urlscan.io logo urlscan.io
SecurityTrails logo

admin.formstack.com Open in urlscan Pro
54.209.33.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.insuresign.com/
Effective URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Submission: On October 24 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 2 countries across 23 domains to perform 46 HTTP transactions. The main IP is 54.209.33.14, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is admin.formstack.com. The Cisco Umbrella rank of the primary domain is 120963.
TLS certificate: Issued by Amazon on June 9th 2022. Valid for: a year.
This is the only time admin.formstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    52.222.139.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-115.ams50.r.cloudfront.net
my.insuresign.com
1    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a02:26f0:3500:594::35c1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
secure.aadcdn.microsoftonline-p.com
1    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    23.205.231.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-231-176.deploy.static.akamaitechnologies.com
static.zuora.com
8    54.209.33.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-33-14.compute-1.amazonaws.com
admin.formstack.com
1    2600:9000:2204:8c00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
1    52.222.139.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-90.ams50.r.cloudfront.net
public.profitwell.com
2    13.227.222.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-222-191.ams54.r.cloudfront.net
cdn.segment.com
1    2600:1f18:257:8000:7200:b64c:ae35:d7b6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
prod-sign.auth.us-east-1.amazoncognito.com
1    54.92.231.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-231-93.compute-1.amazonaws.com
oauth.formstackservices.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80b::2003 (None, )

ASN- ()
fonts.gstatic.com
3    2620:1ec:c11::200 (None, )

ASN- ()
bat.bing.com
1    2a02:26f0:3500:16::215:14a0 (None, )

ASN- ()
snap.licdn.com
2    2a00:1450:4001:830::200e (None, )

ASN- ()
www.google-analytics.com
1    142.250.186.98 (None, )

ASN- ()
www.googleadservices.com
1    2a00:1450:400c:c06::9b (None, )

ASN- ()
stats.g.doubleclick.net
1    2a00:1450:4001:808::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
2    2620:1ec:49::60 (None, )

ASN- ()
www.clarity.ms
2    2a00:1450:4001:803::2004 (None, )

ASN- ()
www.google.com
2    2a00:1450:4001:806::2003 (None, )

ASN- ()
www.google.de
Apex Domain
Subdomains		 Transfer
8 formstack.com
admin.formstack.com — Cisco Umbrella Rank: 120963
1 MB
6 insuresign.com
my.insuresign.com — Cisco Umbrella Rank: 407788
10 MB
3 bing.com
bat.bing.com
13 KB
3 gstatic.com
fonts.gstatic.com
24 KB
3 google.com
apis.google.com — Cisco Umbrella Rank: 112
www.google.com
7 KB
2 google.de
www.google.de
655 B
2 clarity.ms
www.clarity.ms
l.clarity.ms Failed
25 KB
2 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
2 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
113 KB
2 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1442
28 KB
1 googleadservices.com
www.googleadservices.com
15 KB
1 licdn.com
snap.licdn.com
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 formstackservices.com
oauth.formstackservices.com — Cisco Umbrella Rank: 216886
569 B
1 amazoncognito.com
prod-sign.auth.us-east-1.amazoncognito.com — Cisco Umbrella Rank: 732216
1 KB
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 5991
9 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 842
138 KB
1 zuora.com
static.zuora.com — Cisco Umbrella Rank: 52405
7 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 801
24 KB
1 microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 11706
15 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1404
417 B
0 linkedin.com Failed
px4.ads.linkedin.com Failed
46 23
Domain Requested by
8 admin.formstack.com my.insuresign.com
admin.formstack.com
6 my.insuresign.com my.insuresign.com
3 bat.bing.com admin.formstack.com
bat.bing.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google.de admin.formstack.com
2 www.google.com admin.formstack.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com admin.formstack.com
www.googletagmanager.com
2 cdn.segment.com my.insuresign.com
cdn.segment.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 snap.licdn.com admin.formstack.com
1 fonts.googleapis.com admin.formstack.com
1 oauth.formstackservices.com 1 redirects
1 prod-sign.auth.us-east-1.amazoncognito.com 1 redirects
1 public.profitwell.com my.insuresign.com
1 cdn.pendo.io my.insuresign.com
1 static.zuora.com my.insuresign.com
1 unpkg.com my.insuresign.com
1 secure.aadcdn.microsoftonline-p.com my.insuresign.com
1 apis.google.com my.insuresign.com
1 polyfill.io my.insuresign.com
0 l.clarity.ms Failed www.clarity.ms
0 px4.ads.linkedin.com Failed admin.formstack.com
46 26

This site contains no links.

