admin.formstack.com Open in urlscan Pro
35.169.130.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://my.insuresign.com/
Effective URL:
https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
Submission: On June 23 via manual (June 23rd 2022, 4:01:59 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 23 domains to perform 47 HTTP transactions. The main IP is 35.169.130.230, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is admin.formstack.com. The Cisco Umbrella rank of the primary domain is 128464.
TLS certificate: Issued by Amazon on June 9th 2022. Valid for: a year.

This is the only time admin.formstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	99.86.4.66 99.86.4.66	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:a00... 2a04:4e42:a00::282	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ef:... 2a02:26f0:ef:2a2::35c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.237.220 104.111.237.220	16625 (AKAMAI-AS) (AKAMAI-AS)
8	35.169.130.230 35.169.130.230	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223f:ac00:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.64.103.105 18.64.103.105	16509 (AMAZON-02) (AMAZON-02)
2	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:257... 2600:1f18:257:8002:a59d:7b33:6b4e:76c6	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.86.81.34 52.86.81.34	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:2057	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	25

7 99.86.4.66 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-66.fra6.r.cloudfront.net

my.insuresign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef:2a2::35c1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.aadcdn.microsoftonline-p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-220.deploy.static.akamaitechnologies.com

static.zuora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.169.130.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-130-230.compute-1.amazonaws.com

admin.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:ac00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-105.txl50.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:257:8002:a59d:7b33:6b4e:76c6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

prod-sign.auth.us-east-1.amazoncognito.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.81.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-81-34.compute-1.amazonaws.com

oauth.formstackservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2057 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	formstack.com admin.formstack.com — Cisco Umbrella Rank: 128464	1 MB
7	insuresign.com 1 redirects my.insuresign.com — Cisco Umbrella Rank: 295374	10 MB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 l.clarity.ms — Cisco Umbrella Rank: 5137 c.clarity.ms — Cisco Umbrella Rank: 1113	26 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	google.com apis.google.com — Cisco Umbrella Rank: 162 www.google.com — Cisco Umbrella Rank: 8	7 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5448	655 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	98 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1452	27 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	formstackservices.com 1 redirects oauth.formstackservices.com — Cisco Umbrella Rank: 230806	566 B
1	amazoncognito.com 1 redirects prod-sign.auth.us-east-1.amazoncognito.com — Cisco Umbrella Rank: 648572	2 KB
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 9805	9 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1006	147 KB
1	zuora.com static.zuora.com — Cisco Umbrella Rank: 57381	7 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 944	24 KB
1	microsoftonline-p.com secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 11283	15 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1521	417 B
47	23

	Domain	Requested by
8	admin.formstack.com	my.insuresign.com admin.formstack.com
7	my.insuresign.com	1 redirects my.insuresign.com
3	bat.bing.com	admin.formstack.com bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects
2	www.google.de	admin.formstack.com
2	www.google.com	admin.formstack.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	admin.formstack.com www.googletagmanager.com
2	cdn.segment.com	my.insuresign.com cdn.segment.com
1	c.bing.com	1 redirects
1	l.clarity.ms	www.clarity.ms
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	px4.ads.linkedin.com	admin.formstack.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	admin.formstack.com
1	fonts.googleapis.com	admin.formstack.com
1	oauth.formstackservices.com	1 redirects
1	prod-sign.auth.us-east-1.amazoncognito.com	1 redirects
1	public.profitwell.com	my.insuresign.com
1	cdn.pendo.io	my.insuresign.com
1	static.zuora.com	my.insuresign.com
1	unpkg.com	my.insuresign.com
1	secure.aadcdn.microsoftonline-p.com	my.insuresign.com
1	apis.google.com	my.insuresign.com
1	polyfill.io	my.insuresign.com
47	30

This site contains no links.

Subject Issuer	Validity	Valid
*.insuresign.com Amazon	`2021-12-12` - `2023-01-09`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
secure.aadcdn.microsoftonline-p.com Microsoft RSA TLS CA 02	`2021-11-18` - `2022-11-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
WWW.ZUORA.COM COMODO RSA Domain Validation Secure Server CA	`2021-07-15` - `2022-07-15`	a year	crt.sh
admin.formstack.com Amazon	`2022-06-09` - `2023-07-08`	a year	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
*.profitwell.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
Frame ID: 8C475FA131DE7C55B877E290933C237F
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Formstack Admin

Page URL History Show full URLs

http://my.insuresign.com/ HTTP 301
https://my.insuresign.com/ Page URL
https://prod-sign.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https://my.insuresign.com&response_type=code&c... HTTP 302
https://oauth.formstackservices.com/oauth2/auth?client_id=insuresign&redirect_uri=https%3A%2F%2Fprod-sign.auth.u... HTTP 302
https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

