www.takeoffprojects.com Open in urlscan Pro
166.62.28.106 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tinyurl.com/ycueuo4d
Effective URL:
http://www.takeoffprojects.com/Sparks/
Submission: On August 08 via manual (August 8th 2017, 10:25:01 pm UTC) from AU

Summary HTTP 57 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 57 HTTP transactions. The main IP is 166.62.28.106, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is www.takeoffprojects.com.

This is the only time www.takeoffprojects.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spark (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	166.62.28.106 166.62.28.106	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
8	65.254.248.151 65.254.248.151	29873 (BIZLAND-SD) (BIZLAND-SD - The Endurance International Group)
15	146.171.248.36 146.171.248.36	2570 (TAS-SPARK...) (TAS-SPARK-NZ Spark New Zealand Trading Ltd)
1	2a00:1450:401... 2a00:1450:401b:802::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	54.230.51.92 54.230.51.92	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:401... 2a00:1450:401b:802::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
57	10

1 166.62.28.106 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-166-62-28-106.ip.secureserver.net

www.takeoffprojects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.254.248.151 (Burlington, United States)

ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US)
PTR: 65-254-248-151.yourhostingaccount.com

www.spectraimmigration.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 146.171.248.36 (Auckland, New Zealand)

ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ)

www.spark.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:802::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.51.92 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-51-92.jfk5.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:401b:802::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	spark.co.nz www.spark.co.nz	725 KB
8	spectraimmigration.com www.spectraimmigration.com Failed	88 KB
3	google.de www.google.de	180 B
3	google-analytics.com www.google-analytics.com	29 KB
1	cloudfront.net dnn506yrbagrg.cloudfront.net	4 KB
1	gstatic.com www.gstatic.com	74 KB
1	googletagmanager.com www.googletagmanager.com	61 KB
1	google.com www.google.com	422 B
1	takeoffprojects.com www.takeoffprojects.com	115 B
0	amazonaws.com Failed gtrk.s3.amazonaws.com Failed
57	10

	Domain	Requested by
15	www.spark.co.nz	www.spectraimmigration.com www.spark.co.nz www.googletagmanager.com
8	www.spectraimmigration.com	www.spark.co.nz www.takeoffprojects.com
3	www.google.de	www.spectraimmigration.com
3	www.google-analytics.com	www.spectraimmigration.com www.google-analytics.com
1	dnn506yrbagrg.cloudfront.net	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.spectraimmigration.com
1	www.google.com	www.spectraimmigration.com www.gstatic.com
1	www.takeoffprojects.com
0	gtrk.s3.amazonaws.com Failed	www.takeoffprojects.com
57	10

This site contains links to these domains. Also see Links.

Domain
www.spark.co.nz
www.sparkdigital.co.nz
www.sparknz.co.nz
www.sparkventures.co.nz
www.sparkfoundation.org.nz
search.spark.co.nz
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.google.com Google Internet Authority G2	`2017-07-25` - `2017-10-17`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-07-25` - `2017-10-17`	3 months	crt.sh
www.google.de Google Internet Authority G2	`2017-07-25` - `2017-10-17`	3 months	crt.sh

This page contains 3 frames:

Frame: http://www.spectraimmigration.com/Sparks/Xtramail.html
Frame ID: 4020.1
Requests: 2 HTTP requests in this frame

Frame: http://www.spectraimmigration.com/Sparks/Xtramail.html
Frame ID: 4031.1
Requests: 54 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api/fallback?k=6Lc9MfkSAAAAAGH146kKWFcZS6ACWucEw1id3B0W&hl=en&v=r20170731114946&t=0&ff=true
Frame ID: 4031.3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

57
Requests

12 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

982 kB
Transfer

3830 kB
Size

0
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: http://www.spark.co.nz/home/
Title: Personal

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/
Title: Small Business

Search URL Search Domain Scan URL

URL: http://www.sparkdigital.co.nz/
Title: Medium and Enterprise Business

Search URL Search Domain Scan URL

URL: http://www.sparknz.co.nz/
Title: Spark New Zealand

Search URL Search Domain Scan URL

URL: http://www.sparkventures.co.nz/
Title: Spark Ventures

Search URL Search Domain Scan URL

URL: http://www.sparkfoundation.org.nz/
Title: Spark Foundation

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans.html
Title: Mobile plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/paymonthly.html
Title: Pay Monthly