Subject Issuer Validity Valid
*.insuresign.com
Amazon		 2021-12-12 -
2023-01-09		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft RSA TLS CA 02		 2021-11-18 -
2022-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
www.zuora.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-10 -
2023-05-10		 a year crt.sh
admin.formstack.com
Amazon		 2022-06-09 -
2023-07-08		 a year crt.sh
cdn.pendo.io
Amazon		 2022-07-30 -
2023-08-28		 a year crt.sh
*.profitwell.com
Amazon		 2022-07-03 -
2023-08-01		 a year crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Frame ID: EBBEB0C339BFCB44536D7FB05B41A985
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://my.insuresign.com/ Page URL
  2. https://prod-sign.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https://my.insuresign.com&response_type=code&c... HTTP 302
    https://oauth.formstackservices.com/oauth2/auth?client_id=insuresign&redirect_uri=https%3A%2F%2Fprod-sign.auth.u... HTTP 302
    https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

46
Requests

96 %
HTTPS

71 %
IPv6

23
Domains

26
Subdomains

23
IPs

2
Countries

12433 kB
Transfer

13249 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.insuresign.com/ Page URL
  2. https://prod-sign.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https://my.insuresign.com&response_type=code&client_id=3d2h3hnklp0bl0d0pov8hnpvvt&identity_provider=Formstack&scope=openid+email+profile HTTP 302
    https://oauth.formstackservices.com/oauth2/auth?client_id=insuresign&redirect_uri=https%3A%2F%2Fprod-sign.auth.us-east-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=openid+email+platform_roles+profile&response_type=code&state=H4sIAAAAAAAAAD1QXY-bMBD8L36Oc2A-Eni7I6EJyemSctcSVRVyDAaHDwM23JGq_717VdV92RnNaDWzvxBFPhoVzqnS2ExN83kXRs5xQgt0BSWUQ6M0ZRVwBtzKSGmVbVV3xrU2MqOT07psu2nSYMjAUGrdKf_hoZmXolXjkCtRtEsmG9Bz0JnMcoAc4Mt-EwAskP8DyS5vRfbpaaioYXeD5KLO0c8FqsBb4Whqv8ZpfnBZUofcHorTvrMKeVNJj1niVPfxWhb2Nkyr_vBxMaM0VLp7kvXR5VtxGi6zfRvGKHrU5BKMZzKfD6KfvUQE2rBu4mbzxvmI--z06u3en8Sun6kVJPuKvLPk-a6ct-10indxsvoiX-72I_2u-4B438Izpq9O3O836ebomRU3CghfQ2IokOG_5emoy-X_Fy9pQ--yZbJohZb_PtMg33RhrJVhraA88jmtVb5AA1ziBnUpdxgmxM2w7bor7PEVxR7xXPNK1nRNGPr9Bw0q6wbKAQAA.H4sIAAAAAAAAAPufZ6ubFbxgFhNT56knLQnCzqfUz-sdXVCe7vyxXpGfLw0Ahz12RCAAAAA.4 HTTP 302
    https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1666637045146&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D114921%26time%3D1666637045146%26url%3Dhttps%253A%252F%252Fadmin.formstack.com%252Flogin%253Flogin_challenge%253De03a270535db459483e67395a0ce6e71%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1666637045146&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1666637045146&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&liSync=true&e_ipv6=AQLad5rT4yQeGwAAAYQLTx9x8jpTzUsTIdVLi_NSsRBHgtwDBEdvmO6G4lkTNlC7-21EHsTxRQ827Q