47
Requests

96 %
HTTPS

64 %
IPv6

23
Domains

30
Subdomains

25
IPs

4
Countries

12205 kB
Transfer

13028 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://my.insuresign.com/ HTTP 301
https://my.insuresign.com/ Page URL
https://prod-sign.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https://my.insuresign.com&response_type=code&client_id=3d2h3hnklp0bl0d0pov8hnpvvt&identity_provider=Formstack&scope=openid+email+profile HTTP 302
https://oauth.formstackservices.com/oauth2/auth?client_id=insuresign&redirect_uri=https%3A%2F%2Fprod-sign.auth.us-east-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=openid+email+platform_roles+profile&response_type=code&state=H4sIAAAAAAAAAG1S2XLaMBT9Fz_HxCtDeSMswYALxE4g6XQYIQlbtiwJSTZLp_9emYROH_qk0bnn3OXc-8uqFZYrzmmErL752Bgobbs7142nk1m4aKwHS0jeEITld1BhQ5pwWSkNYGlCkBLM9E3rIy_3c1ZS4eypgxzBm17ORNNow5MYEYmhfn2JDDXXWqj-42N16RCmaokVyVgH8urGVIIzhdOLaItBjvA_LXyhy2g0NKiCXGBl9X9Y5mUEGQhXgNBPwYFQbP00LA20EbGa0odbvmEOKMUs-z8YY51zdA8xzmBb8f05OV3LJNv45xCcrr30-Norx9_C5Vt82YTrgg_OwbGoilUMw49jvU2FkL28Z5-267099qM09Hw2PnbnA_FU7N7GU885jNFVO1XkZ36wy7bnyPOfYVKMVk-ldM7SHk4X8-Ul0LugUICRIDydvXV1XDq7fTTxSTnbzOO0O1tliSeTd_0xChflMImd1hgsGyynXOkVl9q0b-xA9s1lUOu883fPHVCBqxmRZ4xo_rUCKDHQhLOUVDjBkDNkPHa7YddxHNcN2vRKmfjdo_aEBlpLsq91u45P9Ga7uZUFYSVhWXLXHABV-PcfcN7KynkCAAA.H4sIAAAAAAAAAAEgAN__5OPDTP-0Vrgw1fywxtmVMcXI_7lbym3uUxD2JXDprz7FfoPrIAAAAA.4 HTTP 302
https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://my.insuresign.com/ HTTP 301
https://my.insuresign.com/

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D114921%26time%3D1656000116537%26url%3Dhttps%253A%252F%252Fadmin.formstack.com%252Flogin%253Flogin_challenge%253D555b107aa3204351bd8af88d6aa1b712%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&liSync=true&e_ipv6=AQK9HHB3u6SgBwAAAYGRTHkMFWlZAn3eSuJZG4QxLkg6fTSIOw4jyH2k4ohBxp3tvHA6tfOq5FsCag

Request Chain 45

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=BFE4CB47ADE2446DA9EEDA6A56EE07EA&RedC=c.clarity.ms&MXFR=1C6186DD5B17627413E697115F176CD9 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=BFE4CB47ADE2446DA9EEDA6A56EE07EA&MUID=1DD0614C18BA62692088708019686314

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
my.insuresign.com/
Redirect Chain

http://my.insuresign.com/
https://my.insuresign.com/

5 KB
6 KB

116ms
63ms

Document
text/html

99.86.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.insuresign.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-66.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

031f019950ddd385a7dbd73d0d69be84b7e80e29c4b96b9b109ae674a3604d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 2050
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 5241
Content-Type: text/html
Date: Thu, 23 Jun 2022 15:27:44 GMT
Etag: "111bbd952194e84fe4d2785ca5d28583"
Last-Modified: Thu, 23 Jun 2022 15:22:32 GMT
Server: AmazonS3
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Amz-Cf-Id: b848rmdk2iD9pJxRZq9g8LH3S6ZULmRaqt1C82y_mA2r3ZOz5VXrKA==
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 183
Content-Type: text/html
Date: Thu, 23 Jun 2022 16:01:53 GMT
Location: https://my.insuresign.com/
Server: CloudFront
Via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: RksX1vr74mT4zEGXcDSbxT-QTDlUma2yM3jE7fQcyRNd3gTZwwWkag==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Redirect from cloudfront

GET
H/1.1 200
OK lib-4ebd73d343.css
my.insuresign.com/styles/ 237 KB
237 KB 33ms
32ms Stylesheet
text/css 99.86.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.insuresign.com/styles/lib-4ebd73d343.css

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-66.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

29774c78885ecb34b4e94b3591d8ef07afc6a0d976a25da672664cd023b5d331

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 15:27:22 GMT
Via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2072
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 242507
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 23 Jun 2022 15:22:32 GMT
Server: AmazonS3
X-Frame-Options: DENY
Etag: "4ebd73d3436592648a465f417a29297d"
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Content-Type: text/css
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: zgMq8Z6N3zg8YrstD5MUp9iBzJWsHiN6iNdfjDrFzLBJvW5NtXhsQQ==

GET
H/1.1 200
OK app-fb40831fb9.css
my.insuresign.com/styles/ 258 KB
259 KB 100ms
55ms Stylesheet
text/css 99.86.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.insuresign.com/styles/app-fb40831fb9.css