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/prepaid.html
Title: Prepaid

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/sharedplans.html
Title: Shared plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/mobilebroadband/plansandpricing.html
Title: Mobile Broadband Plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile.html
Title: Mobile phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/phones.html
Title: All phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/iphone-7.html
Title: iPhone 7

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/samsung-galaxy-s8.html
Title: Samsung Galaxy S8

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/mobilebroadbandandtablets/devices.html
Title: Tablets & Mobile Broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/
Title: Get broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/plans-and-pricing/
Title: Plans & pricing

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/wirelessbroadband/
Title: Wireless broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/fibre-facts/
Title: Fibre facts

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/bundleupbonus/
Title: Bundle up bonus

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/
Title: Landline

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/pricing/
Title: Pricing

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/homephones/
Title: Home phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/switchtospark/
Title: Switch to Spark

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/payphones/
Title: Payphones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/
Title: Get more

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/netflix/
Title: Netflix

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/lightbox/
Title: Lightbox

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/spotify/
Title: Spotify

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/fibre-help/
Title: Fibre help centre

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/fibre-help/fibre-guide/
Title: Fibre guide

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/order-tracker/
Title: Fibre order tracker

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/outages/
Title: Outage information

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/fibre-help/fibre-installation-process/
Title: Installation process

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/mobile-data/
Title: Mobile & data

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/mobile-data/plans-services/mobile-roaming-information/
Title: Going overseas

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/mobile-data/getstarted/auto-pay-auto-top-up/
Title: Auto pay & Top up

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/changeyourplan/
Title: Change my plan

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/extras/
Title: Add an extra

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-email/
Title: Internet & email

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-email/manage-email/
Title: Manage my email

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-data/equipment
Title: Modem tips & tricks

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-data/netflix-help/
Title: How to get Netflix

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/
Title: Landline

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/troubleshooting/landline-troubleshooting/
Title: Troubleshooting

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/movinghouse/
Title: Moving house

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/plans-services/calling-rates/local-calling-areas-and-area-codes/
Title: Calling codes national

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/plans-services/calling-rates/international-calling-access-codes/
Title: Calling codes international

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/
Title: Billing

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/myspark/
Title: View previous bills

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/understand/understand-my-spark-bill/
Title: Understand my bill

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/manage/account-changes
Title: Account number

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/
Title: Helpful links

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/secure/myspark/usage/
Title: Check your usage

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/payabill/
Title: Pay my bill

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/topup/online/
Title: Top Up

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/testyourspeed/
Title: Internet speed test

Search URL Search Domain Scan URL

URL: http://search.spark.co.nz/search?site=spark_all_collection&client=spark_frontend&output=xml_no_dtd&proxystylesheet=spark_frontend&filter=1&q=
Title:

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark-mobile-menu-redirect
Title: MySpark

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/contactus
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/shop
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/work-smarter
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/myspark
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/help
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/contactus
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/
Title: Back

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/emailchanges
Title: Learn more about what's changed

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/forgottenusername/
Title: Forgotten email address?

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/forgottenpassword/
Title: Forgotten password?

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/registration/
Title: Create your free email account now

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/
Title: Mobile plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/
Title: Mobile phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/for-home/
Title: Broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/latest-deals/
Title: Latest Deals

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/freewifi/
Title: Free WiFi

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/premiumservices/email/
Title: Free email

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/thanks/
Title: Spark Thanks

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/
Title: MySpark

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/access/login/
Title: Sign In

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/register/
Title: Register

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/sparkapp/
Title: Download App

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/topup/
Title: Top Up

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/checkyourusage/
Title: Check Usage

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/contactus/storefinder/
Title: Store finder

Search URL Search Domain Scan URL

URL: http://www.facebook.com/spark4nz

Search URL Search Domain Scan URL

URL: http://twitter.com/sparknz

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/sparknewzealand

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/websiteprivacypolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/legaldisclaimer/
Title: Legal disclaimer