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
my.insuresign.com/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.insuresign.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-115.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72879288526c9e511686421a7515ef998a391e48affbbacaed51704ab4bc9c2a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
121778
Cache-Control
max-age=604800
Connection
keep-alive
Content-Length
5241
Content-Type
text/html
Date
Sun, 23 Oct 2022 08:54:19 GMT
ETag
"3ac46616d11dee66b0ef9a4f00fef3f7"
Last-Modified
Thu, 15 Sep 2022 13:38:12 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=300; includeSubDomains; preload
Via
1.1 ec354e6d520d6c5c48f3933476169122.cloudfront.net (CloudFront)
X-Amz-Cf-Id
POsdJPOiU_JL9EE6yDGzrXKy0_eu8-xIQY0knGxcFUzg3L60AOH4Wg==
X-Amz-Cf-Pop
AMS50-C1
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
x-amz-server-side-encryption
AES256
lib-4ebd73d343.css
my.insuresign.com/styles/ 		237 KB
237 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.insuresign.com/styles/lib-4ebd73d343.css
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-115.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29774c78885ecb34b4e94b3591d8ef07afc6a0d976a25da672664cd023b5d331
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 15:34:01 GMT
Via
1.1 ec354e6d520d6c5c48f3933476169122.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubDomains; preload
X-Amz-Cf-Pop
AMS50-C1
Age
184196
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
242507
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 15 Sep 2022 13:38:12 GMT
Server
AmazonS3
ETag
"4ebd73d3436592648a465f417a29297d"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
NaJjR_ql7XdsX-JOnBnzDZWtipO5DnFhe_MX4ozVM0k-4PBbU66S1A==
app-fb40831fb9.css
my.insuresign.com/styles/ 		258 KB
259 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.insuresign.com/styles/app-fb40831fb9.css
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-115.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7cdfd2bc5fd496cf72479bef2bd4cd6dfaae286b9043ccacbd78711bc8cbb84
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 04:34:12 GMT
Via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubDomains; preload
X-Amz-Cf-Pop
AMS50-C1
Age
482985
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
264587
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 15 Sep 2022 13:38:12 GMT
Server
AmazonS3
ETag
"fb40831fb92aa49bf6d8116413111d26"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
AxgJhXe6LBw7o3hGypRmzZ1KPovNSYO-CCXmDCMrv_WihCa69OSM9Q==
polyfill.min.js
polyfill.io/v3/ 		101 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Object.assign
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:56 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 13:32:56 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/106.0.0
server-timing
cache-hhn4068, PASS, fastly;desc="Edge time";dur=16
accept-ranges
bytes
content-length
94
lib-365543cc69.js
my.insuresign.com/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.insuresign.com/js/lib-365543cc69.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-115.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73f5e1eb1711d9faa788d9d7a099cf23798d4999e882a04e91c3df08f1f05b44
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 08:27:01 GMT
Via
1.1 618e94643d6094e9ff9adbaaa8ed3aee.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubDomains; preload
X-Amz-Cf-Pop
AMS50-C1
Age
209816
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2746421
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 15 Sep 2022 13:38:12 GMT
Server
AmazonS3
ETag
"365543cc69dc4cd1e23117f8a9097f54"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
Ma8IxBC_N4IKMEU8ri6ufyBXPt4ocWSnlVf4DF7v-MlCXlhENjquEQ==
app-3010e14237.js
my.insuresign.com/js/ 		7 MB
7 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.insuresign.com/js/app-3010e14237.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-115.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3d744df555ec8b18a5e065e6ac0ff42388fa550c111f3e6c5b11bece87a7ac2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 06:55:13 GMT
Via
1.1 dbd13e5e9621f4e45e6a452ed9862bf0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubDomains; preload
X-Amz-Cf-Pop
AMS50-C1
Age
128923
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7704677
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 15 Sep 2022 13:38:12 GMT
Server
AmazonS3
ETag
"3010e1423795fba2c5c5b7aede0ac149"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
nzzUhShPvGxj-Z0C8L8L2WsgOVnlzQk6JMbQvXkYzpbjC9GKdCn3ag==
api.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21ca574192971f57bd01e98b21b9082a4df9d369043d0d57146bceb5fe0a3b9d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 18:43:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5565
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"89ba6855a68a87f2"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Oct 2022 18:43:56 GMT
msal.min.js
secure.aadcdn.microsoftonline-p.com/lib/0.1.3/js/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/lib/0.1.3/js/msal.min.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:594::35c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e8cf59d05c238c6e32b9e1e83b59df8afa45775fba7428f8f03c4b69a7ffe7ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 18:43:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 14 May 2019 23:43:02 GMT
