urlscan.io logo urlscan.io
SecurityTrails logo

forms.westock.io Open in urlscan Pro
3.16.193.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trk.klclick.com/ls/click?upn=pk4JYac-2BTYYpFwnC1F4tjiDHhbrZLmECYmPcQJa9bqeFd8GD1fJ667BcFMZ6VTHUUBHgptsgCto0kKb82...
Effective URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor...
Submission: On September 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 3.16.193.42, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is forms.westock.io.
TLS certificate: Issued by R3 on July 9th 2023. Valid for: 3 months.
This is the only time forms.westock.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:223c:400:14:c8fd:7700:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.klclick.com
8    3.16.193.42 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-193-42.us-east-2.compute.amazonaws.com
forms.westock.io
image.westock.io
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
Apex Domain
Subdomains		 Transfer
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
ajax.googleapis.com — Cisco Umbrella Rank: 368
maps.googleapis.com — Cisco Umbrella Rank: 391
295 KB
8 westock.io
forms.westock.io
image.westock.io
359 KB
3 gstatic.com
fonts.gstatic.com
maps.gstatic.com
51 KB
1 klclick.com
trk.klclick.com — Cisco Umbrella Rank: 12155
454 B
19 4
Domain Requested by
6 maps.googleapis.com forms.westock.io
maps.googleapis.com
6 forms.westock.io forms.westock.io
2 maps.gstatic.com forms.westock.io
2 image.westock.io forms.westock.io
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com forms.westock.io
1 fonts.googleapis.com forms.westock.io
1 trk.klclick.com 1 redirects
19 8

This site contains links to these domains. Also see Links.

Domain
app.westock.io
westock.io
Subject Issuer Validity Valid
forms.westock.io
R3		 2023-07-09 -
2023-10-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
image.westock.io
R3		 2023-07-30 -
2023-10-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Frame ID: 5DD9772A9019FABFD63AEB0600A90D09
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Evo Hemp

Page URL History Show full URLs

  1. https://trk.klclick.com/ls/click?upn=pk4JYac-2BTYYpFwnC1F4tjiDHhbrZLmECYmPcQJa9bqeFd8GD1fJ667BcFMZ6V... HTTP 302
    https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tin... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

86 %
IPv6

4
Domains

8
Subdomains

6
IPs

2
Countries

706 kB
Transfer

1229 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.klclick.com/ls/click?upn=pk4JYac-2BTYYpFwnC1F4tjiDHhbrZLmECYmPcQJa9bqeFd8GD1fJ667BcFMZ6VTHUUBHgptsgCto0kKb82CROneLuS33OeIoaWh7b8oDmdcOIWKNLfIU4KB7O0hwJhp1Izfx-2FYnG6WzzE1OTZgw2HMfm-2BHVlJZTPQ06X3z3rull9YalSJy1-2FkhK4sLwAEDgpOUD8EJucUPrTQgchqdVrmMoctVscLuIfsQH1ux7lLgO-2F63iAHnb1m5d-2BYgqLIxR1membFRa5e6L8kBXUByFaz1OXELbA1fQfw5TSQE4wjYJrnpkW2QVM2LorQYe1z8Uco9D8iVMgzrdxrTyn7JJbV7yLqR8w29vX1UL2WqhkZrAQ-3DcI2M_f5CCQS0N95iO0XGkG5jjbwGB7ZNnRmUBC0H8b3EeNWcljfrRBjd77BtYWmauTAQmRK3ZFIJce14VuqvS8gSA-2FVqmzhYKymHIXlOFEdup6fwmreFHb3wLSyP7PcyzEDRJ7IbkJKgoCIA6yEWJtIgDN0TAbj7V1eb51vYBuBdYu8ARnuo-2B8FdxIQCLumfeUIkZUdB1yyqzM4KrigU9bDo8hwJC-2FosIYCf2VWCN0ZP6VZBY1DzKDrAMoE1437Dr-2F-2FZV99FFixEeJ5RtVZpqAuMi4otdEdSrjuaoJEbzQp0pxtETAd2nUTUwbeHxgUO9J9QVmPz7BS1bchtK6PputCGxlyP3F2C-2B3hzb899oawsLT9kzkN4GEnJ1RgoCRH6GbMBse9Ap-2BGvAPH0ecgTQJRXAA2j2GQoSe3-2BRDIo8sOFaPkHzCiZ-2Buf3rkFRwlrQbHn02DNYwIAcShptckenNykIJaQ-3D-3D HTTP 302
    https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1155
forms.westock.io/brand/
Redirect Chain
  • https://trk.klclick.com/ls/click?upn=pk4JYac-2BTYYpFwnC1F4tjiDHhbrZLmECYmPcQJa9bqeFd8GD1fJ667BcFMZ6VTHUUBHgptsgCto0kKb82CROneLuS33OeIoaWh7b8oDmdcOIWKNLfIU4KB7O0hwJhp1Izfx-2FYnG6WzzE1OTZgw2HMfm-2BHV...
  • https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsle...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
625b3a8c601adda324d954600096dca03014a83e8bf675a8c7c99cbbfe202651