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/accessibilities/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/terms/
Title: Terms and Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 39

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

Request 44

http://www.google-analytics.com/collect?v=1&_v=j58&a=166841317&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spectraimmigration.com%2FSparks%2FXtramail.html&dr=http%3A%2F%2Fwww.takeoffprojects.com%2FSparks%2...
https://www.google-analytics.com/collect?v=1&_v=j58&a=166841317&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spectraimmigration.com%2FSparks%2FXtramail.html&dr=http%3A%2F%2Fwww.takeoffprojects.com%2FSparks%...

Request 45

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=430957359&_v=j58&z=536862396
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=430957359&_v=j58&z=536862396&slf_rd=1&random=3966755731

Request 46

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1444296443.1502231096&jid=368987006&_v=j58&z=1136294513
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1444296443.1502231096&jid=368987006&_v=j58&z=1136294513&slf_rd=1&random=16833208

Request 47

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=463415099&_v=j58&z=1879113627
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=463415099&_v=j58&z=1879113627&slf_rd=1&random=3020594690

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.takeoffprojects.com/Sparks/
Redirect Chain

http://tinyurl.com/ycueuo4d
http://www.takeoffprojects.com/Sparks/

99 B
115 B

425ms
187ms

Document
text/html

166.62.28.106
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL

http://www.takeoffprojects.com/Sparks/

Protocol

HTTP/1.1

Server

166.62.28.106 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),

Reverse DNS

ip-166-62-28-106.ip.secureserver.net

Software

Apache/2.4.25 / PHP/5.6.30

Resource Hash

48628ec16c2f6ae0d73a5a21d2f6128bdfc75a109feb2ab09aa015875917ec90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache/2.4.25
X-Powered-By: PHP/5.6.30
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 115

Redirect headers

Date: Tue, 08 Aug 2017 22:24:50 GMT
Server: cloudflare-nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: http://www.takeoffprojects.com/Sparks/
Connection: keep-alive
CF-RAY: 38b5e35c702264c3-FRA
X-tiny: cache 0.0095541477203369

GET Xtramail.html
www.spectraimmigration.com/Sparks/ 0
0

GET
H/1.1 200
OK Xtramail.html Show response
www.spectraimmigration.com/Sparks/ Frame 4031 87 KB
87 KB 419ms
124ms Document
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.spectraimmigration.com/Sparks/Xtramail.html
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 /
Resource Hash: cf7aca776a3595db44bdf8fda2add9cad93072d8e5ead75eb03bf9a5c393cf90

Request headers

Upgrade-Insecure-Requests: 1
Referer: http://www.takeoffprojects.com/Sparks/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:51 GMT
Server: Apache/2
Age: 0
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes, bytes
Keep-Alive: timeout=30
Content-Length: 89297

GET
H/1.1 200
OK satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js Show response
www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 4031 162 KB
37 KB 924ms
316ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

b75d649a43695bf2d7072e940db475cefcdc69fcf24e81a64ce5c6da2df41642

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:52 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 38093

GET
H/1.1 200
OK clientlib-responsive.css
www.spark.co.nz/etc/designs/spark-responsive/ Frame 4031 293 KB
39 KB 905ms
307ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive.css

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

f3af1b75a9a93913fcd2fe47b1d76439b644dd673a7a145232246f173d043d15

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:52 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 39837

GET
H/1.1 200
OK clientlib-responsive2.css
www.spark.co.nz/etc/designs/spark-responsive/ Frame 4031 539 KB
72 KB 922ms
319ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive2.css

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

954185f0547dfbddd67362626dbf75eea4ef8062f978a9e547eb009623eed561

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:52 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-responsive.js Show response
www.spark.co.nz/etc/designs/spark-responsive/ Frame 4031 1 MB
288 KB 941ms
329ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive.js

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

78cda8d733d6c46efbd9c0edb8390990b5b3ae6501864abaf68017074be34858

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:52 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK responsive-addon.css
www.spark.co.nz/content/dam/telecomcms/responsive/css/ Frame 4031 41 KB
6 KB 910ms
306ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/css/responsive-addon.css