Content-MD5
CPIjjoK7SFUHN2rRknBFHw==
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=169676
Connection
keep-alive
Content-Length
14832
graph-js-sdk-web.js
unpkg.com/@microsoft/microsoft-graph-client@1.0.0/lib/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@microsoft/microsoft-graph-client@1.0.0/lib/graph-js-sdk-web.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae06086760fc9d95eb800b8b9307dc7d4b48cae408dce14661fdb9ee841663b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2478288
last-modified
Wed, 19 Apr 2017 16:30:35 GMT
fly-request-id
01GDVSEH522KRSTP6QYRRRDQAS-fra
server
cloudflare
etag
W/"17189-sUkKYOYWT4WTl0ovqlCkficl2Cg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75f4dc651c269238-FRA
zuora-min.js
static.zuora.com/Resources/libs/hosted/1.3.1/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zuora.com/Resources/libs/hosted/1.3.1/zuora-min.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.205.231.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-231-176.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 24 Oct 2022 18:43:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Sep 2022 03:24:20 GMT
Server
nginx
ETag
"632d26e4-4724"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6646
session-poller-v2.js
admin.formstack.com/js/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/js/session-poller-v2.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d45c533b18f735808a74594ef2307b0ee2237c44839c887eb61bfd6144555fad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24 Oct 2022 12:59:54 GMT
server
nginx
etag
"63568c4a-6a64"
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
public
accept-ranges
bytes
content-length
27236
x-xss-protection
1; mode=block
pendo.js
cdn.pendo.io/agent/static/bd063a2a-b46e-4004-5b6e-287ad385b223/ 		419 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/bd063a2a-b46e-4004-5b6e-287ad385b223/pendo.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:8c00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:05 GMT
content-encoding
gzip
via
1.1 7759c849c7040f0b6b78f9d2199c04ca.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
52
x-guploader-uploadid
ADPycdtBiuCNZriY3AoRwr_T5E5K7q2iVXAjHAoHBGiMXuiFZuMLe1K98tIOlAYaI8LQklOEypgLba0t63mBNtWIDX8m
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
140171
last-modified
Thu, 20 Oct 2022 18:19:03 GMT
server
UploadServer
etag
"eef2e20337da20ec2f98f422d152e5fa"
vary
Accept-Encoding
x-goog-generation
1666289943638453
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=xcuAFA==, md5=7vLiAzfaIOwvmPQi0VLl+g==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
140171
accept-ranges
bytes
x-amz-cf-id
6itUFdvedrNp0EK4tgR7rYYCYFHG7KS65sO0_z1yuMdZK3RcQVYiOQ==
expires
Mon, 24 Oct 2022 18:50:35 GMT
profitwell.js
public.profitwell.com/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.profitwell.com/js/profitwell.js?auth=5c8b6aecb451ced993471a14dd9e0696
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-90.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
content-encoding
gzip
via
1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
date
Mon, 24 Oct 2022 07:02:10 GMT
last-modified
Tue, 28 Jun 2022 18:43:42 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
42108
etag
W/"f3710cf44008e9509cf9d74fde8cff1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=86400
x-amz-cf-id
2dj_Gd14HiTqLWwDftWqWBSJHF0Sh0pFSh7NcODNXPaIjxvA0ic6Fg==
analytics.min.js
cdn.segment.com/analytics.js/v1/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/analytics.min.js
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-222-191.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
DjdwTbm3IVd85Lk6B0OVqEtux.KBx04t
content-encoding
br
via
1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
date
Mon, 24 Oct 2022 18:43:57 GMT
x-amz-cf-pop
AMS54-C1
age
51
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 20 Oct 2022 19:43:37 GMT
server
AmazonS3
etag
W/"ba4fd69be8a08c1fe37feb44e46a2838"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
Egi-vig1_P66z2O-taTOhxv7mk23s8mr7O_WY0VO2fdrSaZSxldJsw==
Primary Request login
admin.formstack.com/
Redirect Chain
  • https://prod-sign.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https://my.insuresign.com&response_type=code&client_id=3d2h3hnklp0bl0d0pov8hnpvvt&identity_provider=Formstack&scope=...
  • https://oauth.formstackservices.com/oauth2/auth?client_id=insuresign&redirect_uri=https%3A%2F%2Fprod-sign.auth.us-east-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=openid+email+platform_roles+p...
  • https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Requested by
Host: my.insuresign.com
URL: https://my.insuresign.com/js/app-3010e14237.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
41069104f10ec45bb7327d18f7ff9b6d6554c95020c47ade1c2e3f3cb4ff65e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.insuresign.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private public
content-type
text/html; charset=UTF-8
date
Mon, 24 Oct 2022 18:43:57 GMT
server
nginx
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block