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-66.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7cdfd2bc5fd496cf72479bef2bd4cd6dfaae286b9043ccacbd78711bc8cbb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 15:27:22 GMT
Via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2072
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 264587
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 23 Jun 2022 15:22:32 GMT
Server: AmazonS3
X-Frame-Options: DENY
Etag: "fb40831fb92aa49bf6d8116413111d26"
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Content-Type: text/css
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: R1YkxTfMwkuN6AKNV3ysdugL3VrLS5LhmLC0uA3COuxTZ8sqRENOEg==

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 87ms
37ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=Object.assign
Requested by: Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:53 GMT
content-encoding: br
last-modified: Mon, 13 Jun 2022 20:50:31 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/103.0.0
server-timing: cache-hhn4037, PASS, fastly;desc="Edge time";dur=17
accept-ranges: bytes
content-length: 94

GET
H/1.1 200
OK lib-d3c87ab80a.js Show response
my.insuresign.com/js/ 3 MB
3 MB 109ms
62ms Script
application/javascript 99.86.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.insuresign.com/js/lib-d3c87ab80a.js

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-66.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aaaa4a152319978d67374643f4d8b988b447aaed0419cc351b12fcda05e26815

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 15:27:22 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2072
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2746431
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 23 Jun 2022 15:22:32 GMT
Server: AmazonS3
X-Frame-Options: DENY
Etag: "d3c87ab80af6581323d2d8a137d263dc"
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: ndU6eLvZYj_LLK0eNYJ1n40HZGVnOHH1RvbWsnYfQt4wNjKok3d7ug==

GET
H/1.1 200
OK app-3010e14237.js Show response
my.insuresign.com/js/ 7 MB
7 MB 100ms
52ms Script
application/javascript 99.86.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.insuresign.com/js/app-3010e14237.js

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-66.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b3d744df555ec8b18a5e065e6ac0ff42388fa550c111f3e6c5b11bece87a7ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 15:27:22 GMT
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2072
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7704677
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 23 Jun 2022 15:22:32 GMT
Server: AmazonS3
X-Frame-Options: DENY
Etag: "3010e1423795fba2c5c5b7aede0ac149"
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: L1GOcR4KbZiYQ8Yn_t6-2J_Y7UWHerilrI_Dkp2xsDoogyX3BNFxRA==

GET
H2 200 api.js Show response
apis.google.com/js/ 14 KB
6 KB 83ms
33ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ea949901347c2d47eee3e4b87b2a01ed7da200797ca5f7833895bc7b2eb898

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 23 Jun 2022 16:01:53 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "62022d8722bdbfd3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 16:01:53 GMT

GET
H/1.1 200
OK msal.min.js
secure.aadcdn.microsoftonline-p.com/lib/0.1.3/js/ 61 KB
15 KB 737ms
618ms Script
application/x-javascript 2a02:26f0:ef:2a2::35c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.aadcdn.microsoftonline-p.com/lib/0.1.3/js/msal.min.js

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:ef:2a2::35c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:01:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 May 2019 23:43:02 GMT
Content-MD5: CPIjjoK7SFUHN2rRknBFHw==
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Strict-Transport-Security: max-age=31536000
Content-Length: 14832

GET
H2 200 graph-js-sdk-web.js Show response
unpkg.com/@microsoft/microsoft-graph-client@1.0.0/lib/ 92 KB
24 KB 87ms
39ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@microsoft/microsoft-graph-client@1.0.0/lib/graph-js-sdk-web.js

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae06086760fc9d95eb800b8b9307dc7d4b48cae408dce14661fdb9ee841663b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11780289
fly-request-id: 01FV9J6VRQ0305F29KD1048041
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 19 Apr 2017 16:30:35 GMT
server: cloudflare
etag: W/"17189-sUkKYOYWT4WTl0ovqlCkficl2Cg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 71fe71e539fd691f-FRA

GET
H/1.1 200
OK zuora-min.js Show response
static.zuora.com/Resources/libs/hosted/1.3.1/ 18 KB
7 KB 127ms
26ms Script
application/javascript 104.111.237.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zuora.com/Resources/libs/hosted/1.3.1/zuora-min.js
Requested by: Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.237.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:01:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 13:06:58 GMT
Server: nginx
ETag: "62a887f2-4724"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6646

GET
H2 200 session-poller-v2.js
admin.formstack.com/js/ 26 KB
27 KB 674ms
210ms Script
application/javascript 35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.formstack.com/js/session-poller-v2.js