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 01:51:48 GMT
ETag
W/"194e-RVj29UPDNb0SqVpF3vnivwSGcqY"
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express

Redirect headers

content-length
302
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 01:51:47 GMT
location
https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
server
nginx
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-id
GEFW5QxnBaFzb1-UMVSvN2omO-RX2QmXk0jVkSlHJG4ITEjy9UoOPQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
style.css
forms.westock.io/brand/scripts/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.westock.io/brand/scripts/style.css
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
74536753bb3689c7763bb7f972fd97eb79896af7b86a8cf5d8a7ec779a4cb53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Mon, 04 Sep 2023 01:51:48 GMT
Last-Modified
Thu, 17 Nov 2022 16:48:19 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1971-184867dc07a"
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6513
css
fonts.googleapis.com/ 		3 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fd171582e685076daaddfc6ff7fac1416978de392a67317711b6da9ce18710a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 01:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 01:28:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Sep 2023 01:51:48 GMT
background.jpg
image.westock.io/brands/1155/form/ 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.westock.io/brands/1155/form/background.jpg
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8071c2c134737b36844144d0340e5560b93df47d8d16937db69045e8188fb7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Mon, 04 Sep 2023 01:51:48 GMT
Last-Modified
Tue, 01 Nov 2022 13:33:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63612027-30feb"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://app.westock.io
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
200683
logo.jpg
image.westock.io/brands/1155/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.westock.io/brands/1155/logo.jpg
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
10b03d686984e4da8c8531f2264ace77e95de2340982d755c3f4f9bc2fffc5ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Mon, 04 Sep 2023 01:51:48 GMT
Last-Modified
Tue, 01 Nov 2022 13:33:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63612027-1401a"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://app.westock.io
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
81946
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 04 Sep 2023 00:14:56 GMT
x-content-type-options
nosniff
age
5812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88145
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Sep 2024 00:14:56 GMT
chosen.min.css
forms.westock.io/brand/scripts/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.westock.io/brand/scripts/chosen.min.css
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
15b715bb34b5345660550cd5fb13910e5f07fda91815c097dab6ffadcc56250e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Mon, 04 Sep 2023 01:51:48 GMT
Last-Modified
Tue, 06 Apr 2021 20:33:42 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"3378-178a8e41310"
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13176
chosen.jquery.js
forms.westock.io/brand/scripts/ 		46 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.westock.io/brand/scripts/chosen.jquery.js
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
f52bfbac56b143acff90d8d3b8d7164ecf46f65469221ccad51ee6ec8236ab92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Mon, 04 Sep 2023 01:51:48 GMT
Last-Modified
Wed, 11 Sep 2019 18:13:21 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"b983-16d2187a89f"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47491
formScript.js
forms.westock.io/brand/scripts/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.westock.io/brand/scripts/formScript.js
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
d2d9802ab887b0eebbb19c77711656ee5e62fa9d473e19e2da3b84e71defb0bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Mon, 04 Sep 2023 01:51:48 GMT
Last-Modified
Tue, 22 Nov 2022 03:24:59 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1e31-1849d5e162c"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7729
js
maps.googleapis.com/maps/api/ 		188 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyD-hvYTdta48JJWVFuC-NEMFond7IrwPiw&libraries=places&callback=initPlaces
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1e4ec8b7af3577235ed1f3d8984804854868ff5264a3cd48cb3000c9e3eb91d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 04 Sep 2023 01:51:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64636
x-xss-protection
0
logoSmall.svg
forms.westock.io/brand/images/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.westock.io/brand/images/logoSmall.svg
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.193.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-193-42.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
a0cc35c6898ba55f00f438179b32610676e385d47233e518dc8e002639db960a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Mon, 04 Sep 2023 01:51:48 GMT
Last-Modified
Tue, 06 Apr 2021 20:33:42 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"11b8-178a8e41310"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4536
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forms.westock.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 29 Aug 2023 09:56:32 GMT
x-content-type-options
nosniff
age
489316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 09:56:32 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD-hvYTdta48JJWVFuC-NEMFond7IrwPiw&libraries=places&callback=initPlaces
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 04 Sep 2023 01:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forms.westock.io
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/ 		253 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD-hvYTdta48JJWVFuC-NEMFond7IrwPiw&libraries=places&callback=initPlaces
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b617813343847b795096eb7d3f93cb23ae098aeb36c7e54b39451d3d946e9d7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 30 Aug 2023 18:30:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
372056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56880
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 22:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Aug 2024 18:30:52 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/ 		154 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD-hvYTdta48JJWVFuC-NEMFond7IrwPiw&libraries=places&callback=initPlaces
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cc835398003aed06c179deb4e5f3b6275361de8d2778387ce266338ad6bcecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 30 Aug 2023 18:30:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
372056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49765
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 22:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Aug 2024 18:30:52 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/ 		88 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD-hvYTdta48JJWVFuC-NEMFond7IrwPiw&libraries=places&callback=initPlaces
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
328a375735a3c847c15a4535c97c33a2a165ec761751bb87ae94f97462a8e4d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 30 Aug 2023 18:30:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
372056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23995
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 22:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Aug 2024 18:30:52 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/3/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD-hvYTdta48JJWVFuC-NEMFond7IrwPiw&libraries=places&callback=initPlaces
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6480caf07c5191163bfbd78988c3126b34e1fe3e62d29e016053e68cfccfc895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 30 Aug 2023 18:30:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
372055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16318
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 22:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Aug 2024 18:30:53 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 04 Sep 2023 01:51:49 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 04 Sep 2023 01:51:49 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: forms.westock.io
URL: https://forms.westock.io/brand/1155?source=email&medium=email&utm_campaign=090423%20VIP%20Sleep%20Tincture%20Sale%2FLabor%20Day%20%2801H9B2VPQD8YZYGPEBHS06KXRJ%29&utm_medium=email&utm_source=Newsletter&_kx=KkcWNarEAiN3ntknKdi_XOn2wxmnJEw3E11IE0E1b_8%3D.J4qcSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.westock.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 04 Sep 2023 01:51:49 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 04 Sep 2023 01:51:49 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| setInputFilter function| addFields function| validate function| selectAllProducts function| initPlaces string| oldZip function| updateOptions object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| autocomplete object| __e3_

