www.formlets.com Open in urlscan Pro
2600:1901:0:f8f5::  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request / Show response www.formlets.com/forms/ktGIfUca1ANW1dda/	5 KB 2 KB	354ms 72ms	Document text/html	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 1958a1126d379692825a37c1917a61cdec9ae1b27112b7e93a66726ce1c83f59 Request headers :method GET :authority www.formlets.com :scheme https :path /forms/ktGIfUca1ANW1dda/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html; charset=utf-8 vary Accept-Encoding set-cookie PHPSESSID=b8015b080e3731273757061e8a02708a; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-encoding gzip x-cloud-trace-context 122062e0f415cbe05f9d727f92c95925;o=1 date Wed, 13 Oct 2021 13:58:19 GMT server Google Frontend content-length 2045 via 1.1 google alt-svc clear
GET H2	200	bootstrap.min.css www.formlets.com/static/css/	124 KB 26 KB	7ms 7ms	Stylesheet text/css	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.formlets.com/static/css/bootstrap.min.css?4v61 Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 63cda35e201c81523ea6010f356329dbac8ea949cb7e5223ebb05d416eb85d59 Request headers :path /static/css/bootstrap.min.css?4v61 pragma no-cache cookie PHPSESSID=b8015b080e3731273757061e8a02708a accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.formlets.com referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:13:38 GMT content-encoding gzip server Google Frontend age 2681 etag "kkuiag" content-type text/css access-control-allow-origin * x-cloud-trace-context e425214d4b5269ceeec98af1f7bd0bfb cache-control public, max-age=600 alt-svc clear content-length 26053 via 1.1 google expires Wed, 13 Oct 2021 13:23:38 GMT
GET H2	200	font-awesome.min.css www.formlets.com/static/css/	30 KB 8 KB	14ms 14ms	Stylesheet text/css	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.formlets.com/static/css/font-awesome.min.css?4v61 Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Request headers :path /static/css/font-awesome.min.css?4v61 pragma no-cache cookie PHPSESSID=b8015b080e3731273757061e8a02708a accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.formlets.com referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:39:48 GMT content-encoding gzip server Google Frontend age 1111 etag "kkuiag" content-type text/css access-control-allow-origin * x-cloud-trace-context b25ce1ed3a830444f8b33cb79735da36 cache-control public, max-age=600 alt-svc clear content-length 7955 via 1.1 google expires Wed, 13 Oct 2021 13:49:48 GMT
GET H2	200	marketing.min.css www.formlets.com/static/css/	11 KB 3 KB	13ms 13ms	Stylesheet text/css	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.formlets.com/static/css/marketing.min.css?4v61 Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 8ddbd09f6761c766e7992d366c4bb3ec5450ffe2875d0356d1c0ebd2fbcec1ce Request headers :path /static/css/marketing.min.css?4v61 pragma no-cache cookie PHPSESSID=b8015b080e3731273757061e8a02708a accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.formlets.com referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:13:38 GMT content-encoding gzip server Google Frontend age 2681 etag "kkuiag" content-type text/css access-control-allow-origin * x-cloud-trace-context e425214d4b5269ceeec98af1f7bd0bfb cache-control public, max-age=600 alt-svc clear content-length 3474 via 1.1 google expires Wed, 13 Oct 2021 13:23:38 GMT
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	853 B 992 B	68ms 17ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ce084b96e16a8592fb2388c53e7f3fdd8b4324ec10a522f6db53d961e98c63fd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:58:20 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 558 x-xss-protection 1; mode=block expires Wed, 13 Oct 2021 13:58:20 GMT
GET H2	200	logo-black.svg www.formlets.com/static/img/	2 KB 833 B	8ms 7ms	Image image/svg+xml	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.formlets.com/static/img/logo-black.svg Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 072ae73f52c70e99d66eb93f6a7e3cd6c588c9c90fefca8866a6bb70d98e2f66 Request headers :path /static/img/logo-black.svg pragma no-cache cookie PHPSESSID=b8015b080e3731273757061e8a02708a accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.formlets.com referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:29:51 GMT content-encoding gzip server Google Frontend age 1709 etag "kkuiag" content-type image/svg+xml access-control-allow-origin * x-cloud-trace-context 22834905dbba99fcee560708ec6a44b4 cache-control public, max-age=600 alt-svc clear content-length 710 via 1.1 google expires Wed, 13 Oct 2021 13:39:51 GMT
GET H2	200	client Show response accounts.google.com/gsi/	183 KB 73 KB	84ms 33ms	Script application/javascript	2a00:1450:4001:810::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 909f77048e8fc0a1dc145ba324ff12cd6452aa2977e3baab473946ebd558d9c4 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-l0oohQr8mqz8O6MtcIU9QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:58:20 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]} p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private, max-age=1800 cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-l0oohQr8mqz8O6MtcIU9QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport content-type application/javascript; charset=utf-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA" expires Wed, 13 Oct 2021 13:58:20 GMT