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 12:10:14 GMT
server: nginx
etag: "62b45826-68d4"
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 26836
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK pendo.js
cdn.pendo.io/agent/static/bd063a2a-b46e-4004-5b6e-287ad385b223/ 477 KB
147 KB 117ms
26ms Script
application/javascript 2600:9000:223f:ac00:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/bd063a2a-b46e-4004-5b6e-287ad385b223/pendo.js
Requested by: Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 15:57:46 GMT
Content-Encoding: gzip
Age: 248
X-GUploader-UploadID: ADPycds0rvxAApRUIM2VlJ8miy8T4X6c54os6unUU6K9_5ctdFzYmVqdoKR0mybgSXJb2BoRBHHfRJ3vx4lkZ_ThSmVp8w
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 149867
Access-Control-Allow-Origin: *
Last-Modified: Mon, 20 Jun 2022 18:19:18 GMT
Server: UploadServer
ETag: "abefe52470f36ac7188f5ccfb4c09152"
Vary: Accept-Encoding
x-goog-hash: crc32c=b1arhw==, md5=q+/lJHDzascYj1zPtMCRUg==
x-goog-generation: 1655749158425466
Via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 149867
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: nJZyzudqUyBQr8LNH1fCUfK3Z0sM3U5PO4j5VYxy8iHxjYAr2DGyfA==
Expires: Thu, 23 Jun 2022 16:05:16 GMT

GET
H2 200 profitwell.js
public.profitwell.com/js/ 35 KB
9 KB 96ms
25ms Script
application/x-javascript 18.64.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=5c8b6aecb451ced993471a14dd9e0696
Requested by: Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-105.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: znDY4nYU90M6zr4dzZFQuN8coA9KbBKW
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 14:00:55 GMT
server: AmazonS3
age: 47868
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 d2182626bf7a31d463bb4b9335724f24.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
date: Thu, 23 Jun 2022 02:44:07 GMT
x-amz-cf-pop: TXL50-P3
x-amz-cf-id: g2GKHholbitnV6uuQqu8T4441do0UB-GSSG945cLwV-dgtmnllZ33Q==

GET
H2 200 analytics.min.js
cdn.segment.com/analytics.js/v1/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/ 95 KB
26 KB 98ms
26ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/analytics.min.js
Requested by: Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: OpG7B7YwzbyKhBhIn99FrpvCWMScKoZ.
content-encoding: br
etag: W/"f2b7f202894151028668c12e8606fe90"
age: 35
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 22 Jun 2022 17:50:48 GMT
server: AmazonS3
date: Thu, 23 Jun 2022 16:01:20 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: AcTLrkFTR7CFe56i3-9w3xhf9ubhJBEKjGf3B1nIw99eqP_T_SC79A==

GET
H2

200

Primary Request login Show response
admin.formstack.com/
Redirect Chain

https://prod-sign.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https://my.insuresign.com&response_type=code&client_id=3d2h3hnklp0bl0d0pov8hnpvvt&identity_provider=Formstack&scope=...
https://oauth.formstackservices.com/oauth2/auth?client_id=insuresign&redirect_uri=https%3A%2F%2Fprod-sign.auth.us-east-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=openid+email+platform_roles+p...
https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

5 KB
6 KB

171ms
171ms

Document
text/html

35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Requested by

Host: my.insuresign.com
URL: https://my.insuresign.com/js/app-3010e14237.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

008dd7f26ccd44e26071fdcc1dcb24f341d61825c071de9956261395437ba504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.insuresign.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private public
content-type: text/html; charset=UTF-8
date: Thu, 23 Jun 2022 16:01:55 GMT
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

Redirect headers

content-length: 105
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 16:01:55 GMT
location: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

GET
H/1.1 200
OK loading.gif
my.insuresign.com/images/ 10 KB
10 KB 37ms
37ms Image
image/gif 99.86.4.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.insuresign.com/images/loading.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-66.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 15:27:49 GMT
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2046
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9853
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 23 Jun 2022 15:22:32 GMT
Server: AmazonS3
X-Frame-Options: DENY
Etag: "7d22094bb5271dec5e4634c274a5d3e0"
Strict-Transport-Security: max-age=300; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: E3D_pRm2LdtjZlbAwHRc437g4Huv23YQvg956nn8HXfLKsjYRqLNSA==

GET
H2 200 settings
cdn.segment.com/v1/projects/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/ 603 B
1 KB 73ms
21ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.insuresign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Qa9t3N81Tyk6HSYyB_PuQ35AJ7Iuz9iK
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
etag: "bc71cee03c93e59c676a6c60e0be803b"
age: 6768
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 603
last-modified: Tue, 14 Jun 2022 21:51:14 GMT
server: AmazonS3
date: Thu, 23 Jun 2022 14:09:07 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: sU91POt52_UmweqVmwOcpecmoIruBX_HkzoW_B7Bw5h20BohWDEunA==

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 88ms
31ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52d34d9fbcd0fbbc245cc05cf2e9704209ce3a7681f37bebeeca51cf7dc29346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 15:55:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Jun 2022 16:01:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Jun 2022 16:01:55 GMT

GET
H2 200 public.css
admin.formstack.com/css/ 3 KB
4 KB 108ms
107ms Stylesheet
text/css 35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.formstack.com/css/public.css?id=2f3789b10ad399c8f82cbb9badca58b9

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

58d255df8d05506edd384c276193b15856789f4afa37bbe4e91244663be889a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 12:12:06 GMT
server: nginx
etag: "62b45896-df6"
x-frame-options: sameorigin
content-type: text/css
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3574
x-xss-protection: 1; mode=block

GET
H2 200 vendor.js Show response
admin.formstack.com/js/public/ 948 KB
950 KB 108ms
108ms Script
application/javascript 35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.formstack.com/js/public/vendor.js?id=1fc70dc022a7be37932f0491917f260c

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f9d6e733697b8b9d219e53fb8f1848b73f83e606fcc6f5b6c68dcacb17cf6c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 12:12:06 GMT
server: nginx
etag: "62b45896-ed1d4"
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 971220
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 83ms
34ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15307491-1

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b4c5e34cda818bb1ecd8cdd6c26178ea7eb3a36d0ccf5e178944860c85355b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39851
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 15:04:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 16:01:56 GMT

GET
H2 200 formstack-sign.svg
admin.formstack.com/images/ 4 KB
4 KB 105ms
104ms Image
image/svg+xml 35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.formstack.com/images/formstack-sign.svg

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e865ae5ab6ea9e32b78696f079d3e1f229419087bae63d878b00d64802883fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 12:12:06 GMT
server: nginx
etag: "62b45896-f25"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3877
x-xss-protection: 1; mode=block

GET
H2 200 login.js Show response
admin.formstack.com/js/ 37 KB
37 KB 305ms
304ms Script
application/javascript 35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.formstack.com/js/login.js?id=369f2eaf8c96cfecde724df94e9f48c7

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c48e67b735f0dfc8bbac3b0da27b2d58d5497f1049152bcf000b4405cca46d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 12:12:06 GMT
server: nginx
etag: "62b45896-92fd"
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 37629
x-xss-protection: 1; mode=block

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 74ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://admin.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 74172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:25:44 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 80ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://admin.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 74223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:24:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 75ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://admin.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 67133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 21:23:03 GMT

GET
H2 200 google.svg
admin.formstack.com/images/ 15 KB
15 KB 108ms
107ms Image
image/svg+xml 35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.formstack.com/images/google.svg?a26989915dcc63d997c692a5f833717e

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3868cc9d09f519cabb2e3e688963e5041b75d8c60716db58cf73fccb100e4fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 12:12:06 GMT
server: nginx
etag: "62b45896-3b36"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 15158
x-xss-protection: 1; mode=block

GET
H2 200 apple.svg
admin.formstack.com/images/ 5 KB
5 KB 108ms
108ms Image
image/svg+xml 35.169.130.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://admin.formstack.com/images/apple.svg?dbccb7a335db45304a1f6075530c83af

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.130.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-130-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6899996c9f1de2a1cc7ef2748922d7ff90f1a48e84885be86561a04e877551b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 12:12:06 GMT
server: nginx
etag: "62b45896-146b"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5227
x-xss-protection: 1; mode=block

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 104ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C62106626B404974AFFC07043779257B Ref B: FRAEDGE1210 Ref C: 2022-06-23T16:01:56Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 16:01:56 GMT
accept-ranges: bytes
content-length: 11360

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 76ms
20ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 16:01:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=68435
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15307491-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4369
date: Thu, 23 Jun 2022 14:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Jun 2022 16:49:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 158 KB
58 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1023230933&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15307491-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9e03402e47bc7a444ad263f710f691f4f1aa507dfcf74924df04a018fe1c37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59631
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 15:04:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 16:01:56 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D114921%26time%3D1656000116537%26url%3Dhttps%253A%252F%252Fadmin.formstack.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&liSync=true&e_ipv6=A...

0
267 B

168ms
121ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&liSync=true&e_ipv6=AQK9HHB3u6SgBwAAAYGRTHkMFWlZAn3eSuJZG4QxLkg6fTSIOw4jyH2k4ohBxp3tvHA6tfOq5FsCag
Requested by: Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2CA6AD5CCF0342FFBBD24B4849C5D17C Ref B: FRAEDGE1313 Ref C: 2022-06-23T16:01:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiH5K7k/R/QX+xkzQE7w==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 23 Jun 2022 16:01:56 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8CED217706404107A274130DCB36B177 Ref B: VIEEDGE1207 Ref C: 2022-06-23T16:01:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1656000116537&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&liSync=true&e_ipv6=AQK9HHB3u6SgBwAAAYGRTHkMFWlZAn3eSuJZG4QxLkg6fTSIOw4jyH2k4ohBxp3tvHA6tfOq5FsCag
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiH5K4oiHrHEO1cil5Aw==

GET
H2 200 5218350.js Show response
bat.bing.com/p/action/ 218 B
474 B 177ms
177ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5218350.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d8d84d555039198855003b483404fb2a1d6690764beaa647e52a17a2180ca52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00092311C0C440A9B872EC8B6FC07213 Ref B: FRAEDGE1210 Ref C: 2022-06-23T16:01:56Z
date: Thu, 23 Jun 2022 16:01:56 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 299

