid=d654048cccff706a&af=err,xhr,stn,ins,spa&qt=1&ap=13&be=614&fe=2019&dc=1202&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1719258328653,%22n%22:0,%22f%22:217,%22dn%22:268,%22dne%22:268,%22c%22:268,%22s%22:376,%22ce%22:488,%22rq%22:488,%22rp%22:614,%22rpe%22:831,%22di%22:1808,%22ds%22:1809,%22de%22:1816,%22dc%22:2630,%22l%22:2630,%22le%22:2633%7D,%22navigation%22:%7B%7D%7D&fp=1985&fcp=1985
Requested by: Host: app.userevidence.com
URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dd67ba48f688013000a161bc445145301791867fa5cdee6629b7330f2a9bf699

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.userevidence.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 24 Jun 2024 19:45:32 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://app.userevidence.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://app.userevidence.com
Content-Length: 63
x-served-by: cache-fra-etou8220020-FRA

POST
H/1.1 200
OK csp_violation_report_endpoint
app.userevidence.com/ 0
2 KB 120ms
117ms Other
text/html 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/csp_violation_report_endpoint

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Mon, 24 Jun 2024 19:45:31 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Content-Security-Policy-Report-Only: base-uri 'self'; default-src 'self' https:; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com http://*.hotjar.io wss://*.pusher.com https://*.getkoala.com wss://*.getkoala.com; font-src 'self' https: https://*.hotjar.com data:; img-src 'self' https: data: gravatar.com *.hsforms.net *.hsforms.com https://*.hotjar.com; object-src 'none'; script-src 'self' 'unsafe-eval' *.hotjar.com *.hsforms.net *.hsforms.com https://*.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-hk54FzSmt71Xe58OvUWJeg=='; style-src-elem 'self' https: 'unsafe-inline'; style-src 'self' *.hotjar.com https: 'nonce-hk54FzSmt71Xe58OvUWJeg=='; report-uri /csp_violation_report_endpoint
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258332&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=h595XxJew3CNHDEmuExm%2BLUQwKes6Y8xd8nuB%2F3izXQ%3D
X-Request-Id: 0e474bd4-7221-4e48-8055-478017baf308
X-Runtime: 0.006132
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258332&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=h595XxJew3CNHDEmuExm%2BLUQwKes6Y8xd8nuB%2F3izXQ%3D"}]}
Content-Type: text/html
Vary: Origin
Cache-Control: no-cache
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'none'

POST
H/1.1 200 blobs Show response
bam.nr-data.net/browser/ 24 B
347 B 237ms
235ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/browser/blobs?browser_monitoring_key=NRJS-4378fa3c7020abad50b&type=BrowserSessionChunk&app_id=1079904770&protocol_version=0&timestamp=1719258328880&attributes=harvestId%3D20bb929b2f9b675b_d654048cccff706a_1%26trace.firstTimestamp%3D1719258328880%26trace.lastTimestamp%3D1719258331513%26trace.nodes%3D26%26trace.originTimestamp%3D1719258328880%26agentVersion%3D1.260.1%26firstSessionHarvest%3Dtrue%26ptid%3Dd654048cccff706a%26session%3D20bb929b2f9b675b
Requested by: Host: app.userevidence.com
URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.userevidence.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 24 Jun 2024 19:45:32 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://app.userevidence.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230071-FRA

POST
H/1.1 200
OK csp_violation_report_endpoint
app.userevidence.com/ 0
2 KB 117ms
117ms Other
text/html 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.userevidence.com/csp_violation_report_endpoint

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Mon, 24 Jun 2024 19:45:32 GMT
Strict-Transport-Security: max-age=2678400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Content-Security-Policy-Report-Only: base-uri 'self'; default-src 'self' https:; connect-src 'self' wss://*.hotjar.com https://*.hotjar.com http://*.hotjar.io wss://*.pusher.com https://*.getkoala.com wss://*.getkoala.com; font-src 'self' https: https://*.hotjar.com data:; img-src 'self' https: data: gravatar.com *.hsforms.net *.hsforms.com https://*.hotjar.com; object-src 'none'; script-src 'self' 'unsafe-eval' *.hotjar.com *.hsforms.net *.hsforms.com https://*.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-IfF9mW3g2AKWYg6DI4F5GA=='; style-src-elem 'self' https: 'unsafe-inline'; style-src 'self' *.hotjar.com https: 'nonce-IfF9mW3g2AKWYg6DI4F5GA=='; report-uri /csp_violation_report_endpoint
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1719258332&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=h595XxJew3CNHDEmuExm%2BLUQwKes6Y8xd8nuB%2F3izXQ%3D
X-Request-Id: 01527297-c9e0-4378-a73d-0fa800b08c5f
X-Runtime: 0.005505
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719258332&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=h595XxJew3CNHDEmuExm%2BLUQwKes6Y8xd8nuB%2F3izXQ%3D"}]}
Content-Type: text/html
Vary: Origin
Cache-Control: no-cache
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'none'

POST
H/1.1 200 NRJS-4378fa3c7020abad50b Show response
bam.nr-data.net/events/1/ 24 B
347 B 237ms
237ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-4378fa3c7020abad50b?a=1079904770&v=1.260.1&to=J1xWQEtZVV0ARxwXExZFXU1KGUpZBEdW&rst=3753&ck=0&s=20bb929b2f9b675b&ref=https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share&ptid=d654048cccff706a
Requested by: Host: app.userevidence.com
URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.userevidence.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 24 Jun 2024 19:45:32 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://app.userevidence.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230071-FRA

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.recordedfuture.com/	1969-12-31 23:59:59	Name: __cfruid Value: 89a8ceaed31cbabffdd36ec4eb92200d9d10df31-1719258328
.go.recordedfuture.com/	1970-01-20 21:34:20	Name: __cf_bm Value: zQHT2w5me8pmu_9jpBqpoORczIW9_Sc2RW20f1ixFgg-1719258328-1.0.1.1-Fmd.khLkkVCdkwJhjZa9OAnBaCnXCsaOYzkzdbU4WFDbvzGdq7QgLso0qLBRujZ0MabLY2.GDwa.7RagRMcwKw
app.userevidence.com/	1969-12-31 23:59:59	Name: _musashi_session Value: 0ac3ThZJERNfYxBPMuYI8euv79nV8RzyCZqkfjJvW1BYyJS5CsGO5bG0YcIKER1B6GuXtLQTtXdQvmsrAv4UTZUDdXza251EzgUMnTk2OYvZ8sW6yZCbSvOurIrUqMmEMHqVWSIebrJRNNtsWNMhccv5FANxSk%2FwpcYj5g74WWeJ6oGFXjXpYNx%2BhsHWnMqZWNZwRO2AHuGQV0RkWnhgUZ5acSVBfisCsuy92lbQIiYi13DZRqoZ%2FGAUtjCVAzLjEoJCzvZd%2B0d%2Fi%2BGugnw56HlRPWlTf0%2Bs--0Sh08IAnBo7Wdy6A--eZnTvpcpL9hmH0FW5UXkgw%3D%3D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://go.recordedfuture.com/cdn-cgi/speculation-rules?url=go.recordedfuture.com%2Fe3t%2FCtc%2FF7%2B113%2Fc1CFj04%2FVWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204 Message: Failed to load resource: the server responded with a status of 500 ()
other	warning	URL: https://go.recordedfuture.com/e3t/Ctc/F7+113/c1CFj04/VWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204 Message: Load failed or canceled (net::ERR_ABORTED; HTTP status 500) for rule set requested from "https://go.recordedfuture.com/cdn-cgi/speculation-rules?url=go.recordedfuture.com%2Fe3t%2FCtc%2FF7%2B113%2Fc1CFj04%2FVWw_Fv45MGVNW79SHc91Ztl1dW7lBRbf5gJPRdN1f4_Yz3l5QzW8wLKSR6lZ3pLW4nw4J231ZjTCW7qp_tJ11FS3-W21_GTw50pKcvW38WyJ771RDrzW5CV3538qYm9cW8h44Qw8zjwqkW1_Rrmm2K2CTyW7wjBwR1pbYYfW47szXC7Bw1p2W8zF_hJ9gzt1QW2J6LMb5lR68QVDcKB9498DwWN3kxWv07bhMnW5SvZjk2W1bZBVS1wxn2NkPxMW2kXwk11SRTvGW64l_Dk5NWMwrW8f3h4w5p4xfgW6NjT4G4pZm2QW633Qmm5zb3dtW8QYRX816mjGFW8RM8646xG9rhW7WC_X65JC-W3W1xX-z_5PG0X8W6MysJB4NqRkyW7Hr7Hm6NkvkBW6GY1LK5wm2ZxW6qXGMX6J5MCDf9cgRp204" found in Speculation-Rules header.
security	error	URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email(Line 14) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' .hotjar.com .hsforms.net .hsforms.com https://.hotjar.com https://*.getkoala.com 'strict-dynamic' 'nonce-IOnpnW1u5cih/pppEnbPBA=='". Either the 'unsafe-inline' keyword, a hash ('sha256-JHHWdiDcCZwJ2yOegE5/pmYgr1+GFxG0KEQyCDGpl48='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email(Line 5) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/1/NRJS-4378fa3c7020abad50b?a=1079904770&v=1.260.1&to=J1xWQEtZVV0ARxwXExZFXU1KGUpZBEdW&rst=2733&ck=0&s=20bb929b2f9b675b&ref=https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share&ptid=d654048cccff706a&af=err,xhr,stn,ins,spa&qt=1&ap=13&be=614&fe=2019&dc=1202&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1719258328653,%22n%22:0,%22f%22:217,%22dn%22:268,%22dne%22:268,%22c%22:268,%22s%22:376,%22ce%22:488,%22rq%22:488,%22rp%22:614,%22rpe%22:831,%22di%22:1808,%22ds%22:1809,%22de%22:1816,%22dc%22:2630,%22l%22:2630,%22le%22:2633%7D,%22navigation%22:%7B%7D%7D&fp=1985&fcp=1985' because it violates the following Content Security Policy directive: "connect-src 'self' wss://.hotjar.com https://.hotjar.com http://.hotjar.io wss://.pusher.com https://.getkoala.com wss://.getkoala.com".
security	error	URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email(Line 5) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/browser/blobs?browser_monitoring_key=NRJS-4378fa3c7020abad50b&type=BrowserSessionChunk&app_id=1079904770&protocol_version=0&timestamp=1719258328880&attributes=harvestId%3D20bb929b2f9b675b_d654048cccff706a_1%26trace.firstTimestamp%3D1719258328880%26trace.lastTimestamp%3D1719258331513%26trace.nodes%3D26%26trace.originTimestamp%3D1719258328880%26agentVersion%3D1.260.1%26firstSessionHarvest%3Dtrue%26ptid%3Dd654048cccff706a%26session%3D20bb929b2f9b675b' because it violates the following Content Security Policy directive: "connect-src 'self' wss://.hotjar.com https://.hotjar.com http://.hotjar.io wss://.pusher.com https://.getkoala.com wss://.getkoala.com".
security	error	URL: https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share?utm_medium=email&_hsenc=p2ANqtz-9VOoRuFauviN-UjjmJoJnxfrGnVT2qiLSOdlNnesOUoaMkQLS-xGtBe3BCUUPO3BEJbggcoJOIJYDE_eMlG0UrY5T3VccEB_SaoQPMSgg3bD1W4j0&_hsmi=312111657&utm_content=312111657&utm_source=hs_email(Line 5) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/NRJS-4378fa3c7020abad50b?a=1079904770&v=1.260.1&to=J1xWQEtZVV0ARxwXExZFXU1KGUpZBEdW&rst=3753&ck=0&s=20bb929b2f9b675b&ref=https://app.userevidence.com/surveys/dcd245bc-772d-40ae-af71-2fc8ae021ab4/share&ptid=d654048cccff706a' because it violates the following Content Security Policy directive: "connect-src 'self' wss://.hotjar.com https://.hotjar.com http://.hotjar.io wss://.pusher.com https://.getkoala.com wss://.getkoala.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.userevidence.com
bam.nr-data.net
cdn.pendo.io
fonts.googleapis.com
go.recordedfuture.com
js-agent.newrelic.com
ue-development.s3.us-east-2.amazonaws.com
www.googletagmanager.com
162.247.243.29
199.60.103.254
2602:816:5001::39
2606:2c40::c73c:67fe
2a00:1450:4001:81d::200a
2a00:1450:4001:829::2008
34.36.213.229
52.219.110.242
54.91.59.199
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e94f4244c02dd51c6d9e7ef4f607d7b24152ee01a8e4fbb558b3ccf20538416
21258aded958a8fbb7c4834c6de21ed0714e6ea6f281be8785ae98fc95d3abd2
3787e2f283651744e0b93d1fefb5936c7af26db8014c0def6651d050c56dd47e
5adee0dfe67a97c4498be0a12a756436479d66d89029056a00c54e1199300d9e
74299238127ddd99c1d2724e291cf94ba4eb84aa8db3d7f9fe7acfcf932b9598
9cc63e5dc1ca38002f590f96b7db4135e2d7419e411cbcdd2fca856062cfed56
b275913f02873d0cd13872bab81abb5585a6efd1f24103ad32b3cd39e2039678
b5efcc75bf236b9885b0c74929b2b4cae7a4a04437ecb614f16a52de243fbc68
b6dca6cea5e5b5531a1f3fbac28aa05a8fba235e93ddbc92f4eda186acebf051
beefed0917d7fe6c8e3e57e9a545eeeb5b55b3b15ace0e1ec2870f16915dca45
d0ab2f167962ec36e087e89cc83ca10a17ba30f31613e67eee8694cf82a0cab5
dd67ba48f688013000a161bc445145301791867fa5cdee6629b7330f2a9bf699
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f941e01a27c4568da7a81f5cb516b5d2056b14b88cccf3c53f647bde767e0919

app.userevidence.com Open in urlscan Pro 54.91.59.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

44 %IPv6

8 Domains

8 Subdomains

9 IPs

2 Countries

1288 kBTransfer

5481 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

3 Cookies

6 Console Messages

Security Headers

Indicators

app.userevidence.com Open in urlscan Pro
54.91.59.199 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

1288 kB
Transfer

5481 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions