merge.myresman.com Open in urlscan Pro
104.210.210.187  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request f46fb27143364c20ad99c2d84dbd0cf9 Show response merge.myresman.com/Guarantor/Guarantor/Index/	2 KB 2 KB	2642ms 2203ms	Document text/html	104.210.210.187 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://merge.myresman.com/Guarantor/Guarantor/Index/f46fb27143364c20ad99c2d84dbd0cf9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.210.210.187 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f57e282b1c690d2aeca21c060bf62780e5c69a2ead9269da9ff1a8334b1984dd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-expose-headers Request-Context cache-control no-cache content-encoding gzip content-length 1716 content-type text/html; charset=utf-8 date Tue, 05 Jul 2022 13:00:23 GMT expires -1 pragma no-cache request-context appId=cid-v1:0740ed42-6be2-40c0-80b2-5b790342e753 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	launcher.js Show response cdn.bluemoonforms.com/	56 KB 56 KB	154ms 43ms	Script application/javascript	13.32.99.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.bluemoonforms.com/launcher.js Requested by Host: merge.myresman.com URL: https://merge.myresman.com/Guarantor/Guarantor/Index/f46fb27143364c20ad99c2d84dbd0cf9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-101.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 0dcfcaba321d4407b47ee8b77b69b5ec9ffc9a957d3f58304bc446a51f07723f Request headers accept-language de-DE,de;q=0.9 Referer https://merge.myresman.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 15:24:00 GMT via 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront) last-modified Wed, 15 Jun 2022 00:38:09 GMT server AmazonS3 age 77785 etag "7ebc6c92ac894bdf225988afa46d1adb" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA60-P3 accept-ranges bytes content-length 57430 x-amz-cf-id QqkTk1cfqRskeIDrATJ4Hj1GfcbrqFGo7PSEtld8Vw9LWh7TIb-2jQ==
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	152ms 47ms	Script application/javascript	2001:4de0:ac18::1:a:1b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: merge.myresman.com URL: https://merge.myresman.com/Guarantor/Guarantor/Index/f46fb27143364c20ad99c2d84dbd0cf9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://merge.myresman.com/ Origin https://merge.myresman.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 13:00:24 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-15d84" vary Accept-Encoding x-hw 1657026024.dop056.fr8.t,1657026024.cds005.fr8.hn,1657026024.cds280.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	BlueMoonGuarantor.js Show response merge.myresman.com/Areas/Guarantor/Scripts/	846 B 636 B	161ms 161ms	Script application/javascript	104.210.210.187 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://merge.myresman.com/Areas/Guarantor/Scripts/BlueMoonGuarantor.js Requested by Host: merge.myresman.com URL: https://merge.myresman.com/Guarantor/Guarantor/Index/f46fb27143364c20ad99c2d84dbd0cf9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.210.210.187 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7516820e12251c9ca586b4694b0d452f85902e2a1633b8907ed4952b6ec6929f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://merge.myresman.com/Guarantor/Guarantor/Index/f46fb27143364c20ad99c2d84dbd0cf9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Jun 2022 21:43:44 GMT x-frame-options SAMEORIGIN etag "0687a78ca8cd81:0" vary Accept-Encoding content-type application/javascript access-control-expose-headers Request-Context date Tue, 05 Jul 2022 13:00:23 GMT accept-ranges bytes content-length 531 request-context appId=cid-v1:0740ed42-6be2-40c0-80b2-5b790342e753
GET H2	200	index-es2015.js Show response cdn.bluemoonforms.com/web-components/guarantor-client/ Frame 8D47	2 MB 2 MB	774ms 696ms	Script application/javascript	13.32.99.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.bluemoonforms.com/web-components/guarantor-client/index-es2015.js Requested by Host: cdn.bluemoonforms.com URL: https://cdn.bluemoonforms.com/launcher.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-101.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d65a189fed097552840a9ab56d75f81fff13985e2f910869057ef09279617797 Request headers Referer Origin https://merge.myresman.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 13:00:25 GMT via 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront) last-modified Wed, 27 Apr 2022 00:52:26 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag "cbc1266a27f1d3f9c4bbef6339794aec" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * x-cache Miss from cloudfront accept-ranges bytes content-length 2338081 x-amz-cf-id WFhCQ8mG2JkPAA4mVLmUqtwE1TB_hCsIY83ijy1mz56ouwhOeD1nfA==
GET H2	200	styles.css cdn.bluemoonforms.com/web-components/guarantor-client/ Frame 8D47	96 KB 96 KB	53ms 51ms	Stylesheet text/css	13.32.99.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.bluemoonforms.com/web-components/guarantor-client/styles.css Requested by Host: cdn.bluemoonforms.com URL: https://cdn.bluemoonforms.com/launcher.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-101.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 4e6166529160442592757dc38b051de24ce0e5f8c11264d31603762afa5ca516 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 12:12:44 GMT via 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront) last-modified Wed, 27 Apr 2022 00:52:27 GMT server AmazonS3 age 2861 etag "857ed8730966c002288aa9eea798b8b5" x-cache Hit from cloudfront content-type text/css x-amz-cf-pop FRA60-P3 accept-ranges bytes content-length 98111 x-amz-cf-id y6VeZF7bsnnjJJnMPdWbkjI5n7O-7kf9DHsi1PeS8UU6zseMxVbXjQ==
POST H/1.1	200 OK	/ Show response logs-01.loggly.com/inputs/a33ea219-83b3-4646-8333-a59d75f9116e/tag/bwc/	19 B 293 B	205ms 204ms	XHR text/html	52.10.127.183 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://logs-01.loggly.com/inputs/a33ea219-83b3-4646-8333-a59d75f9116e/tag/bwc/ Requested by Host: cdn.bluemoonforms.com URL: https://cdn.bluemoonforms.com/launcher.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.10.127.183 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-10-127-183.us-west-2.compute.amazonaws.com Software nginx / Resource Hash cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261 Request headers Referer https://merge.myresman.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin * Date Tue, 05 Jul 2022 13:00:25 GMT Server nginx Connection keep-alive Access-Control-Allow-Headers Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP Content-Length 19 Content-Type text/html
OPTIONS H/1.1	204 No Content	/ logs-01.loggly.com/inputs/a33ea219-83b3-4646-8333-a59d75f9116e/tag/bwc/ Frame	0 0	821ms 203ms	Preflight text/plain	52.10.127.183 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://logs-01.loggly.com/inputs/a33ea219-83b3-4646-8333-a59d75f9116e/tag/bwc/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.10.127.183 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-10-127-183.us-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://merge.myresman.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Headers Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Max-Age 1728000 Connection keep-alive Content-Length 0 Content-Type text/plain; charset=utf-8 Date Tue, 05 Jul 2022 13:00:25 GMT Server nginx
GET H2	200	icon fonts.googleapis.com/ Frame 8D47	569 B 868 B	130ms 46ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: cdn.bluemoonforms.com URL: https://cdn.bluemoonforms.com/web-components/guarantor-client/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e5a4c217a4fdc86c00b2226d6f98c1c286a444e1d75d88c4676c0953b75120a3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.bluemoonforms.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 05 Jul 2022 13:00:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 05 Jul 2022 13:00:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 05 Jul 2022 13:00:24 GMT
OPTIONS H2	204	f46fb27143364c20ad99c2d84dbd0cf9 api.bluemoonforms.com/guarantor/api/guarantor/ Frame	0 0	867ms 290ms	Preflight	35.83.193.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bluemoonforms.com/guarantor/api/guarantor/f46fb27143364c20ad99c2d84dbd0cf9?client=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.83.193.9 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-83-193-9.us-west-2.compute.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://merge.myresman.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-headers authorization access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, PATCH access-control-allow-origin * access-control-max-age 0 cache-control no-cache, private date Tue, 05 Jul 2022 13:00:26 GMT server Apache/2.4.38 (Debian) vary Access-Control-Request-Headers,Access-Control-Request-Method
OPTIONS H2	204	fields api.bluemoonforms.com/guarantor/api/guaranty/ Frame	0 0	798ms 221ms	Preflight	35.83.193.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bluemoonforms.com/guarantor/api/guaranty/fields?property_id=5818 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.83.193.9 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-83-193-9.us-west-2.compute.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://merge.myresman.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-headers authorization access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, PATCH access-control-allow-origin * access-control-max-age 0 cache-control no-cache, private date Tue, 05 Jul 2022 13:00:26 GMT server Apache/2.4.38 (Debian) vary Access-Control-Request-Headers,Access-Control-Request-Method
GET H2	200	f46fb27143364c20ad99c2d84dbd0cf9 Show response api.bluemoonforms.com/guarantor/api/guarantor/ Frame 8D47	1 KB 2 KB	409ms 409ms	XHR application/json	35.83.193.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bluemoonforms.com/guarantor/api/guarantor/f46fb27143364c20ad99c2d84dbd0cf9?client=true Requested by Host: cdn.bluemoonforms.com URL: https://cdn.bluemoonforms.com/web-components/guarantor-client/index-es2015.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.83.193.9 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-83-193-9.us-west-2.compute.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash 0f9e2f84982a523ac2ab386e7792f144845b0d9067c6444addca1b0c58010ab6 Request headers Accept application/json, text/plain, */* Referer Authorization Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI4IiwianRpIjoiMmFiOTM1MTNjZWQwNjY4NmE4OGI2N2E5MmFiNjhhM2U1OGJhZWE5YjVjOWE3OWJmZjdjYzMwNDdmOGY2YWJlMTgyYTA0ODUzMDgwNWY3YmMiLCJpYXQiOjE2NTcwMjYwMjIsIm5iZiI6MTY1NzAyNjAyMiwiZXhwIjoxNjU4MzIyMDIyLCJzdWIiOiIxNTU3MzQiLCJzY29wZXMiOlsiKiJdfQ.h8DDDz24l1iF0nkOT5Q94g2iOyYam6T3UDsAZFihamw7PZUtHXXHUWOAbEUhiPJKaImvQTA7dQt69ljfgRWI_EvniY-V2VOvARc4x07NzQBYMjPaanGigwCXT3tNP12rijLbhDUYshS_Vwn6UOQ6Qxoknz2MNuggATyyzHbBEFA-5w2wljmmfruDVsCgezRT8XnLL8drVfiILhoHz0DcgKCw1Hs97rrdubbLaQUeaHd3u8MIBS5V2o7BKuRG9nzhHIgve-auQNTUBl9a6J-EqmTxgbrUVC1uPARADFfsQ99QEQ-et2xkkAzoKPkduyp9V0IStXk3RUVJlFj1M1-oCVyNNkr_KpziGM5BQ7ch3OPEEppw2IUvEB0crtax9zUoKYbLSFuPdgjigDCDHZ9rztauwIaOx1LgmJ0v-lXRxHKNYU6JAprqnAmscVwwK8custD4-MpWYetq9oZtGHClTXxe16As3NJuEZaEoR5yUzMsD9Iz2LoU4_U2JhssVxAHDAuULgL3H5HFYNyoJkMgHAvWhY0ywHxDqVHiqSz157xCja74dQaPOkdBtfuUYTmYx7sGctvw2SkXMkfMTONKRJY2n_81U8BHJl8ayJd8QNb3Gc5fwf0kTA0XUfB26LlLunrce7lTy3qXKVUWCn-vGI6Db7FalfA1HgOKlaVqwp8 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 13:00:27 GMT server Apache/2.4.38 (Debian) vary Authorization content-type application/json access-control-allow-origin * x-ratelimit-remaining 718 cache-control no-cache, private x-ratelimit-limit 720 content-length 1472 access-control-expose-headers Provider, X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
GET H2	200	fields Show response api.bluemoonforms.com/guarantor/api/guaranty/ Frame 8D47	35 KB 35 KB	273ms 273ms	XHR application/json	35.83.193.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.bluemoonforms.com/guarantor/api/guaranty/fields?property_id=5818 Requested by Host: cdn.bluemoonforms.com URL: https://cdn.bluemoonforms.com/web-components/guarantor-client/index-es2015.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.83.193.9 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-83-193-9.us-west-2.compute.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash 04d86538938b3a1b9a6390ad475b59f64a7f3795d658a5b08e8cdb74b248a4e5 Request headers Accept application/json, text/plain, */* Referer Authorization Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI4IiwianRpIjoiMmFiOTM1MTNjZWQwNjY4NmE4OGI2N2E5MmFiNjhhM2U1OGJhZWE5YjVjOWE3OWJmZjdjYzMwNDdmOGY2YWJlMTgyYTA0ODUzMDgwNWY3YmMiLCJpYXQiOjE2NTcwMjYwMjIsIm5iZiI6MTY1NzAyNjAyMiwiZXhwIjoxNjU4MzIyMDIyLCJzdWIiOiIxNTU3MzQiLCJzY29wZXMiOlsiKiJdfQ.h8DDDz24l1iF0nkOT5Q94g2iOyYam6T3UDsAZFihamw7PZUtHXXHUWOAbEUhiPJKaImvQTA7dQt69ljfgRWI_EvniY-V2VOvARc4x07NzQBYMjPaanGigwCXT3tNP12rijLbhDUYshS_Vwn6UOQ6Qxoknz2MNuggATyyzHbBEFA-5w2wljmmfruDVsCgezRT8XnLL8drVfiILhoHz0DcgKCw1Hs97rrdubbLaQUeaHd3u8MIBS5V2o7BKuRG9nzhHIgve-auQNTUBl9a6J-EqmTxgbrUVC1uPARADFfsQ99QEQ-et2xkkAzoKPkduyp9V0IStXk3RUVJlFj1M1-oCVyNNkr_KpziGM5BQ7ch3OPEEppw2IUvEB0crtax9zUoKYbLSFuPdgjigDCDHZ9rztauwIaOx1LgmJ0v-lXRxHKNYU6JAprqnAmscVwwK8custD4-MpWYetq9oZtGHClTXxe16As3NJuEZaEoR5yUzMsD9Iz2LoU4_U2JhssVxAHDAuULgL3H5HFYNyoJkMgHAvWhY0ywHxDqVHiqSz157xCja74dQaPOkdBtfuUYTmYx7sGctvw2SkXMkfMTONKRJY2n_81U8BHJl8ayJd8QNb3Gc5fwf0kTA0XUfB26LlLunrce7lTy3qXKVUWCn-vGI6Db7FalfA1HgOKlaVqwp8 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 13:00:27 GMT server Apache/2.4.38 (Debian) vary Authorization content-type application/json access-control-allow-origin * x-ratelimit-remaining 719 cache-control no-cache, private x-ratelimit-limit 720 access-control-expose-headers Provider, X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
GET DATA	200 OK	truncated / Frame 8D47	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e1d9a9fe0d62351f45d83556b8d6b2fb6472c0cf51a3a78630d14c8784d9b17f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| firstLastName string| bluemoonToken string| propertyNumber string| guarantorKey string| phone string| birthdate string| email boolean| gender string| driverLicenseNumberAndState string| socialSecurityNumber object| bluemoonConfig function| BluemoonElements function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bluemoonforms.com
cdn.bluemoonforms.com
code.jquery.com
fonts.googleapis.com
logs-01.loggly.com
merge.myresman.com
104.210.210.187
13.32.99.101
2001:4de0:ac18::1:a:1b
2a00:1450:4001:828::200a
35.83.193.9
52.10.127.183
04d86538938b3a1b9a6390ad475b59f64a7f3795d658a5b08e8cdb74b248a4e5
0dcfcaba321d4407b47ee8b77b69b5ec9ffc9a957d3f58304bc446a51f07723f
0f9e2f84982a523ac2ab386e7792f144845b0d9067c6444addca1b0c58010ab6
4e6166529160442592757dc38b051de24ce0e5f8c11264d31603762afa5ca516
7516820e12251c9ca586b4694b0d452f85902e2a1633b8907ed4952b6ec6929f
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
d65a189fed097552840a9ab56d75f81fff13985e2f910869057ef09279617797
e1d9a9fe0d62351f45d83556b8d6b2fb6472c0cf51a3a78630d14c8784d9b17f
e5a4c217a4fdc86c00b2226d6f98c1c286a444e1d75d88c4676c0953b75120a3
f57e282b1c690d2aeca21c060bf62780e5c69a2ead9269da9ff1a8334b1984dd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d