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

48fc2032a4f46dbe77bb60a2d7debe4add8e1b7a7ba8aee1af5835b2aeb09f44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:52 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 5739

GET
H/1.1 200
OK responsive-addon.js Show response
www.spark.co.nz/content/dam/telecomcms/responsive/js/ Frame 4031 6 KB
2 KB 1521ms
307ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/js/responsive-addon.js

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

3907ffcb48ada3e2f17e229b7784de07e2817af407dc19819ccc9adecd463b71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:53 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 2391

GET
H/1.1 200
OK clientlib_xtramail.css
www.spark.co.nz/etc/designs/xtramail/ Frame 4031 32 KB
5 KB 910ms
307ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail.css

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

dd388842ba9ffcc58e11ac666af3a89c8daaca1588a9a7c037655919647beee3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:52 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 5111

GET
H/1.1 200
OK clientlib_xtramail.js Show response
www.spark.co.nz/etc/designs/xtramail/ Frame 4031 88 KB
16 KB 1523ms
308ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail.js

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

83bdc6c09ecef85213954c4dea1c0caa2d53dcea06b638e36f0af0091eee352f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:53 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 16034

GET
H/1.1 200
OK purple.svg
www.spark.co.nz/content/dam/sparkresponsive/logo/ Frame 4031 34 KB
34 KB 307ms
307ms Image
image/svg+xml 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/sparkresponsive/logo/purple.svg

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:54 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 34491
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml

GET
H/1.1 200
OK netflix-270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 4031 9 KB
9 KB 305ms
305ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/netflix-270x191.jpg

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

813dbceeb8f51dcd55ad07f7ef3d5e0ca3ca0ca94cf2b333d1143b5aa58c2d0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:54 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 9187
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK lightbox-getmore-270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 4031 18 KB
18 KB 305ms
305ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/lightbox-getmore-270x191.jpg

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

b77be83b3130fe127c03ee3ec1dd9e34cf22210fbc50d1a934b2a55883639a16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:55 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 18807
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK Spotify_270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 4031 87 KB
87 KB 306ms
306ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/Spotify_270x191.jpg

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

81d3c05fc8a724851257e91b7d177c9d1e39a10c16f8477e386b46ebc2f6d639

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:55 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 89112
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK WiFi_270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 4031 51 KB
51 KB 315ms
315ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/WiFi_270x191.jpg

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

8b5fe2b2afd9234de70872ea41e7971a254b273b8ef5a47e20d55d7040eef748

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:55 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 52421
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK api.js Show response
www.google.com/recaptcha/ Frame 4031 797 B
422 B 63ms
43ms Script
text/javascript 2a00:1450:401b:802::2004
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/recaptcha/api.js

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

2a00:1450:401b:802::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

GSE /

Resource Hash

b9c4ba7bfd75a0132d2d0be2bda9c47d9e9f93978fffca1b964855b8ad7901a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=300
Content-Length: 422
X-XSS-Protection: 1; mode=block
Expires: Tue, 08 Aug 2017 22:24:54 GMT

GET
H/1.1 200
OK mbox-contents-de1b4d06fbe09f4993942f6b4da51a3f2f53a2c9.js Show response
www.spectraimmigration.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 4031 477 B
232 B 131ms
131ms Script
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.spectraimmigration.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/mbox-contents-de1b4d06fbe09f4993942f6b4da51a3f2f53a2c9.js
Requested by: Host: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 / PHP/5.5.22
Resource Hash: 3c3171f94e837a6f8612b3b6100a33fc4e49bd26793ea66bd94416fe1be28253

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:53 GMT
Content-Encoding: gzip
Server: Apache/2
Age: 0
X-Powered-By: PHP/5.5.22
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 232

GET 1e9892c0-6927-4412-9874-1b82801ba47a.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET
H/1.1 200
OK gtm.js Show response
www.googletagmanager.com/ Frame 4031 258 KB
61 KB 23ms
17ms Script
application/javascript 2a00:1450:4001:824::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagmanager.com/gtm.js?id=GTM-WT5NVL

