urlscan.io logo urlscan.io
SecurityTrails logo

form.roiverify.com Open in urlscan Pro
34.120.230.5  Public Scan

Go To Rescan Add Verdict Report
URL: https://form.roiverify.com/
Submission: On September 01 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 34.120.230.5, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is form.roiverify.com.
TLS certificate: Issued by R10 on September 1st 2024. Valid for: 3 months.
This is the only time form.roiverify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 8 34.120.230.5 396982 (GOOGLE-CL...)
1 104.17.24.14 13335 (CLOUDFLAR...)
4 3.5.25.227 14618 (AMAZON-AES)
2 142.250.184.202 15169 (GOOGLE)
2 104.18.11.207 13335 (CLOUDFLAR...)
3 142.250.186.35 15169 (GOOGLE)
1 34.160.111.145 396982 (GOOGLE-CL...)
1 162.247.243.39 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
20 10
8    34.120.230.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.230.120.34.bc.googleusercontent.com
form.roiverify.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    3.5.25.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
visiqua-flipforms-production.s3.amazonaws.com
2    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    34.160.111.145 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 145.111.160.34.bc.googleusercontent.com
jsonip.com
1    162.247.243.39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
8 roiverify.com
form.roiverify.com
155 KB
4 amazonaws.com
visiqua-flipforms-production.s3.amazonaws.com
161 KB
3 gstatic.com
fonts.gstatic.com
61 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
83 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 441
598 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1453
16 KB
1 jsonip.com
jsonip.com — Cisco Umbrella Rank: 27048
203 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
16 KB
0 ip-api.com Failed
ip-api.com Failed
20 10
Domain Requested by
8 form.roiverify.com 4 redirects form.roiverify.com
4 visiqua-flipforms-production.s3.amazonaws.com form.roiverify.com
3 fonts.gstatic.com fonts.googleapis.com
2 stackpath.bootstrapcdn.com form.roiverify.com
stackpath.bootstrapcdn.com
2 fonts.googleapis.com form.roiverify.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com form.roiverify.com
1 jsonip.com form.roiverify.com
1 cdnjs.cloudflare.com form.roiverify.com
0 ip-api.com Failed form.roiverify.com
20 10

This site contains links to these domains. Also see Links.

Domain
www.newrealtygroup.ca
Subject Issuer Validity Valid
form.roiverify.com
R10		 2024-09-01 -
2024-11-30		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
ifconfig.me
R11		 2024-08-17 -
2024-11-15		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-12 -
2025-08-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://form.roiverify.com/
Frame ID: 5085843B0C265DB293F0A797F606F00E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Andro's L'Grand

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Page Statistics

20
Requests

75 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

487 kB
Transfer

894 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdWdNIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--6834583efda82fabff79b6d41ec5331460cc22f5/FlipForms_logo2.png HTTP 302
  • https://visiqua-flipforms-production.s3.amazonaws.com/5p8r6vch6szmo157lsno6tr4c4tk?response-content-disposition=inline%3B%20filename%3D%22FlipForms_logo2.png%22%3B%20filename%2A%3DUTF-8%27%27FlipForms_logo2.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070645Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2bec2f686e84eb6b3b0eda3d64a254d782f9fec2c86e05c3393bc01abd27e585
Request Chain 5
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBcXNEIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--3f96103d54d632062fd6892565947e890b2d6f3c/Buy.png HTTP 302
  • https://visiqua-flipforms-production.s3.amazonaws.com/S49Cm5Q57vBCPYrwo8U4u8y8?response-content-disposition=inline%3B%20filename%3D%22Buy.png%22%3B%20filename%2A%3DUTF-8%27%27Buy.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070645Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=bbac9e60d0f3888d7bd46d78e654eca96b4b4c156da3a04a3478cd85f07b0ce1
Request Chain 6
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBcXdEIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--4c7aa310709a3f780d347169ec99ddb697009937/Sell.png HTTP 302
  • https://visiqua-flipforms-production.s3.amazonaws.com/gvaGiJTmn33t57vZPBMRwrbf?response-content-disposition=inline%3B%20filename%3D%22Sell.png%22%3B%20filename%2A%3DUTF-8%27%27Sell.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070647Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a8510bbc1ca1b6499cb86b4cfc7297f4dd3e10385998617244bb5a127aa7c670
Request Chain 16
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdWtNIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--e6c21f01c569f82638812c90c0b5f27c361c6737/FlipForms_favicon.png HTTP 302
  • https://visiqua-flipforms-production.s3.amazonaws.com/ui3f9pr5npls0se3kse3tp97hg8n?response-content-disposition=inline%3B%20filename%3D%22FlipForms_favicon.png%22%3B%20filename%2A%3DUTF-8%27%27FlipForms_favicon.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070648Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2f48efa6b5f437d2556f5ce55b3c82631c9e7aac2e60d163399bbf2f381b3165

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
form.roiverify.com/ 		42 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy Qloaked /
Resource Hash
ad23d8016792bbd6aafa2b7f771b2d605ac3ea830c2d799cd7f4fc4ce2126e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-length
42724
content-type
text/html; charset=utf-8
date
Sun, 01 Sep 2024 07:06:45 GMT
etag
W/"ad23d8016792bbd6aafa2b7f771b2d60"
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D
server
Caddy Qloaked
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-qloaked-clientip
185.198.62.44
x-request-id
70d40281-f9d0-41ff-bf9e-3ec707f9ad19
x-runtime
0.091928
x-xss-protection
1; mode=block
application-c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a.css
form.roiverify.com/assets/frontend/ 		161 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.roiverify.com/assets/frontend/application-c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a.css
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy, Qloaked /
Resource Hash
c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:06:45 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 16 Feb 2022 19:41:13 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
Caddy, Qloaked
x-qloaked-clientip
185.198.62.44
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D"}]}
content-type
text/css
alt-svc
h3=":443"; ma=2592000
content-length
28200
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D
theme1-3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4.css
form.roiverify.com/assets/themes/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.roiverify.com/assets/themes/theme1-3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4.css
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy, Qloaked /
Resource Hash
3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:06:45 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 17 Nov 2021 17:22:26 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
Caddy, Qloaked
x-qloaked-clientip
185.198.62.44
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D"}]}
content-type
text/css
alt-svc
h3=":443"; ma=2592000
content-length
1282
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://form.roiverify.com/
Origin
https://form.roiverify.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:06:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
283614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15508
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-d04c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z65hqygQO8fZCrgTdHalN8lJJzwLP10feY3J10RfJrUWI5JLqNLBbaAYcPEUamZFBhWjV7TaEcjfp9n19TfPVveVL5a9lBE7SBF63PjuoYFoibVb6IRf5gWMxB5NxqwxgA7QV0Mh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bc36b65f9c00f72-MXP
expires
Fri, 22 Aug 2025 07:06:46 GMT
application-ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0.js
form.roiverify.com/assets/frontend/ 		251 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.roiverify.com/assets/frontend/application-ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0.js
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.230.120.34.bc.googleusercontent.com
Software
Caddy, Qloaked /
Resource Hash
ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:06:44 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 14 Feb 2022 16:03:57 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
Caddy, Qloaked
x-qloaked-clientip
185.198.62.44
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D"}]}
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000
content-length
77244
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D
5p8r6vch6szmo157lsno6tr4c4tk
visiqua-flipforms-production.s3.amazonaws.com/
Redirect Chain
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdWdNIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--6834583efda82fabff79b6d41ec5331460cc22f5/FlipForms_logo2.png
  • https://visiqua-flipforms-production.s3.amazonaws.com/5p8r6vch6szmo157lsno6tr4c4tk?response-content-disposition=inline%3B%20filename%3D%22FlipForms_logo2.png%22%3B%20filename%2A%3DUTF-8%27%27FlipFo...
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visiqua-flipforms-production.s3.amazonaws.com/5p8r6vch6szmo157lsno6tr4c4tk?response-content-disposition=inline%3B%20filename%3D%22FlipForms_logo2.png%22%3B%20filename%2A%3DUTF-8%27%27FlipForms_logo2.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070645Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2bec2f686e84eb6b3b0eda3d64a254d782f9fec2c86e05c3393bc01abd27e585
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
HTTP/1.1
Server
3.5.25.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
23936c25358ebfc8ef0ba20f1135b2c8c2b93823c1b66f5aa5a9cd84b5e29a87

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 07:06:48 GMT
Last-Modified
Wed, 07 Dec 2022 18:42:25 GMT
Server
AmazonS3
x-amz-request-id
PZFFH3WZHM2DWD2F
ETag
"e5c2657e09d4a6325c6e4bf6c4ab8fcf"
Content-Type
image/png
Content-Disposition
inline; filename="FlipForms_logo2.png"; filename*=UTF-8''FlipForms_logo2.png
Accept-Ranges
bytes
Content-Length
26587
x-amz-id-2
ipoAiIlGD8Rcyv95Y8V5yisHdqUcHu1yDzX/8IAcApzJfkfeNgEK8GSKYzyGEmSWCaD8QuYtmShC7NIKH0G/vlH5XKQP84rm

Redirect headers

date
Sun, 01 Sep 2024 07:06:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-qloaked-clientip
185.198.62.44
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D
x-request-id
c9e67946-2ed4-4bd1-b446-5acb98bfb96e
x-runtime
0.007297
referrer-policy
strict-origin-when-cross-origin
server
Caddy, Qloaked
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D"}]}
content-type
text/html; charset=utf-8
location
https://visiqua-flipforms-production.s3.amazonaws.com/5p8r6vch6szmo157lsno6tr4c4tk?response-content-disposition=inline%3B%20filename%3D%22FlipForms_logo2.png%22%3B%20filename%2A%3DUTF-8%27%27FlipForms_logo2.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070645Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2bec2f686e84eb6b3b0eda3d64a254d782f9fec2c86e05c3393bc01abd27e585
cache-control
max-age=300, private
S49Cm5Q57vBCPYrwo8U4u8y8
visiqua-flipforms-production.s3.amazonaws.com/
Redirect Chain
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBcXNEIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--3f96103d54d632062fd6892565947e890b2d6f3c/Buy.png
  • https://visiqua-flipforms-production.s3.amazonaws.com/S49Cm5Q57vBCPYrwo8U4u8y8?response-content-disposition=inline%3B%20filename%3D%22Buy.png%22%3B%20filename%2A%3DUTF-8%27%27Buy.png&response-conte...
64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visiqua-flipforms-production.s3.amazonaws.com/S49Cm5Q57vBCPYrwo8U4u8y8?response-content-disposition=inline%3B%20filename%3D%22Buy.png%22%3B%20filename%2A%3DUTF-8%27%27Buy.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070645Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=bbac9e60d0f3888d7bd46d78e654eca96b4b4c156da3a04a3478cd85f07b0ce1
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
HTTP/1.1
Server
3.5.25.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5145870ca7db0e88fff2390425587408a67ae58cc170414237207eb90df4ae0e

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 07:06:48 GMT
Last-Modified
Mon, 14 Feb 2022 15:46:44 GMT
Server
AmazonS3
x-amz-request-id
PZFEC1K3R93TD0CC
ETag
"8ecaeba3d0a00b647f4b2267fdad138b"
Content-Type
image/png
Content-Disposition
inline; filename="Buy.png"; filename*=UTF-8''Buy.png
Accept-Ranges
bytes
Content-Length
65495
x-amz-id-2
q+3qwTnJKwQ4EL0Dqp/n3DqVqPVEItkR6zmaXULMDmPNo+2f5kEPjYuj2++NAaqSavSu2K/0/4eCiSQEqtonFXX3yti4JPtW

Redirect headers

date
Sun, 01 Sep 2024 07:06:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-qloaked-clientip
185.198.62.44
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D
x-request-id
4e64adf0-eccb-4b3b-ad47-1bd3bd627d0d
x-runtime
0.007307
referrer-policy
strict-origin-when-cross-origin
server
Caddy, Qloaked
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174405&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=gbFSQYkeEsgQ1F7XGkC7yYc8AyyYd9EonNArJJ3LzFw%3D"}]}
content-type
text/html; charset=utf-8
location
https://visiqua-flipforms-production.s3.amazonaws.com/S49Cm5Q57vBCPYrwo8U4u8y8?response-content-disposition=inline%3B%20filename%3D%22Buy.png%22%3B%20filename%2A%3DUTF-8%27%27Buy.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070645Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=bbac9e60d0f3888d7bd46d78e654eca96b4b4c156da3a04a3478cd85f07b0ce1
cache-control
max-age=300, private
gvaGiJTmn33t57vZPBMRwrbf
visiqua-flipforms-production.s3.amazonaws.com/
Redirect Chain
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBcXdEIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--4c7aa310709a3f780d347169ec99ddb697009937/Sell.png
  • https://visiqua-flipforms-production.s3.amazonaws.com/gvaGiJTmn33t57vZPBMRwrbf?response-content-disposition=inline%3B%20filename%3D%22Sell.png%22%3B%20filename%2A%3DUTF-8%27%27Sell.png&response-con...
65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visiqua-flipforms-production.s3.amazonaws.com/gvaGiJTmn33t57vZPBMRwrbf?response-content-disposition=inline%3B%20filename%3D%22Sell.png%22%3B%20filename%2A%3DUTF-8%27%27Sell.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070647Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a8510bbc1ca1b6499cb86b4cfc7297f4dd3e10385998617244bb5a127aa7c670
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
HTTP/1.1
Server
3.5.25.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6d2e7a2ef75b5c803a1ffb06f9da5be7447676466d2a385f0cce914a7ac029c

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 07:06:48 GMT
Last-Modified
Mon, 14 Feb 2022 15:47:11 GMT
Server
AmazonS3
x-amz-request-id
PZF2SPKVTTZ0MKVM
ETag
"661e0d66667e7b409d1fa11635e62750"
Content-Type
image/png
Content-Disposition
inline; filename="Sell.png"; filename*=UTF-8''Sell.png
Accept-Ranges
bytes
Content-Length
67069
x-amz-id-2
qAFbD7UN3lAJ1hFHug/ww063/YtV9nI3nUrNpzp5Qm1Jicf/v/mzFUUWAG+4z1G2rN58w85koNs55funEc8kkOoI8eKJ+DdG

Redirect headers

date
Sun, 01 Sep 2024 07:06:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-qloaked-clientip
185.198.62.44
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174407&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=HJ9PAFSM3OFD9QgWsW9fgSUiJZVESJdoieEuIAUV3pA%3D
x-request-id
82680507-ad63-4b58-b692-b3809009b4f4
x-runtime
0.007214
referrer-policy
strict-origin-when-cross-origin
server
Caddy, Qloaked
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174407&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=HJ9PAFSM3OFD9QgWsW9fgSUiJZVESJdoieEuIAUV3pA%3D"}]}
content-type
text/html; charset=utf-8
location
https://visiqua-flipforms-production.s3.amazonaws.com/gvaGiJTmn33t57vZPBMRwrbf?response-content-disposition=inline%3B%20filename%3D%22Sell.png%22%3B%20filename%2A%3DUTF-8%27%27Sell.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070647Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a8510bbc1ca1b6499cb86b4cfc7297f4dd3e10385998617244bb5a127aa7c670
cache-control
max-age=300, private
css
fonts.googleapis.com/ 		1 KB
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,500,600,700&display=swap
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Sep 2024 07:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Sep 2024 07:06:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Sep 2024 07:06:47 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://form.roiverify.com/
Origin
https://form.roiverify.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:06:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7e65f631516de0bb940bf788cbb1c0af
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8bc36b71ac215a0d-MXP
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/assets/themes/theme1-3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Sep 2024 07:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Sep 2024 05:20:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Sep 2024 07:06:47 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://form.roiverify.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:33:44 GMT
x-content-type-options
nosniff
age
106384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 01:33:44 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://form.roiverify.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 17:59:12 GMT
x-content-type-options
nosniff
age
220056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 17:59:12 GMT
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://form.roiverify.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:06:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
752
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5902704a42f9df0fc90cbd1fbe3b140e
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8bc36b728d685a0d-MXP
cdn-requestpullsuccess
True
/
jsonip.com/ 		22 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jsonip.com/
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.111.145 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
145.111.160.34.bc.googleusercontent.com
Software
/
Resource Hash
23ea8b0131618c9c09f81c16a30af6d68ea9a374b6532a0429c2da08812f5478