GET H2	200	es5.js Show response unpkg.com/bowser@2.4.0/	24 KB 5 KB	183ms 47ms	Script application/javascript	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/bowser@2.4.0/es5.js Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e74a3a42185068bd2cba1a272dce844df8fda0cc77e7460f86115d5c007ca353 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:58:20 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 15299308 fly-request-id 01F3N0JTC5PNWV3BJDHMZA2GP7 content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"5e40-vp2Nei/hbte/BNkjzNfGFtQnnh8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 69d91507ead14339-FRA
GET H2	200	edsjs Show response www.formlets.com/	980 B 631 B	52ms 52ms	Script text/html	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.formlets.com/edsjs Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash b6fa713e02c1b573d478a81a9c13a1a988d58c55d0999df74af4fcb07b14dfec Request headers :path /edsjs pragma no-cache cookie PHPSESSID=b8015b080e3731273757061e8a02708a accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.formlets.com referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/forms/ktGIfUca1ANW1dda/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 13:58:20 GMT content-encoding gzip server Google Frontend vary Accept-Encoding content-type text/html; charset=utf-8 via 1.1 google x-cloud-trace-context ebb37501cb6c71cba932e2a2b97e3b1e cache-control no-store, no-cache, must-revalidate alt-svc clear content-length 539 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	109 KB 42 KB	53ms 32ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5F5XK3B Requested by Host: www.formlets.com URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f98f95715df6592de815392c2ad49fe11f52859b0103674cdf02a32789fae47b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:58:20 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42545 x-xss-protection 0 last-modified Wed, 13 Oct 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 13 Oct 2021 13:58:20 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	158ms 16ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700 Requested by Host: www.formlets.com URL: https://www.formlets.com/static/css/marketing.min.css?4v61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 13 Oct 2021 13:01:33 GMT server ESF date Wed, 13 Oct 2021 13:58:20 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Wed, 13 Oct 2021 13:58:20 GMT
GET H2	200	slide_bg-min.jpg www.formlets.com/static/img/	45 KB 45 KB	8ms 8ms	Image image/jpeg	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.formlets.com/static/img/slide_bg-min.jpg? Requested by Host: www.formlets.com URL: https://www.formlets.com/static/css/marketing.min.css?4v61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 30cf8a29826d6e2455322538aa5b6893584df32adbcf474b670c42aaa5f23d4d Request headers :path /static/img/slide_bg-min.jpg? pragma no-cache cookie PHPSESSID=b8015b080e3731273757061e8a02708a accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.formlets.com referer https://www.formlets.com/static/css/marketing.min.css?4v61 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/static/css/marketing.min.css?4v61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:13:38 GMT via 1.1 google server Google Frontend age 2682 etag "kkuiag" content-type image/jpeg access-control-allow-origin * x-cloud-trace-context 57e6eac1c054dd605d68e9526e97ce4b cache-control public, max-age=600 alt-svc clear content-length 45698 expires Wed, 13 Oct 2021 13:23:38 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	15 KB 16 KB	33ms 10ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.formlets.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 10 Oct 2021 14:38:52 GMT x-content-type-options nosniff age 256768 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15764 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:17 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 10 Oct 2022 14:38:52 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v14/	16 KB 16 KB	30ms 7ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.formlets.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 10 Oct 2021 11:16:30 GMT x-content-type-options nosniff age 268910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16112 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:09 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 10 Oct 2022 11:16:30 GMT
GET H2	200	fontawesome-webfont.woff2 www.formlets.com/static/fonts/	75 KB 76 KB	10ms 10ms	Font font/woff2	2600:1901:0:f8f5:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.formlets.com/static/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.formlets.com URL: https://www.formlets.com/static/css/font-awesome.min.css?4v61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:f8f5:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers sec-fetch-mode cors origin https://www.formlets.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=b8015b080e3731273757061e8a02708a :path /static/fonts/fontawesome-webfont.woff2?v=4.7.0 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept */* cache-control no-cache :authority www.formlets.com referer https://www.formlets.com/static/css/font-awesome.min.css?4v61 :scheme https sec-fetch-site same-origin :method GET Referer https://www.formlets.com/static/css/font-awesome.min.css?4v61 Origin https://www.formlets.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:37:29 GMT via 1.1 google server Google Frontend age 1251 etag "kkuiag" content-type font/woff2 access-control-allow-origin * x-cloud-trace-context c0026775b8b03f5ec6d834ebd749ed97 cache-control public, max-age=600 alt-svc clear content-length 77160 expires Wed, 13 Oct 2021 13:47:29 GMT
OPTIONS H2	200	/ easydatastore.com/api/v1/iTQa96qnD5Nmw7Es5ctEkpKzpDK3wD45bQdRyemD/	0 0	166ms 111ms	Preflight text/html	2001:4860:4802:36::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://easydatastore.com/api/v1/iTQa96qnD5Nmw7Es5ctEkpKzpDK3wD45bQdRyemD/ Protocol H2 Server 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.formlets.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers content-type text/html; charset=utf-8 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache access-control-allow-origin https://www.formlets.com access-control-allow-credentials true access-control-max-age 86400 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers content-type content-encoding gzip x-cloud-trace-context e4cc9d56704f396f20b584b25b296987;o=1 date Wed, 13 Oct 2021 13:58:20 GMT server Google Frontend content-length 20
POST H2	401	/ Show response easydatastore.com/api/v1/iTQa96qnD5Nmw7Es5ctEkpKzpDK3wD45bQdRyemD/	107 B 241 B	143ms 143ms	XHR text/html	2001:4860:4802:36::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://easydatastore.com/api/v1/iTQa96qnD5Nmw7Es5ctEkpKzpDK3wD45bQdRyemD/ Requested by Host: www.formlets.com URL: https://www.formlets.com/edsjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 37fa645096549fa19cc63a068a78592123f39f8fdecd0e350c73edd87bf1094d Request headers Referer https://www.formlets.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Wed, 13 Oct 2021 13:58:20 GMT server Google Frontend access-control-max-age 86400 content-type text/html; charset=utf-8 access-control-allow-origin https://www.formlets.com x-cloud-trace-context b70b5d87e8265397c9f49d9502bd2704 cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-length 107 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	28ms 6ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F5XK3B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 28 Sep 2021 21:34:48 GMT server Golfe2 age 7034 date Wed, 13 Oct 2021 12:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19887 expires Wed, 13 Oct 2021 14:01:06 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/	346 KB 135 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.formlets.com/ Origin https://www.formlets.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:57:24 GMT content-encoding gzip x-content-type-options nosniff age 56 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 137921 x-xss-protection 0 last-modified Mon, 04 Oct 2021 04:21:56 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Thu, 13 Oct 2022 13:57:24 GMT
GET H2	200	style accounts.google.com/gsi/	658 B 662 B	24ms 24ms	Stylesheet text/css	2a00:1450:4001:810::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/style Requested by Host: URL: /_/gsi/_/js/k=gsi.gsi.de.qZX2gdprkOQ.O/am=chE/d=1/rs=AF0KOtWMryja6aXL5uxxA4i_oj9N-Dst8A/m=gis_client_library Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bf3b24767fc257674429212a2270b44f3345e9b9006807c19b146487aa596ae5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-jE3J/F62BElwThHnTKkGSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:58:20 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]} content-type text/css; charset=utf-8 cache-control private, max-age=86400 cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-jE3J/F62BElwThHnTKkGSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA" expires Wed, 13 Oct 2021 13:58:20 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 208 B	14ms 13ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j94&a=908565821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.formlets.com%2Fforms%2FktGIfUca1ANW1dda%2F&ul=en-us&de=UTF-8&dt=404%20Page%20not%20found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1200498397&gjid=487492057&cid=966563281.1634133500&tid=UA-60128463-1&_gid=291709136.1634133500&_r=1&gtm=2wgab05F5XK3B&z=351201851 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.formlets.