urlscan.io logo urlscan.io
SecurityTrails logo

auth.nuvem.com Open in urlscan Pro
40.71.11.145  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.nuvem.com/
Effective URL: https://auth.nuvem.com/account/login
Submission: On July 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 40.71.11.145, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.nuvem.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on July 6th 2023. Valid for: 6 months.
This is the only time auth.nuvem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 40.71.11.145 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 6
4    40.71.11.145 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
auth.nuvem.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:62 (United States)

ASN13335 (CLOUDFLARENET, US)
www.jotformpro.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
4 nuvem.com
auth.nuvem.com
16 KB
2 gstatic.com
fonts.gstatic.com
97 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
5 KB
1 jotformpro.com
www.jotformpro.com
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
1 KB
0 jotfor.ms Failed
cdn01.jotfor.ms Failed
cdn02.jotfor.ms Failed
cdn03.jotfor.ms Failed
0 azure.com Failed
js.monitor.azure.com Failed
19 7
Domain Requested by
4 auth.nuvem.com 1 redirects auth.nuvem.com
2 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com www.jotformpro.com
1 www.jotformpro.com auth.nuvem.com
1 fonts.googleapis.com auth.nuvem.com
0 cdn03.jotfor.ms Failed www.jotformpro.com
0 cdn02.jotfor.ms Failed www.jotformpro.com
0 cdn01.jotfor.ms Failed www.jotformpro.com
0 js.monitor.azure.com Failed auth.nuvem.com
19 9

This site contains links to these domains. Also see Links.

Domain
340basics.com
www.340basics.com
www.twitter.com
www.linkedin.com
Subject Issuer Validity Valid
auth.nuvem.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-07-06 -
2024-01-06		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://auth.nuvem.com/account/login
Frame ID: 2C25318D96D9F5BDA82D4F5A564B55C4
Requests: 10 HTTP requests in this frame

Frame: https://cdn01.jotfor.ms/static/formCss.css?3.3.43218
Frame ID: D88E27EAF8F9A34E1178480BB12F6BDC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Nuvem

Page URL History Show full URLs

  1. https://auth.nuvem.com/ HTTP 302
    https://auth.nuvem.com/account/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • Nuvem
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

42 %
HTTPS

80 %
IPv6

7
Domains

9
Subdomains

6
IPs

2
Countries

130 kB
Transfer

196 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.nuvem.com/ HTTP 302
    https://auth.nuvem.com/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.nuvem.com/account/
Redirect Chain
  • https://auth.nuvem.com/
  • https://auth.nuvem.com/account/login
9 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.nuvem.com/account/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.11.145 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
387d59665229047bdf44927e10cc4b90339b226cba3f85da312466582cf11ae2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Length
4736
Content-Security-Policy
default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
Content-Type
text/html; charset=utf-8
Date
Thu, 06 Jul 2023 22:12:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Request-Context
appId=cid-v1:9359c93c-6d7e-47a2-8e89-ccd35e45d177
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Powered-By
ASP.NET
X-Robots-Tag
noindex, nofollow