Redirect headers

content-length
105
content-type
text/html; charset=utf-8
date
Mon, 24 Oct 2022 18:43:57 GMT
location
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
loading.gif
my.insuresign.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.insuresign.com/images/loading.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-115.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 15:13:39 GMT
Via
1.1 dbd13e5e9621f4e45e6a452ed9862bf0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubDomains; preload
X-Amz-Cf-Pop
AMS50-C1
Age
185419
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9853
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 15 Sep 2022 13:38:12 GMT
Server
AmazonS3
ETag
"7d22094bb5271dec5e4634c274a5d3e0"
X-Frame-Options
DENY
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
jrc8fNQ0_vWW4GeB2zSw9xVpxxr0fmhkBubV8Ho1Csx9nDSpK6mrtg==
settings
cdn.segment.com/v1/projects/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/ 		603 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/E5oWrqu2NkonRvHDT5lu9sZFLKHOLn9j/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-222-191.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.insuresign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
Qa9t3N81Tyk6HSYyB_PuQ35AJ7Iuz9iK
date
Mon, 24 Oct 2022 18:43:57 GMT
via
1.1 bb1fd0922e473ba97ff6a00f6c71141a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
4585
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
603
last-modified
Tue, 14 Jun 2022 21:51:14 GMT
server
AmazonS3
etag
"bc71cee03c93e59c676a6c60e0be803b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
_Bk_BkvfglUNWjhhDajLjHqi8-icjroaE_M8gzNlXrwIuKYRsioEKA==
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d34d9fbcd0fbbc245cc05cf2e9704209ce3a7681f37bebeeca51cf7dc29346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Oct 2022 18:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 16:47:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Oct 2022 18:43:58 GMT
public.css
admin.formstack.com/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/css/public.css?id=6e07f5bf65e9ea6ac6d4c0cc45b7a51a
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7b9e3331b3207b267079a0bae3fb6297fd7d4c5f47877b0c07d19a02176bfa73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24 Oct 2022 13:01:59 GMT
server
nginx
etag
"63568cc7-ddb"
x-frame-options
sameorigin
content-type
text/css
cache-control
public
accept-ranges
bytes
content-length
3547
x-xss-protection
1; mode=block
vendor.js
admin.formstack.com/js/public/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/js/public/vendor.js?id=e4d75ffc5922591c13cd6d8f5621676c
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a675c4441323a1fb6e72fbd766c73f4be3cbb3b0634eaa977de047d00bdf298f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24 Oct 2022 13:01:59 GMT
server
nginx
etag
"63568cc7-123dc7"
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
public
accept-ranges
bytes
content-length
1195463
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-15307491-1
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5349b0c37b9485d8647d5ba7155d0e5305ea65d4192764ee1278f32928eb810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43649
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Oct 2022 18:43:59 GMT
formstack-sign.svg
admin.formstack.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.formstack.com/images/formstack-sign.svg
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e865ae5ab6ea9e32b78696f079d3e1f229419087bae63d878b00d64802883fca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24 Oct 2022 13:01:59 GMT
server
nginx
etag
"63568cc7-f25"
x-frame-options
sameorigin
content-type
image/svg+xml
cache-control
public
accept-ranges
bytes
content-length
3877
x-xss-protection
1; mode=block
login.js
admin.formstack.com/js/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.formstack.com/js/login.js?id=d474b7d3db0c1fdeb05de4466762a7a3
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1cf6825cfa863733f39ac9f513daf0c376d3a5fc51144df3c3a2038597cc9856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:43:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24 Oct 2022 13:01:59 GMT
server
nginx
etag
"63568cc7-93a1"
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
cache-control
public
accept-ranges
bytes
content-length
37793
x-xss-protection
1; mode=block
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:25:44 GMT
x-content-type-options
nosniff
age
429501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:25:44 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:24:53 GMT
x-content-type-options
nosniff
age
429552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:24:53 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:23:03 GMT
x-content-type-options
nosniff
age
422462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 21:23:03 GMT
google.svg
admin.formstack.com/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.formstack.com/images/google.svg?a26989915dcc63d997c692a5f833717e
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3868cc9d09f519cabb2e3e688963e5041b75d8c60716db58cf73fccb100e4fad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:44:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24 Oct 2022 13:01:59 GMT
server
nginx
etag
"63568cc7-3b36"
x-frame-options
sameorigin
content-type
image/svg+xml
cache-control
public
accept-ranges
bytes
content-length
15158
x-xss-protection
1; mode=block
apple.svg
admin.formstack.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.formstack.com/images/apple.svg?dbccb7a335db45304a1f6075530c83af
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.33.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-33-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6899996c9f1de2a1cc7ef2748922d7ff90f1a48e84885be86561a04e877551b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:44:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24 Oct 2022 13:01:59 GMT
server
nginx
etag
"63568cc7-146b"
x-frame-options
sameorigin
content-type
image/svg+xml
cache-control
public
accept-ranges
bytes
content-length
5227
x-xss-protection
1; mode=block
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 24 Oct 2022 18:44:05 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7CB7DB091E6A4BD9B2347EB40B4D49F7 Ref B: FRA31EDGE0516 Ref C: 2022-10-24T18:44:05Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:44:05 GMT
content-encoding
gzip
last-modified
Wed, 19 Oct 2022 18:56:33 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=44247
accept-ranges
bytes
content-length
3063
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15307491-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Oct 2022 17:15:56 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5289
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 24 Oct 2022 19:15:56 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1023230933&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15307491-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52a7c0f828204cc52e205faaac96840dbedb8427774afd943e70eec9ff0c3199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:44:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71699
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Oct 2022 18:44:05 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1023230933&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15176
x-xss-protection
0
server
cafe
etag
444338200384796413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Oct 2022 18:44:05 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1666637045146&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D114921%26time%3D1666637045146%26url%3Dhttps%253A%252F%252Fadmin.formstack.com%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1666637045146&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1666637045146&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&liSync=true&e_ipv6=A...
0
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1615296082&t=pageview&_s=1&dl=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&dr=https%3A%2F%2Fmy.insuresign.com%2F&ul=en-us&de=UTF-8&dt=Formstack%20Admin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1078026410&gjid=1493850609&cid=839529051.1666637045&tid=UA-15307491-1&_gid=2071637312.1666637045&_r=1&gtm=2ouaj0&z=1586051325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://admin.formstack.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 18:44:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.formstack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
5218350.js
bat.bing.com/p/action/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5218350.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b926372267a0e77f92203cf74dd308c91128d119f270a2ab1564b349d097241a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 24 Oct 2022 18:44:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E41519939F77488DACDEF588BB20024D Ref B: FRA31EDGE0516 Ref C: 2022-10-24T18:44:05Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
1422
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5218350&Ver=2&mid=c53336dd-cfd9-45aa-b12d-ec745a5bc94b&sid=d5f8c25053cb11ed8039154fadd8d67f&vid=d5f8c95053cb11ed9714056ce734ebc6&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Formstack%20Admin&p=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&r=https%3A%2F%2Fmy.insuresign.com%2F&lt=8019&evt=pageLoad&sv=1&rn=346793
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 18:44:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0464E91A53624A128F1A5FF695F730EC Ref B: FRA31EDGE0516 Ref C: 2022-10-24T18:44:05Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-15307491-1&cid=839529051.1666637045&jid=1078026410&gjid=1493850609&_gid=2071637312.1666637045&_u=YEBAAUAAAAAAACAAI~&z=414924548
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://admin.formstack.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 24 Oct 2022 18:44:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://admin.formstack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023230933/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023230933/?random=1666637045246&cv=9&fst=1666637045246&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&ref=https%3A%2F%2Fmy.insuresign.com%2F&tiba=Formstack%20Admin&auid=1991007304.1666637045&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ac860bc9ae2b7f0d94cd1c9804887454f3db7dff9fc8167da2cfdb3c96ace900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 18:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1087
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5218350
www.clarity.ms/tag/uet/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5218350
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5218350.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::60 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1d1b3b0180bc456f95160bae0bcfbeeab8506f149e374a2142788774179aa35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 24 Oct 2022 18:44:05 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
09dxWYwAAAAD4WQMC9yoSSLprbrBLL09SRlJBMjMxMDUwNDE4MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15307491-1&cid=839529051.1666637045&jid=1078026410&_u=YEBAAUAAAAAAACAAI~&z=809107427
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 18:44:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-15307491-1&cid=839529051.1666637045&jid=1078026410&_u=YEBAAUAAAAAAACAAI~&z=809107427
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 18:44:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1023230933/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1023230933/?random=1666637045246&cv=9&fst=1666634400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&ref=https%3A%2F%2Fmy.insuresign.com%2F&tiba=Formstack%20Admin&async=1&fmt=3&is_vtc=1&random=1053349447&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 18:44:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023230933/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1023230933/?random=1666637045246&cv=9&fst=1666634400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaj0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&ref=https%3A%2F%2Fmy.insuresign.com%2F&tiba=Formstack%20Admin&async=1&fmt=3&is_vtc=1&random=1053349447&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: admin.formstack.com
URL: https://admin.formstack.com/login?login_challenge=e03a270535db459483e67395a0ce6e71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Oct 2022 18:44:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus-e/s/0.6.43/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-e/s/0.6.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5218350
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::60 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:44:05 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
"1d8e6ea47462a4c"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
x-azure-ref
09dxWYwAAAAAIFHTGcOjyQ7GOhnnWhDJMRlJBMjMxMDUwNDE4MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
23642
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
collect
l.clarity.ms/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px4.ads.linkedin.com
URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=114921&time=1666637045146&url=https%3A%2F%2Fadmin.formstack.com%2Flogin%3Flogin_challenge%3De03a270535db459483e67395a0ce6e71&liSync=true&e_ipv6=AQLad5rT4yQeGwAAAYQLTx9x8jpTzUsTIdVLi_NSsRBHgtwDBEdvmO6G4lkTNlC7-21EHsTxRQ827Q
Domain
l.clarity.ms
URL
https://l.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

7 Cookies

Domain/Path Name / Value
prod-sign.auth.us-east-1.amazoncognito.com/ Name: XSRF-TOKEN
Value: 8c48954e-533a-4685-a35b-6881595bd25a
prod-sign.auth.us-east-1.amazoncognito.com/ Name: csrf-state
Value: k-JvnRS_eK6cXlFf4rgPIp3gojsXq-cX5kzubhg4EF_kqKxY1J_FstpBolL6fEiPrYy4jruJJAt2YCuQ2yQKiqy9XiCt03jij4fm5xSqdPT9HwBiHqya3CXIk2wcXMzs5UEvPSHSX7GoOz4AaWtqC29VFQ-aT5SqID_DL91kf0g
prod-sign.auth.us-east-1.amazoncognito.com/ Name: csrf-state-legacy
Value: k-JvnRS_eK6cXlFf4rgPIp3gojsXq-cX5kzubhg4EF_kqKxY1J_FstpBolL6fEiPrYy4jruJJAt2YCuQ2yQKiqy9XiCt03jij4fm5xSqdPT9HwBiHqya3CXIk2wcXMzs5UEvPSHSX7GoOz4AaWtqC29VFQ-aT5SqID_DL91kf0g
oauth.formstackservices.com/ Name: oauth2_authentication_csrf
Value: MTY2NjYzNzAzN3xEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR0l4TmpBNE9EZzROemN6TmpSbE1HTTVZbUUxTmpFeFkyRmlOVGsyWVRjd3xMPiWMeL2uZtujdBVtYm_NKkKoHK_jfU4YlzR3x7I6kA==
oauth.formstackservices.com/ Name: oauth2_authentication_csrf_legacy
Value: MTY2NjYzNzAzN3xEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR0l4TmpBNE9EZzROemN6TmpSbE1HTTVZbUUxTmpFeFkyRmlOVGsyWVRjd3z3bGqhZ2-rRbJLmgw8wN8JFfonb0Jkv-PvVP64XSsEEQ==
admin.formstack.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ikc5d00xWEtNY0psOFdFRkMrMHFTclE9PSIsInZhbHVlIjoiTlVtNnhiZDgvS2ZYeGQ2elJOK0RvS0J3Tk5lak9qejZSSHNzNXB3cGRERjE5S1R1VkllY2c3WVU5a01GVkdhSjJ3SysvbGtxWGxVRVI0bjVyWElJNWlRVDVGR3RZN3BNelAzNWlNWGZCeU92Wmx0WDM2c1VxQ2JrSGpQYytTbGoiLCJtYWMiOiJlMzZhODc4MzQxMDgyNzJmNTYwMjY2MTRhMmRhZmUyMmMzOWNhN2M2NTdmNTY4Y2JjMWYxOTk0YjQ3N2ExMDIzIiwidGFnIjoiIn0%3D
admin.formstack.com/ Name: formstack_admin_session
Value: eyJpdiI6IldxWElXdUlRS2J5d203UzA1bkxESGc9PSIsInZhbHVlIjoiYnA5amJacEZ4OTlFWUxvMU9PY2h5VXpoUlBNTVZNaGlOM3U2RnZTM3Z6cE16NjlETzU1aWRyeVhoYUlOaGxqUEZXbUxvS1FyckJZT0dVNnhaYlJSWUhKRENCekhiTEdvRGxEUGVMSSsvM2JtdVZsMGp6Vi8xYUlSWEdXQyt6a2siLCJtYWMiOiIxODllYWFhMjczOGQ5YzEwNzNkOWM4MTQxZDk1YWM3MGNmYzMwYzA3ZGU5MDIyYTQ0NDQxNDc0NzVkMjJjNzk3IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.formstack.com
apis.google.com
bat.bing.com
cdn.pendo.io
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.clarity.ms
my.insuresign.com
oauth.formstackservices.com
polyfill.io
prod-sign.auth.us-east-1.amazoncognito.com
public.profitwell.com
px4.ads.linkedin.com
secure.aadcdn.microsoftonline-p.com
snap.licdn.com
static.zuora.com
stats.g.doubleclick.net
unpkg.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
l.clarity.ms
px4.ads.linkedin.com
13.227.222.191
142.250.186.98
23.205.231.176
2600:1f18:257:8000:7200:b64c:ae35:d7b6
2600:9000:2204:8c00:1f:aa31:7740:93a1
2606:4700::6810:7caf
2620:1ec:49::60
2620:1ec:c11::200
2a00:1450:4001:802::2008
2a00:1450:4001:803::2004
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:594::35c1
2a04:4e42:a00::282
52.222.139.115
52.222.139.90
54.209.33.14
54.92.231.93
1cf6825cfa863733f39ac9f513daf0c376d3a5fc51144df3c3a2038597cc9856
21ca574192971f57bd01e98b21b9082a4df9d369043d0d57146bceb5fe0a3b9d
29774c78885ecb34b4e94b3591d8ef07afc6a0d976a25da672664cd023b5d331
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3868cc9d09f519cabb2e3e688963e5041b75d8c60716db58cf73fccb100e4fad
3ae06086760fc9d95eb800b8b9307dc7d4b48cae408dce14661fdb9ee841663b
41069104f10ec45bb7327d18f7ff9b6d6554c95020c47ade1c2e3f3cb4ff65e5
52a7c0f828204cc52e205faaac96840dbedb8427774afd943e70eec9ff0c3199
52d34d9fbcd0fbbc245cc05cf2e9704209ce3a7681f37bebeeca51cf7dc29346
6899996c9f1de2a1cc7ef2748922d7ff90f1a48e84885be86561a04e877551b2
72879288526c9e511686421a7515ef998a391e48affbbacaed51704ab4bc9c2a
73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca
73f5e1eb1711d9faa788d9d7a099cf23798d4999e882a04e91c3df08f1f05b44
7b9e3331b3207b267079a0bae3fb6297fd7d4c5f47877b0c07d19a02176bfa73
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
a675c4441323a1fb6e72fbd766c73f4be3cbb3b0634eaa977de047d00bdf298f
ac860bc9ae2b7f0d94cd1c9804887454f3db7dff9fc8167da2cfdb3c96ace900
b3d744df555ec8b18a5e065e6ac0ff42388fa550c111f3e6c5b11bece87a7ac2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b926372267a0e77f92203cf74dd308c91128d119f270a2ab1564b349d097241a
c7cdfd2bc5fd496cf72479bef2bd4cd6dfaae286b9043ccacbd78711bc8cbb84
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1d1b3b0180bc456f95160bae0bcfbeeab8506f149e374a2142788774179aa35
d45c533b18f735808a74594ef2307b0ee2237c44839c887eb61bfd6144555fad
d5349b0c37b9485d8647d5ba7155d0e5305ea65d4192764ee1278f32928eb810
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e865ae5ab6ea9e32b78696f079d3e1f229419087bae63d878b00d64802883fca
e8cf59d05c238c6e32b9e1e83b59df8afa45775fba7428f8f03c4b69a7ffe7ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149