GET
H2 204 0
bat.bing.com/action/ 0
175 B 44ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5218350&Ver=2&mid=99435eb2-e624-420e-9c7c-cc236504b9a7&sid=ce782600f30d11ecb40fa51221860c37&vid=ce788100f30d11eca9ce4f5b79c48d43&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Formstack%20Admin&p=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&r=https%3A%2F%2Fmy.insuresign.com%2F&lt=1979&evt=pageLoad&msclkid=N&sv=1&rn=135072

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 904577120BFA46649BDD7BBCE5971E85 Ref B: FRAEDGE1210 Ref C: 2022-06-23T16:01:56Z
date: Thu, 23 Jun 2022 16:01:56 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 110ms
55ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1023230933&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Jun 2022 16:01:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
27ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=669286737&t=pageview&_s=1&dl=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&dr=https%3A%2F%2Fmy.insuresign.com%2F&ul=en-us&de=UTF-8&dt=Formstack%20Admin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=135053825&gjid=2091630502&cid=675277747.1656000117&tid=UA-15307491-1&_gid=656062675.1656000117&_r=1&gtm=2ou6f0&z=621726823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.formstack.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin.formstack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 90ms
27ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15307491-1&cid=675277747.1656000117&jid=135053825&gjid=2091630502&_gid=656062675.1656000117&_u=YEBAAUAAAAAAAC~&z=1002991262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.formstack.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Jun 2022 16:01:56 GMT
content-type: text/plain
access-control-allow-origin: https://admin.formstack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023230933/ 2 KB
2 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023230933/?random=1656000116721&cv=9&fst=1656000116721&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&ref=https%3A%2F%2Fmy.insuresign.com%2F&tiba=Formstack%20Admin&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fef71ee118c84c2c851e0cea57920a75907455481b14a4d9e17e3e14abd727c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5218350 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 178ms
113ms Script
application/x-javascript 2620:1ec:27::cafe:2057
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5218350
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5218350.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2057 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e99b93c5c4cc44df7df5aa253d398d638ebbb0c205e783bd48ce1c48a3b5cca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
x-powered-by: ASP.NET
x-azure-ref: 0dI60YgAAAADEMTQiYu7JRIocPOtjy1oHRFVTMzBFREdFMDYyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 97ms
50ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15307491-1&cid=675277747.1656000117&jid=135053825&_u=YEBAAUAAAAAAAC~&z=1031945461

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 95ms
45ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15307491-1&cid=675277747.1656000117&jid=135053825&_u=YEBAAUAAAAAAAC~&z=1031945461

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1023230933/ 42 B
548 B 54ms
43ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1023230933/?random=1656000116721&cv=9&fst=1656000000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&ref=https%3A%2F%2Fmy.insuresign.com%2F&tiba=Formstack%20Admin&async=1&fmt=3&is_vtc=1&random=2391327489&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1023230933/ 42 B
548 B 52ms
39ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1023230933/?random=1656000116721&cv=9&fst=1656000000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3D555b107aa3204351bd8af88d6aa1b712&ref=https%3A%2F%2Fmy.insuresign.com%2F&tiba=Formstack%20Admin&async=1&fmt=3&is_vtc=1&random=2391327489&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=555b107aa3204351bd8af88d6aa1b712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-e/s/0.6.34/ 53 KB
23 KB 108ms
108ms Script
application/javascript 2620:1ec:27::cafe:2057
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-e/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5218350
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2057 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:01:56 GMT
content-encoding: br
etag: "1d8849082142e54"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0dI60YgAAAAC1mGPgeGjESbdp62jY+e+CRFVTMzBFREdFMDYyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 204 collect Show response
l.clarity.ms/ 0
177 B 429ms
101ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-e/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://admin.formstack.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://admin.formstack.com
date: Thu, 23 Jun 2022 16:01:56 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=BFE4CB47ADE2446DA9EEDA6A56EE07EA&RedC=c.clarity.ms&MXFR=1C6186DD5B17627413E697115F176CD9
https://c.clarity.ms/c.gif?CtsSyncId=BFE4CB47ADE2446DA9EEDA6A56EE07EA&MUID=1DD0614C18BA62692088708019686314

42 B
367 B

41ms
41ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=BFE4CB47ADE2446DA9EEDA6A56EE07EA&MUID=1DD0614C18BA62692088708019686314
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:56 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:01:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C649CAE107244C4EA96A3B6905DFFE39 Ref B: FRAEDGE1210 Ref C: 2022-06-23T16:01:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=BFE4CB47ADE2446DA9EEDA6A56EE07EA&MUID=1DD0614C18BA62692088708019686314
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prod-sign.auth.us-east-1.amazoncognito.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 8ce6abf9-038d-4b19-9f82-4f5606617a40
prod-sign.auth.us-east-1.amazoncognito.com/	1970-01-20 04:00:00	Name: csrf-state Value: YGSwzkSgW3x5awz8TqU8kE95OVMyW5QjoAx4qjmjPMc5ZquXTppr8h8-wXQb-E3IT523nEq6KApBj_VEH20fEdzt0mI3g34_gXxI23GcSjDPBkr0xr-CHLKOy4t_4jsani45wx2QmqO0_bIF3ikJWKMT6JPgS2rSYtZD5LkCSM0
prod-sign.auth.us-east-1.amazoncognito.com/	1970-01-20 04:00:00	Name: csrf-state-legacy Value: YGSwzkSgW3x5awz8TqU8kE95OVMyW5QjoAx4qjmjPMc5ZquXTppr8h8-wXQb-E3IT523nEq6KApBj_VEH20fEdzt0mI3g34_gXxI23GcSjDPBkr0xr-CHLKOy4t_4jsani45wx2QmqO0_bIF3ikJWKMT6JPgS2rSYtZD5LkCSM0
oauth.formstackservices.com/	1969-12-31 23:59:59	Name: oauth2_authentication_csrf Value: MTY1NjAwMDExNXxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR1l3T1RNMk1UQXlPV1EwTmpSaVpqZzROamRpWm1NelpUVmtORGhtWkRrMHxlSH2eV-_JYmM_oHA9U-mNYfI7_1Tk8pITZ5MKk2AJNw==
oauth.formstackservices.com/	1969-12-31 23:59:59	Name: oauth2_authentication_csrf_legacy Value: MTY1NjAwMDExNXxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR1l3T1RNMk1UQXlPV1EwTmpSaVpqZzROamRpWm1NelpUVmtORGhtWkRrMHyt5gSsJe4jWNOmKaryCZJA3-kieXT-ysOojmoy_c2p1w==
admin.formstack.com/	1970-02-14 00:31:23	Name: XSRF-TOKEN Value: eyJpdiI6IjZmVzEyTG80OTd1SStpdml3Z2MxdGc9PSIsInZhbHVlIjoicndrdHZ5dnkyZHNzbHZSN2VvOVVBbUZSZHB6eEZnam02bDlWYjY4YjBTRiswNWRYdHg5Qms1QnpkNVJZUlJlTFlGUDMvSmg0em96STRud0U3YXZZc3dJekhvUmlZVVdWa0pHZlBQRmJ4bjNMZkptVG1XY2pubnJEeGJ4am5NRjYiLCJtYWMiOiI4YzFjNGI1MmJmYjA0YzA1MDNiYmQ1ODQwYTg1MTczNmU0MzdhMTk4MjIxMmViNzE5ODgwMzAzZWU1ZWYwMmFlIiwidGFnIjoiIn0%3D
admin.formstack.com/	1970-02-14 00:31:23	Name: formstack_admin_session Value: eyJpdiI6IjJHeENsNmh1em9GN3JXZGdaSVhCdFE9PSIsInZhbHVlIjoiNG1PNFNHRlVmZEtWQzljaHpmN21PKzg3NFE2bGNzYlBtSklCK2NCSVJjVVhvVC9LcFpIY1JvOVQ0aDUydE5VK0dtVUpoQnhOVlhUV292SmJ2dzRQOU1aT3R4empXN3hPK3NoZFBWUitMdmZJQVhUb1hwZTlOM2RMTHl6VEZ5SnMiLCJtYWMiOiJjYWIyODg2NTgwYmRjNjFmMWMxY2I5Y2MyNjE2NjU0ZWFjNmNhZjBiNWM4M2Y1NTkwYjJhYmY3MzhmYWUxYzJkIiwidGFnIjoiIn0%3D
.bing.com/	1970-01-20 13:21:36	Name: MUID Value: 1DD0614C18BA62692088708019686314
.formstack.com/	1970-01-20 04:01:26	Name: _uetsid Value: ce782600f30d11ecb40fa51221860c37
.formstack.com/	1970-01-20 13:21:36	Name: _uetvid Value: ce788100f30d11eca9ce4f5b79c48d43
.formstack.com/	1970-01-20 06:09:36	Name: _gcl_au Value: 1.1.568944707.1656000117
.formstack.com/	1970-01-20 21:31:12	Name: _ga Value: GA1.2.675277747.1656000117
.formstack.com/	1970-01-20 04:01:26	Name: _gid Value: GA1.2.656062675.1656000117
.formstack.com/	1970-01-20 04:00:00	Name: _gat_gtag_UA_15307491_1 Value: 1
.linkedin.com/	1970-01-20 04:43:12	Name: UserMatchHistory Value: AQI-VmkXXFk7ewAAAYGRTHfqcPYTYOdvh9zCdxI6kMZzzGXX18Fje_0Z7k15PVZov2I7Yr4LH0i8aQ
.linkedin.com/	1970-01-20 04:43:12	Name: AnalyticsSyncHistory Value: AQKqRCtqjVdHmwAAAYGRTHfqghYkG-nz7RBdJDKX-j0RegEupqEVvpMIa-R_C7ciCSNIMeVfXUwf3XC4Hnb6Xw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:31:53	Name: bcookie Value: "v=2&97f0bafa-2753-41d3-83ce-4a1233b9abdc"
.linkedin.com/	1970-01-20 04:01:26	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2657:u=1:x=1:i=1656000116:t=1656086516:v=2:sig=AQHZVdeqsr4gvj1x2MFo0454TDb4_DFY"
.doubleclick.net/	1970-01-20 04:00:01	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:31:53	Name: bscookie Value: "v=1&20220623160156ace9f049-4db2-4379-8c34-26ca833cfc99AQEFeQ-lUEVxSmlYe9HqRe6PnvXdVxnR"
.linkedin.com/	1970-01-20 21:30:22	Name: li_gc Value: MTswOzE2NTYwMDAxMTY7MjswMjFhwQrugwEkHdtkzh/iFoS5IuaYjQ4E6Bla6YqLb4CPeg==
www.clarity.ms/	1970-01-20 12:45:36	Name: CLID Value: 7c0daa463b0142b6901ebe7358dedc4e.20220623.20230623
.formstack.com/	1970-01-20 12:45:36	Name: _clck Value: 1i5pbko\|1\|f2k\|0
.c.bing.com/	1970-01-20 13:21:36	Name: SRM_B Value: 1DD0614C18BA62692088708019686314
.formstack.com/	1970-01-20 04:01:26	Name: _clsk Value: gwh01s\|1656000117608\|1\|1\|l.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:21:36	Name: MUID Value: 1DD0614C18BA62692088708019686314
.c.clarity.ms/	1970-01-20 04:00:00	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.formstack.com
apis.google.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.pendo.io
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.clarity.ms
my.insuresign.com
oauth.formstackservices.com
polyfill.io
prod-sign.auth.us-east-1.amazoncognito.com
public.profitwell.com
px.ads.linkedin.com
px4.ads.linkedin.com
secure.aadcdn.microsoftonline-p.com
snap.licdn.com
static.zuora.com
stats.g.doubleclick.net
unpkg.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.111.237.220
13.107.42.14
142.250.181.226
18.64.103.105
18.66.115.169
20.120.65.166
20.234.93.27
2600:1f18:257:8002:a59d:7b33:6b4e:76c6
2600:9000:223f:ac00:1f:aa31:7740:93a1
2606:4700::6810:7caf
2620:1ec:22::14
2620:1ec:27::cafe:2057
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9d
2a00:1450:400e:800::200a
2a02:26f0:3500:16::215:14a0
2a02:26f0:ef:2a2::35c1
2a04:4e42:a00::282
35.169.130.230
52.86.81.34
99.86.4.66
008dd7f26ccd44e26071fdcc1dcb24f341d61825c071de9956261395437ba504
031f019950ddd385a7dbd73d0d69be84b7e80e29c4b96b9b109ae674a3604d45
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1b4c5e34cda818bb1ecd8cdd6c26178ea7eb3a36d0ccf5e178944860c85355b6
29774c78885ecb34b4e94b3591d8ef07afc6a0d976a25da672664cd023b5d331
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
3868cc9d09f519cabb2e3e688963e5041b75d8c60716db58cf73fccb100e4fad
3ae06086760fc9d95eb800b8b9307dc7d4b48cae408dce14661fdb9ee841663b
52d34d9fbcd0fbbc245cc05cf2e9704209ce3a7681f37bebeeca51cf7dc29346
58d255df8d05506edd384c276193b15856789f4afa37bbe4e91244663be889a8
6899996c9f1de2a1cc7ef2748922d7ff90f1a48e84885be86561a04e877551b2
73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
98ea949901347c2d47eee3e4b87b2a01ed7da200797ca5f7833895bc7b2eb898
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aaaa4a152319978d67374643f4d8b988b447aaed0419cc351b12fcda05e26815
b3d744df555ec8b18a5e065e6ac0ff42388fa550c111f3e6c5b11bece87a7ac2
c48e67b735f0dfc8bbac3b0da27b2d58d5497f1049152bcf000b4405cca46d8d
c7cdfd2bc5fd496cf72479bef2bd4cd6dfaae286b9043ccacbd78711bc8cbb84
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8d84d555039198855003b483404fb2a1d6690764beaa647e52a17a2180ca52c
d9e03402e47bc7a444ad263f710f691f4f1aa507dfcf74924df04a018fe1c37a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e865ae5ab6ea9e32b78696f079d3e1f229419087bae63d878b00d64802883fca
e99b93c5c4cc44df7df5aa253d398d638ebbb0c205e783bd48ce1c48a3b5cca5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f9d6e733697b8b9d219e53fb8f1848b73f83e606fcc6f5b6c68dcacb17cf6c08
fef71ee118c84c2c851e0cea57920a75907455481b14a4d9e17e3e14abd727c2

admin.formstack.com Open in urlscan Pro 35.169.130.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

64 %IPv6

23 Domains

30 Subdomains

25 IPs

4 Countries

12205 kBTransfer

13028 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

admin.formstack.com Open in urlscan Pro
35.169.130.230 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

64 %
IPv6

23
Domains

30
Subdomains

25
IPs

4
Countries

12205 kB
Transfer

13028 kB
Size

30
Cookies

47 HTTP transactions
0 data transactions