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 07:06:48 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
*
content-length
22
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://form.roiverify.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 03:40:08 GMT
x-content-type-options
nosniff
age
98800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 03:40:08 GMT
nr-rum-1.264.0.min.js
js-agent.newrelic.com/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.264.0.min.js
Requested by
Host: form.roiverify.com
URL: https://form.roiverify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e4322f93284388da5a74a419b92efd60fb9004b76b20c2a009d500f03fec09d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://form.roiverify.com/
Origin
https://form.roiverify.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits
113437
date
Sun, 01 Sep 2024 07:06:48 GMT
content-encoding
br
strict-transport-security
max-age=300
last-modified
Tue, 06 Aug 2024 22:33:26 GMT
etag
"7d1f62cf6e54173e0dee10110d44e970"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
15827
x-served-by
cache-mxp6921-MXP
ui3f9pr5npls0se3kse3tp97hg8n
visiqua-flipforms-production.s3.amazonaws.com/
Redirect Chain
  • https://form.roiverify.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdWtNIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--e6c21f01c569f82638812c90c0b5f27c361c6737/FlipForms_favicon.png
  • https://visiqua-flipforms-production.s3.amazonaws.com/ui3f9pr5npls0se3kse3tp97hg8n?response-content-disposition=inline%3B%20filename%3D%22FlipForms_favicon.png%22%3B%20filename%2A%3DUTF-8%27%27Flip...
4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://visiqua-flipforms-production.s3.amazonaws.com/ui3f9pr5npls0se3kse3tp97hg8n?response-content-disposition=inline%3B%20filename%3D%22FlipForms_favicon.png%22%3B%20filename%2A%3DUTF-8%27%27FlipForms_favicon.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070648Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2f48efa6b5f437d2556f5ce55b3c82631c9e7aac2e60d163399bbf2f381b3165
Protocol
HTTP/1.1
Server
3.5.25.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e7790928a9aac117196ecc76c9811fd1de936e39a8edcbaae1fa36edc895833c

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 01 Sep 2024 07:06:49 GMT
Last-Modified
Wed, 07 Dec 2022 18:42:36 GMT
Server
AmazonS3
x-amz-request-id
4B2F2Z0P5CP1JB93
ETag
"a0ccbd78416bdb39a6392aabfcf34193"
Content-Type
image/png
Content-Disposition
inline; filename="FlipForms_favicon.png"; filename*=UTF-8''FlipForms_favicon.png
Accept-Ranges
bytes
Content-Length
4251
x-amz-id-2
Zkcu40rmZADsq7YylNX4TLiJ4gV2TWaqcHE6jvJHlsrIeoGb7cQrMnSQnfWbYeLksGeNOaEb4ASW09k91sQ9qjYVYimQUkNR

Redirect headers

date
Sun, 01 Sep 2024 07:06:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-qloaked-clientip
185.198.62.44
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
alt-svc
h3=":443"; ma=2592000
x-xss-protection
1; mode=block
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1725174408&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=BwaGwyrbzagURKVBxlAsjvVKZCAzFm5iWC%2BYorqIA3o%3D
x-request-id
4068a3f9-77d3-44db-a7a8-77c0c213e0ff
x-runtime
0.007370
referrer-policy
strict-origin-when-cross-origin
server
Caddy, Qloaked
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1725174408&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=BwaGwyrbzagURKVBxlAsjvVKZCAzFm5iWC%2BYorqIA3o%3D"}]}
content-type
text/html; charset=utf-8
location
https://visiqua-flipforms-production.s3.amazonaws.com/ui3f9pr5npls0se3kse3tp97hg8n?response-content-disposition=inline%3B%20filename%3D%22FlipForms_favicon.png%22%3B%20filename%2A%3DUTF-8%27%27FlipForms_favicon.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA24XLLHYZBS6UIPM3%2F20240901%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240901T070648Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2f48efa6b5f437d2556f5ce55b3c82631c9e7aac2e60d163399bbf2f381b3165
cache-control
max-age=300, private
185.198.62.44
ip-api.com/json/ 		0
0
NRJS-fd0df3b9067b5adad43
bam.nr-data.net/1/ 		150 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-fd0df3b9067b5adad43?a=491095843&v=1.264.0&to=dF1ZREFeWQ1TSk0JWVpXGENGQ0METw%3D%3D&rst=4282&ck=0&s=2dac02a7f5e2b842&ref=https://form.roiverify.com/&ptid=eefffdd750e0c013&qt=2&ap=91&be=969&fe=2808&dc=2636&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1725174404450,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:45,%22c%22:45,%22s%22:53,%22ce%22:711,%22rq%22:725,%22rp%22:969,%22rpe%22:1132,%22di%22:3593,%22ds%22:3593,%22de%22:3605,%22dc%22:3775,%22l%22:3776,%22le%22:3777%7D,%22navigation%22:%7B%7D%7D&fp=3092&fcp=3092
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.264.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06979b700b03829b3539f6ed8b097ac75f18819b107eef4316deb8341592fcbd