Redirect headers

Content-Length
0
Content-Security-Policy
default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
Date
Thu, 06 Jul 2023 22:12:57 GMT
Location
/account/login
Request-Context
appId=cid-v1:9359c93c-6d7e-47a2-8e89-ccd35e45d177
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Powered-By
ASP.NET
X-Robots-Tag
noindex, nofollow
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i
Requested by
Host: auth.nuvem.com
URL: https://auth.nuvem.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7f8d7494969108668dc0c3c8abfaa863b9fb7c079ea58fa235f38b331ca747c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nuvem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jul 2023 22:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 22:12:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jul 2023 22:12:59 GMT
site.css
auth.nuvem.com/css/ 		10 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.nuvem.com/css/site.css?v=txUFU1XfEYoduyujZHakoYmpyoEOhnsVnx73hIpjIdQ
Requested by
Host: auth.nuvem.com
URL: https://auth.nuvem.com/account/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.11.145 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b715055355df118a1dbb2ba36476a4a189a9ca810e867b159f1ef7848a6321d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nuvem.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 06 Jul 2023 22:12:58 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2592000
Content-Security-Policy
default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
X-Powered-By
ASP.NET
Content-Length
3960
Request-Context
appId=cid-v1:9359c93c-6d7e-47a2-8e89-ccd35e45d177
Last-Modified
Mon, 03 Jul 2023 20:48:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d9adefb0d9cf98"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
logo_nuvem.svg
auth.nuvem.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.nuvem.com/images/logo_nuvem.svg?v=5rKyZc9tp1Qmso7BmZupqeq5ti0VaM8JuyLaTMoaN3o
Requested by
Host: auth.nuvem.com
URL: https://auth.nuvem.com/account/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.71.11.145 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e6b2b265cf6da75426b28ec1999ba9a9eab9b62d1568cf09bb22da4cca1a377a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nuvem.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 06 Jul 2023 22:12:58 GMT
Strict-Transport-Security
max-age=2592000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
Last-Modified
Mon, 03 Jul 2023 20:43:32 GMT
Server
Microsoft-IIS/10.0
ETag
"1d9adef0792feb2"
X-Download-Options
noopen
X-Powered-By
ASP.NET
Content-Type
image/svg+xml
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
3250
Request-Context
appId=cid-v1:9359c93c-6d7e-47a2-8e89-ccd35e45d177
63374330532147
www.jotformpro.com/jsform/ 		51 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jotformpro.com/jsform/63374330532147
Requested by
Host: auth.nuvem.com
URL: https://auth.nuvem.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8218bd37c392f8e9443ee6550e10cba6ab60a257eb24c170f5a593f5a0d2f133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nuvem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 22:12:59 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router
true
pragma
no-cache
last-modified
Thu, 06 Jul 2023 22:12:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jj39H6%2FO%2BNsjy1wEOY6RD4TuSVzwQYUSfMNAz96jZraD8rgL9myxVGD6QZsd5S2TOw447Z%2FgzMggaM5zHs%2FdwJYi5okmr1DBUq7twRkKZ00Vd8OJJR6kiPIoNxYBWhRkw1mSRl6NmHv8cVMwLkz1vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
no-cache
x-form-cache
MISS-APP
cf-ray
7e2b313d7bf11e5c-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.nuvem.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 05:45:28 GMT
x-content-type-options
nosniff
age
491251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Jun 2024 05:45:28 GMT
formCss.css
cdn01.jotfor.ms/static/ Frame D88E 		0
0
nova.css
cdn02.jotfor.ms/css/styles/ Frame D88E 		0
0
566a91c2977cdfcd478b4567.css
cdn03.jotfor.ms/themes/CSS/ Frame D88E 		0
0
payment_feature.css
cdn01.jotfor.ms/css/styles/payment/ Frame D88E 		0
0
donationBox.css
cdn02.jotfor.ms/stylebuilder/ Frame D88E 		0
0
form-submit-button-light.css
cdn03.jotfor.ms/css/styles/buttons/ Frame D88E 		0
0
prototype.forms.js
cdn01.jotfor.ms/static/ Frame D88E 		0
0
jotform.forms.js
cdn02.jotfor.ms/static/ Frame D88E 		0
0
punycode.js
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame D88E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js
Requested by
Host: www.jotformpro.com
URL: https://www.jotformpro.com/jsform/63374330532147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nuvem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 22:12:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5106695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4177
last-modified
Mon, 04 May 2020 16:15:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fac-394e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKfGGLWmPC%2B%2BgaUY4WLMYSO8REpQGvHsxGziEagUTidaAPJ0oC%2BKnjBZvz5HJcstkDNHABWU%2Bhhnh8QHI0adLlrughqqD5iNr0lxdhd%2Br42Wu8StgO2%2Ft8LyS4Cns7v4KVpV6myTk6UYiF3oSkHLu2N2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e2b314029c791db-FRA
expires
Tue, 25 Jun 2024 22:12:59 GMT
imageinfo.js
cdn03.jotfor.ms/js/vendor/ Frame D88E 		0
0
validategateways.js
cdn01.jotfor.ms/js/payments/ Frame D88E 		0
0
truncated
/ 		906 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49f841ee673e26e3c5967c57799d1d4989ec83dc57a0b5d8a0ebd2a1f5858efd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		873 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99ad7893bcfab1ee0ccf02a896210f5a46d9769f8a14435a3780098b5b56d739