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 13 Oct 2021 13:58:20 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.formlets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	status Show response accounts.google.com/gsi/	40 B 492 B	29ms 29ms	XHR application/json	2a00:1450:4001:810::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/status?client_id=457996263112-8movccdb62mmm4tpkfu5nf0bn55knq31.apps.googleusercontent.com&as=n0r1SjMJlhzBZnld%2B0gOAg Requested by Host: URL: /_/gsi/_/js/k=gsi.gsi.de.qZX2gdprkOQ.O/am=chE/d=1/rs=AF0KOtWMryja6aXL5uxxA4i_oj9N-Dst8A/m=gis_client_library Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7fbf7bf1f6ed26c43a1945fba43aa3d3e80e495cee8e8fa49e0882a76f3692a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Qa2Dw1Cr6UeyuUA1imrO5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 13:58:20 GMT content-encoding gzip x-content-type-options nosniff content-disposition attachment; filename="json.txt"; filename*=UTF-8''json.txt access-control-allow-methods GET alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache server ESF x-frame-options SAMEORIGIN report-to {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]} content-type application/json; charset=utf-8 access-control-allow-origin https://www.formlets.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-Qa2Dw1Cr6UeyuUA1imrO5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport cross-origin-opener-policy-report-only same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA" expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 464 B	45ms 14ms	XHR text/plain	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-60128463-1&cid=966563281.1634133500&jid=1200498397&gjid=487492057&_gid=291709136.1634133500&_u=YEBAAAAAAAAAAC~&z=1926066768 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.formlets.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 13 Oct 2021 13:58:20 GMT content-type text/plain access-control-allow-origin https://www.formlets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 522 B	56ms 34ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-60128463-1&cid=966563281.1634133500&jid=1200498397&_u=YEBAAAAAAAAAAC~&z=387827186 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 13:58:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 522 B	57ms 36ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-60128463-1&cid=966563281.1634133500&jid=1200498397&_u=YEBAAAAAAAAAAC~&z=387827186 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.formlets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 13:58:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| captchaloaded number| init function| toggleMenu function| bowser string| clientip object| result string| data object| xhr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_447572 object| gaplugins object| gaGlobal object| gaData object| recaptcha

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.formlets.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b8015b080e3731273757061e8a02708a
			.google.com/	1970-01-20 02:19:04	Name: NID Value: 511=MfevJCxyv24u0J-cwLg0XOBSMhDdTzoP_nNoEgYRz6FtHXJBV27NenJSXpjur0uXwr2gomHTlRu9ARUt6aw1tSnwF9FMxWPhTEC1Wh82Y3yNgdvQzktvwww7eMaa5y47ks7tpdX5_9Ul6HbCHBwQSS-0gP_0lqviOov5dj8VYco
			.formlets.com/	1970-01-20 15:26:45	Name: _ga Value: GA1.2.966563281.1634133500
			.formlets.com/	1970-01-19 21:56:59	Name: _gid Value: GA1.2.291709136.1634133500
			.formlets.com/	1970-01-19 21:55:33	Name: _gat_UA-60128463-1 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.formlets.com/forms/ktGIfUca1ANW1dda/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://easydatastore.com/api/v1/iTQa96qnD5Nmw7Es5ctEkpKzpDK3wD45bQdRyemD/ Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
easydatastore.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
unpkg.com
www.formlets.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
2001:4860:4802:36::15
2600:1901:0:f8f5::
2606:4700::6810:7baf
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:810::200d
2a00:1450:4001:811::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::2004
2a00:1450:400c:c0c::9b
072ae73f52c70e99d66eb93f6a7e3cd6c588c9c90fefca8866a6bb70d98e2f66
1958a1126d379692825a37c1917a61cdec9ae1b27112b7e93a66726ce1c83f59
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30cf8a29826d6e2455322538aa5b6893584df32adbcf474b670c42aaa5f23d4d
37fa645096549fa19cc63a068a78592123f39f8fdecd0e350c73edd87bf1094d
63cda35e201c81523ea6010f356329dbac8ea949cb7e5223ebb05d416eb85d59
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ddbd09f6761c766e7992d366c4bb3ec5450ffe2875d0356d1c0ebd2fbcec1ce
909f77048e8fc0a1dc145ba324ff12cd6452aa2977e3baab473946ebd558d9c4
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
b6fa713e02c1b573d478a81a9c13a1a988d58c55d0999df74af4fcb07b14dfec
bf3b24767fc257674429212a2270b44f3345e9b9006807c19b146487aa596ae5
ce084b96e16a8592fb2388c53e7f3fdd8b4324ec10a522f6db53d961e98c63fd
d7fbf7bf1f6ed26c43a1945fba43aa3d3e80e495cee8e8fa49e0882a76f3692a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e74a3a42185068bd2cba1a272dce844df8fda0cc77e7460f86115d5c007ca353
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f98f95715df6592de815392c2ad49fe11f52859b0103674cdf02a32789fae47b
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3