Request headers

Referer
https://form.roiverify.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 01 Sep 2024 07:06:49 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://form.roiverify.com
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
https://form.roiverify.com
Content-Length
150
x-served-by
cache-lin1730024-LIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ip-api.com
URL
http://ip-api.com/json/185.198.62.44

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.264.0.PROD object| newrelic function| moment function| sendRange object| Mailcheck object| $jscomp object| Rails boolean| _rails_loaded object| ActiveStorage function| $ function| jQuery object| jQuery1124043523095190408734 object| Turbolinks object| bootstrap object| toastr function| submitForm

1 Cookies

Domain/Path Name / Value
form.roiverify.com/ Name: _project_session
Value: zFexyROWf9lX4%2FtXQRWdr0BipAi79MQ6PmBhAz%2B%2FusKa3aINV1dR7kiAcmXmzhGCkVl7GvsdJ6N1uFQ1OSmKNvQfnOCVRC0o20aTVqzsgwOuGyD1TvvyjQrDpBAHMNOGCaVrXRqDktzrnj%2By7N56WMGO2c%2BQbFWloRKbvQr6q0ui2BQUQSt7z1%2B6mJwJYGXASE%2F3l%2Ftej%2FzhXy5c5rZLY1H3%2B%2FWBrH0RLfvzFgYAtJ2l%2BKU8JjGs6YQFmdZx4j6MLiCZuWA%2FWGS97YVoggTHWKFfeh45i0Nj%2F3BEgHsTP88N%2Fs2u4Fr%2FneybMl%2B4dm%2B0i5N%2BOg%3D%3D--XiUX6jbJN%2Bj7y4Dk--F%2FUX96FePruX66RtQeKp7A%3D%3D

1 Console Messages

Source Level URL
Text
security error URL: https://form.roiverify.com/(Line 178)
Message:
Mixed Content: The page at 'https://form.roiverify.com/' was loaded over HTTPS, but requested an insecure resource 'http://ip-api.com/json/185.198.62.44'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
form.roiverify.com
ip-api.com
js-agent.newrelic.com
jsonip.com
stackpath.bootstrapcdn.com
visiqua-flipforms-production.s3.amazonaws.com
ip-api.com
104.17.24.14
104.18.11.207
142.250.184.202
142.250.186.35
162.247.243.29
162.247.243.39
3.5.25.227
34.120.230.5
34.160.111.145
06979b700b03829b3539f6ed8b097ac75f18819b107eef4316deb8341592fcbd
23936c25358ebfc8ef0ba20f1135b2c8c2b93823c1b66f5aa5a9cd84b5e29a87
23ea8b0131618c9c09f81c16a30af6d68ea9a374b6532a0429c2da08812f5478
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3c2efee2d2cd465374eacf6bee61ec76580a4746e8795bf362b923ccca2bf1d4
5145870ca7db0e88fff2390425587408a67ae58cc170414237207eb90df4ae0e
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
5e4322f93284388da5a74a419b92efd60fb9004b76b20c2a009d500f03fec09d
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
ad23d8016792bbd6aafa2b7f771b2d605ac3ea830c2d799cd7f4fc4ce2126e33
ba4a9af22c0d9b4924384805889271a09d9d9fa354b3b9c3419d19f28a26bdd0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8e3caff800260c7271b53dbff9406c022f36c561407e42f3eaef37d11602d2a
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e7790928a9aac117196ecc76c9811fd1de936e39a8edcbaae1fa36edc895833c
f6d2e7a2ef75b5c803a1ffb06f9da5be7447676466d2a385f0cce914a7ac029c