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

9ac8604ea73ed25fcad36ca6ef1ee3d66d4c4e47e097e29fed935653df782098

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:55 GMT
Content-Encoding: gzip
Server: Google Tag Manager (scaffolding)
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: http://www.googletagmanager.com
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
Content-Length: 62838
X-XSS-Protection: 1; mode=block
Expires: Tue, 08 Aug 2017 22:24:55 GMT

GET b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET 91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET spark-icon-family.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 4031 0
0

GET
S 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/r20170731114946/ Frame 4031 236 KB
74 KB 18ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/r20170731114946/recaptcha__en.js

Requested by

Host: www.google.com
URL: http://www.google.com/recaptcha/api.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

a24b198081b4fe7fd3d5728cd3a39e17735eba2cce0cdd6f2a5a0d44aa60f9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Wed, 02 Aug 2017 22:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2017 20:15:00 GMT
server: sffe
age: 518446
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 75948
x-xss-protection: 1; mode=block
expires: Thu, 02 Aug 2018 22:24:09 GMT

GET
H/1.1 200
OK checkradio.png
www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive/images/sprite/ Frame 4031 11 KB
11 KB 309ms
309ms Image
image/png 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive/images/sprite/checkradio.png

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

dc92aebdca82a16fa8cd624e4761e96fd754cb8bfbcd0b51f51f66028393c04b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:55 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 11471
X-Frame-Options: SAMEORIGIN
Content-Type: image/png

GET
H/1.1 200
OK dil-contents-55e57c2ad764d9c482f4c3a29190cdaf9cf5b715.js Show response
www.spectraimmigration.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 4031 477 B
232 B 140ms
139ms Script
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.spectraimmigration.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/dil-contents-55e57c2ad764d9c482f4c3a29190cdaf9cf5b715.js
Requested by: Host: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 / PHP/5.5.22
Resource Hash: 3c3171f94e837a6f8612b3b6100a33fc4e49bd26793ea66bd94416fe1be28253

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:55 GMT
Content-Encoding: gzip
Server: Apache/2
Age: 0
X-Powered-By: PHP/5.5.22
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 232

GET
H/1.1 200
OK s-code-contents-f6fa8cd17baf6aa7489d584dc9710bff2a2f442d.js Show response
www.spectraimmigration.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 4031 477 B
232 B 138ms
137ms Script
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.spectraimmigration.com/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/s-code-contents-f6fa8cd17baf6aa7489d584dc9710bff2a2f442d.js
Requested by: Host: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 / PHP/5.5.22
Resource Hash: 3c3171f94e837a6f8612b3b6100a33fc4e49bd26793ea66bd94416fe1be28253

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:55 GMT
Content-Encoding: gzip
Server: Apache/2
Age: 0
X-Powered-By: PHP/5.5.22
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 232

GET f26faddb-86cc-4477-a253-1e1287684336.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET utilityicon.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 4031 0
0

GET
H/1.1 200
OK loadingIcon_desktop.gif
www.spectraimmigration.com/content/dam/telecomcms/responsive/images/shop/internet/fibre-speed/ Frame 4031 477 B
0 236ms
147ms Image
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.spectraimmigration.com/content/dam/telecomcms/responsive/images/shop/internet/fibre-speed/loadingIcon_desktop.gif
Requested by: Host: www.takeoffprojects.com
URL: http://www.takeoffprojects.com/Sparks/
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 / PHP/5.5.22
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:56 GMT
Server: Apache/2
Age: 0
X-Powered-By: PHP/5.5.22
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 477

GET
H/1.1 200
OK extras.png
www.spectraimmigration.com/content/dam/telecomcms/cart/ Frame 4031 477 B
0 239ms
150ms Image
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.spectraimmigration.com/content/dam/telecomcms/cart/extras.png
Requested by: Host: www.takeoffprojects.com
URL: http://www.takeoffprojects.com/Sparks/
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 / PHP/5.5.22
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:56 GMT
Server: Apache/2
Age: 0
X-Powered-By: PHP/5.5.22
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 477

GET
H/1.1 200
OK accessory.png
www.spectraimmigration.com/content/dam/telecomcms/cart/ Frame 4031 477 B
0 230ms
142ms Image
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.spectraimmigration.com/content/dam/telecomcms/cart/accessory.png
Requested by: Host: www.takeoffprojects.com
URL: http://www.takeoffprojects.com/Sparks/
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 / PHP/5.5.22
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:56 GMT
Server: Apache/2
Age: 0
X-Powered-By: PHP/5.5.22
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 477

GET
H/1.1 200
OK gift.png
www.spectraimmigration.com/content/dam/telecomcms/cart/ Frame 4031 477 B
0 236ms
147ms Image
text/html 65.254.248.151
The Endurance Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.spectraimmigration.com/content/dam/telecomcms/cart/gift.png
Requested by: Host: www.takeoffprojects.com
URL: http://www.takeoffprojects.com/Sparks/
Protocol: HTTP/1.1
Server: 65.254.248.151 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS: 65-254-248-151.yourhostingaccount.com
Software: Apache/2 / PHP/5.5.22
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:56 GMT
Server: Apache/2
Age: 0
X-Powered-By: PHP/5.5.22
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 477

GET 890bd988-5306-43ff-bd4b-922bc5ebdeb4.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET 46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET a0f4c2f9-8a42-4786-ad00-fce42b57b148.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET 63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 4031 0
0

GET spark-icon-family.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 4031 0
0

GET fallback
www.google.com/recaptcha/api/ Frame 4031 0
0

GET utilityicon.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 4031 0
0

GET
S

200

analytics.js Show response
www.google-analytics.com/ Frame 4031
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

32 KB
13 KB

18ms
5ms

Script
text/javascript

2a00:1450:4001:824::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

86a91c5efc8a8bc3cdb5630040f43ce896adde299660951a2d3ceb278d693ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Aug 2017 03:25:32 GMT
server: Golfe2
age: 4190
date: Tue, 08 Aug 2017 21:15:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 13249
expires: Tue, 08 Aug 2017 23:15:06 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 6377.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0046/ Frame 4031 13 KB
4 KB 188ms
100ms Script
application/x-javascript 54.230.51.92
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dnn506yrbagrg.cloudfront.net/pages/scripts/0046/6377.js?417286
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WT5NVL
Protocol: HTTP/1.1
Server: 54.230.51.92 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-51-92.jfk5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 712169f21f2e7fe1599829f2b08a84d8f87bbebc2c2207b7c498f3cb19b1481e

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 07 Aug 2017 00:19:08 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Aug 2017 23:44:26 GMT
Server: AmazonS3
Age: 1743
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f231ce4c791455c77c15d9bd0b16cf52.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: u2OtHqjnSz1u9g4utCk0dBPSEpEOcEj2Y95lLZeKSmEUlXKMMPXjaA==

GET
H/1.1 200
OK gwc-default.css
www.spark.co.nz/content/dam/kb/public/css/ Frame 4031 358 KB
50 KB 315ms
315ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WT5NVL

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

c09f4b70b55848fbc97ff074f0b636f6f830b7f5c8635085b58e40b977cdee0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Tue, 08 Aug 2017 22:24:56 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 51593

GET gwc-env.js
www.spark.co.nz/content/dam/kb/public/libs/ Frame 4031 0
0

GET
S 200 js Show response
www.google-analytics.com/gtm/ Frame 4031 40 KB
16 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:824::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PJHP8WD&t=gtm1&cid=1444296443.1502231096

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

c54f5b4af89ebd096a9bffe624c850ca059cf50fe429b139cafa127a95a372d9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Tue, 08 Aug 2017 22:24:56 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 16105
x-xss-protection: 1; mode=block
expires: Tue, 08 Aug 2017 22:24:56 GMT

GET
S

200

collect
www.google-analytics.com/ Frame 4031
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j58&a=166841317&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spectraimmigration.com%2FSparks%2FXtramail.html&dr=http%3A%2F%2Fwww.takeoffprojects.com%2FSparks%2...
https://www.google-analytics.com/collect?v=1&_v=j58&a=166841317&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spectraimmigration.com%2FSparks%2FXtramail.html&dr=http%3A%2F%2Fwww.takeoffprojects.com%2FSparks%...

35 B
44 B

6ms
5ms

Image
image/gif

2a00:1450:4001:824::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j58&a=166841317&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spectraimmigration.com%2FSparks%2FXtramail.html&dr=http%3A%2F%2Fwww.takeoffprojects.com%2FSparks%2F&ul=en-us&de=UTF-8&dt=Spark%20Email&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=430957359&gjid=1288412430&cid=1444296443.1502231096&tid=UA-48213762-2&_gid=681062837.1502231096&gtm=GTM-WT5NVL&cd13=%2FSparks%2FXtramail.html&z=438852329

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2017 10:23:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 475277
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j58&a=166841317&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spectraimmigration.com%2FSparks%2FXtramail.html&dr=http%3A%2F%2Fwww.takeoffprojects.com%2FSparks%2F&ul=en-us&de=UTF-8&dt=Spark%20Email&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=430957359&gjid=1288412430&cid=1444296443.1502231096&tid=UA-48213762-2&_gid=681062837.1502231096&gtm=GTM-WT5NVL&cd13=%2FSparks%2FXtramail.html&z=438852329
Non-Authoritative-Reason: HSTS

GET
S

200

ga-audiences
www.google.de/ads/ Frame 4031
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=430957359&_v=j58&z=536862396
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=430957359&_v=j58&z=536862396&slf_rd=1&random=3966755731

42 B
60 B

81ms
42ms

Image
image/gif

2a00:1450:401b:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=430957359&_v=j58&z=536862396&slf_rd=1&random=3966755731

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:802::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2017 22:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2017 22:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=430957359&_v=j58&z=536862396&slf_rd=1&random=3966755731
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/ Frame 4031
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1444296443.1502231096&jid=368987006&_v=j58&z=1136294513
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1444296443.1502231096&jid=368987006&_v=j58&z=1136294513&slf_rd=1&random=16833208

42 B
60 B

82ms
43ms

Image
image/gif

2a00:1450:401b:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1444296443.1502231096&jid=368987006&_v=j58&z=1136294513&slf_rd=1&random=16833208

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:802::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2017 22:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2017 22:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1444296443.1502231096&jid=368987006&_v=j58&z=1136294513&slf_rd=1&random=16833208
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/ Frame 4031
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=463415099&_v=j58&z=1879113627
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=463415099&_v=j58&z=1879113627&slf_rd=1&random=3020594690

42 B
60 B

83ms
42ms

Image
image/gif

2a00:1450:401b:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=463415099&_v=j58&z=1879113627&slf_rd=1&random=3020594690

Requested by

Host: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:802::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spectraimmigration.com/Sparks/Xtramail.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2017 22:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2017 22:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1444296443.1502231096&jid=463415099&_v=j58&z=1879113627&slf_rd=1&random=3020594690
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET s
gtrk.s3.amazonaws.com/ Frame 4031 0
0

GET u
gtrk.s3.amazonaws.com/ Frame 4031 0
0

GET f26faddb-86cc-4477-a253-1e1287684336.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 4031 0
0

GET spark-icon-family.woff
www.spark.co.nz/content/dam/kb/public/font/spark-icons/ Frame 4031 0
0

GET 91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 4031 0
0

GET utilityicon.woff
www.spark.co.nz/content/dam/kb/public/font/fontello/ Frame 4031 0
0

GET b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 4031 0
0

GET 1e9892c0-6927-4412-9874-1b82801ba47a.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 4031 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.spectraimmigration.com
URL: http://www.spectraimmigration.com/Sparks/Xtramail.html

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/1e9892c0-6927-4412-9874-1b82801ba47a.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/spark-icon-family.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/f26faddb-86cc-4477-a253-1e1287684336.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/utilityicon.woff?

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/890bd988-5306-43ff-bd4b-922bc5ebdeb4.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/a0f4c2f9-8a42-4786-ad00-fce42b57b148.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/spark-icon-family.ttf

Domain: www.google.com
URL: https://www.google.com/recaptcha/api/fallback?k=6Lc9MfkSAAAAAGH146kKWFcZS6ACWucEw1id3B0W&hl=en&v=r20170731114946&t=0&ff=true

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/utilityicon.ttf?

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/libs/gwc-env.js

Domain: gtrk.s3.amazonaws.com
URL: https://gtrk.s3.amazonaws.com/s?u=466377&t=oue0xk

Domain: gtrk.s3.amazonaws.com
URL: https://gtrk.s3.amazonaws.com/u?u=466377&t=oue0xk

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/f26faddb-86cc-4477-a253-1e1287684336.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/spark-icons/spark-icon-family.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/fontello/utilityicon.woff?

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/1e9892c0-6927-4412-9874-1b82801ba47a.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spark (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive.js(Line 15074) Message: JQMIGRATE: Logging is active

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dnn506yrbagrg.cloudfront.net
gtrk.s3.amazonaws.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.spark.co.nz
www.spectraimmigration.com
www.takeoffprojects.com
gtrk.s3.amazonaws.com
www.google.com
www.spark.co.nz
www.spectraimmigration.com
146.171.248.36
166.62.28.106
2a00:1450:4001:824::2003
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:401b:802::2003
2a00:1450:401b:802::2004
54.230.51.92
65.254.248.151
3907ffcb48ada3e2f17e229b7784de07e2817af407dc19819ccc9adecd463b71
3c3171f94e837a6f8612b3b6100a33fc4e49bd26793ea66bd94416fe1be28253
48628ec16c2f6ae0d73a5a21d2f6128bdfc75a109feb2ab09aa015875917ec90
48fc2032a4f46dbe77bb60a2d7debe4add8e1b7a7ba8aee1af5835b2aeb09f44
712169f21f2e7fe1599829f2b08a84d8f87bbebc2c2207b7c498f3cb19b1481e
78cda8d733d6c46efbd9c0edb8390990b5b3ae6501864abaf68017074be34858
813dbceeb8f51dcd55ad07f7ef3d5e0ca3ca0ca94cf2b333d1143b5aa58c2d0a
81d3c05fc8a724851257e91b7d177c9d1e39a10c16f8477e386b46ebc2f6d639
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bdc6c09ecef85213954c4dea1c0caa2d53dcea06b638e36f0af0091eee352f
86a91c5efc8a8bc3cdb5630040f43ce896adde299660951a2d3ceb278d693ac6
8b5fe2b2afd9234de70872ea41e7971a254b273b8ef5a47e20d55d7040eef748
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
954185f0547dfbddd67362626dbf75eea4ef8062f978a9e547eb009623eed561
9ac8604ea73ed25fcad36ca6ef1ee3d66d4c4e47e097e29fed935653df782098
a24b198081b4fe7fd3d5728cd3a39e17735eba2cce0cdd6f2a5a0d44aa60f9bb
b75d649a43695bf2d7072e940db475cefcdc69fcf24e81a64ce5c6da2df41642
b77be83b3130fe127c03ee3ec1dd9e34cf22210fbc50d1a934b2a55883639a16
b9c4ba7bfd75a0132d2d0be2bda9c47d9e9f93978fffca1b964855b8ad7901a4
c09f4b70b55848fbc97ff074f0b636f6f830b7f5c8635085b58e40b977cdee0a
c54f5b4af89ebd096a9bffe624c850ca059cf50fe429b139cafa127a95a372d9
cf7aca776a3595db44bdf8fda2add9cad93072d8e5ead75eb03bf9a5c393cf90
dc92aebdca82a16fa8cd624e4761e96fd754cb8bfbcd0b51f51f66028393c04b
dd388842ba9ffcc58e11ac666af3a89c8daaca1588a9a7c037655919647beee3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3af1b75a9a93913fcd2fe47b1d76439b644dd673a7a145232246f173d043d15

www.takeoffprojects.com Open in urlscan Pro 166.62.28.106 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

57 Requests

12 %HTTPS

56 %IPv6

10 Domains

10 Subdomains

10 IPs

3 Countries

982 kBTransfer

3830 kBSize

0 Cookies

96 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.takeoffprojects.com Open in urlscan Pro
166.62.28.106 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

12 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

982 kB
Transfer

3830 kB
Size

0
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!