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
forms.westock.io
image.westock.io
maps.googleapis.com
maps.gstatic.com
trk.klclick.com
2600:9000:223c:400:14:c8fd:7700:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
3.16.193.42
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fd171582e685076daaddfc6ff7fac1416978de392a67317711b6da9ce18710a
10b03d686984e4da8c8531f2264ace77e95de2340982d755c3f4f9bc2fffc5ba
15b715bb34b5345660550cd5fb13910e5f07fda91815c097dab6ffadcc56250e
1e4ec8b7af3577235ed1f3d8984804854868ff5264a3cd48cb3000c9e3eb91d0
328a375735a3c847c15a4535c97c33a2a165ec761751bb87ae94f97462a8e4d1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
5cc835398003aed06c179deb4e5f3b6275361de8d2778387ce266338ad6bcecb
625b3a8c601adda324d954600096dca03014a83e8bf675a8c7c99cbbfe202651
6480caf07c5191163bfbd78988c3126b34e1fe3e62d29e016053e68cfccfc895
74536753bb3689c7763bb7f972fd97eb79896af7b86a8cf5d8a7ec779a4cb53d
8071c2c134737b36844144d0340e5560b93df47d8d16937db69045e8188fb7fa
a0cc35c6898ba55f00f438179b32610676e385d47233e518dc8e002639db960a
b617813343847b795096eb7d3f93cb23ae098aeb36c7e54b39451d3d946e9d7f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d2d9802ab887b0eebbb19c77711656ee5e62fa9d473e19e2da3b84e71defb0bc
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
f52bfbac56b143acff90d8d3b8d7164ecf46f65469221ccad51ee6ec8236ab92