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.nuvem.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 19:05:20 GMT
x-content-type-options
nosniff
age
529659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50440
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jun 2024 19:05:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.monitor.azure.com
URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Domain
cdn01.jotfor.ms
URL
https://cdn01.jotfor.ms/static/formCss.css?3.3.43218
Domain
cdn02.jotfor.ms
URL
https://cdn02.jotfor.ms/css/styles/nova.css?3.3.43218
Domain
cdn03.jotfor.ms
URL
https://cdn03.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?v=3.3.43218
Domain
cdn01.jotfor.ms
URL
https://cdn01.jotfor.ms/css/styles/payment/payment_feature.css?3.3.43218
Domain
cdn02.jotfor.ms
URL
https://cdn02.jotfor.ms/stylebuilder/donationBox.css?v=3.3.43218
Domain
cdn03.jotfor.ms
URL
https://cdn03.jotfor.ms/css/styles/buttons/form-submit-button-light.css?3.3.43218
Domain
cdn01.jotfor.ms
URL
https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.43218
Domain
cdn02.jotfor.ms
URL
https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.43218
Domain
cdn03.jotfor.ms
URL
https://cdn03.jotfor.ms/js/vendor/imageinfo.js?v=3.3.43218
Domain
cdn01.jotfor.ms
URL
https://cdn01.jotfor.ms/js/payments/validategateways.js?v=3.3.43218

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| appInsights boolean| qsProxy function| FrameBuilder object| i63374330532147 function| handleIFrameMessage function| isPermitted

2 Cookies

Domain/Path Name / Value
.auth.nuvem.com/ Name: ARRAffinity
Value: 64e2341df3e0eadc4cd600be8000b5c357289e7482e2593ee3081a786a3b260b
.auth.nuvem.com/ Name: ARRAffinitySameSite
Value: 64e2341df3e0eadc4cd600be8000b5c357289e7482e2593ee3081a786a3b260b

13 Console Messages

Source Level URL
Text
security error URL: https://auth.nuvem.com/account/login(Line 13)
Message:
Refused to load the script 'https://js.monitor.azure.com/scripts/b/ai.2.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://auth.nuvem.com/account/login(Line 13)
Message:
Refused to connect to 'https://eastus-8.in.applicationinsights.azure.com//v2/track' because it violates the following Content Security Policy directive: "connect-src 'self' https://dc.services.visualstudio.com".
javascript error URL: https://auth.nuvem.com/account/login(Line 13)
Message:
Refused to connect to 'https://eastus-8.in.applicationinsights.azure.com//v2/track' because it violates the document's Content Security Policy.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the stylesheet 'https://cdn01.jotfor.ms/static/formCss.css?3.3.43218' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the stylesheet 'https://cdn02.jotfor.ms/css/styles/nova.css?3.3.43218' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the stylesheet 'https://cdn03.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?v=3.3.43218' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the stylesheet 'https://cdn01.jotfor.ms/css/styles/payment/payment_feature.css?3.3.43218' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the stylesheet 'https://cdn02.jotfor.ms/stylebuilder/donationBox.css?v=3.3.43218' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the stylesheet 'https://cdn03.jotfor.ms/css/styles/buttons/form-submit-button-light.css?3.3.43218' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the script 'https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.43218' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the script 'https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.43218' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the script 'https://cdn03.jotfor.ms/js/vendor/imageinfo.js?v=3.3.43218' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.jotformpro.com/jsform/63374330532147(Line 9)
Message:
Refused to load the script 'https://cdn01.jotfor.ms/js/payments/validategateways.js?v=3.3.43218' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://events.jotform.com https://submit.jotform.us;script-src 'self' 'unsafe-inline' https://www.jotformpro.com https://cdn.jotfor.ms https://cdnjs.cloudflare.com https://browser.sentry-cdn.com https://az416426.vo.msecnd.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jotfor.ms;img-src 'self' data: https://cdn.jotfor.ms https://events.jotform.com;font-src https://fonts.gstatic.com data:;connect-src 'self' https://dc.services.visualstudio.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff