urlscan.io logo urlscan.io
SecurityTrails logo

www.bothsides.tv Open in urlscan Pro
69.163.228.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tracking.bothsides.tv/tracking/click?d=U3HlIYzSJKcB7OvJ_1k26FKRK4PDZlVMmPlGu2i2Csrjj5kIsRqhUibDoHb5Mx97GbmMqsl_qV_1bp1...
Effective URL: https://www.bothsides.tv/signup.html
Submission Tags: phishing malicious Search All
Submission: On April 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 69.163.228.13, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is www.bothsides.tv.
TLS certificate: Issued by R3 on March 16th 2021. Valid for: 3 months.
This is the only time www.bothsides.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.134.146.190 16276 (OVH)
3 69.163.228.13 26347 (DREAMHOST-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 108.129.63.17 16509 (AMAZON-02)
10 4
1    91.134.146.190 (France)

ASN16276 (OVH, FR)
PTR: api.elasticemail.com
tracking.bothsides.tv
3    69.163.228.13 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-rank.glenwood.dreamhost.com
www.bothsides.tv
4    2606:4700::6812:ae07 (United States)

ASN13335 (CLOUDFLARENET, US)
485f6f2f.sibforms.com
sibforms.com
1    2606:4700::6811:90c (United States)

ASN13335 (CLOUDFLARENET, US)
assets.sendinblue.com
2    108.129.63.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-63-17.eu-west-1.compute.amazonaws.com
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io
Domain Requested by
3 sibforms.com 485f6f2f.sibforms.com
3 www.bothsides.tv www.bothsides.tv
2 596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io sibforms.com
1 assets.sendinblue.com 485f6f2f.sibforms.com
1 485f6f2f.sibforms.com www.bothsides.tv
1 tracking.bothsides.tv 1 redirects
10 6

This site contains no links.

Subject Issuer Validity Valid
www.bothsides.tv
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-06 -
2021-08-06		 a year crt.sh
*.aws.elastic-cloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-23 -
2021-11-09		 8 months crt.sh

This page contains 2 frames:

Primary Page: https://www.bothsides.tv/signup.html
Frame ID: 63B51FC51B34FCB7D0F23D2BF6323319
Requests: 3 HTTP requests in this frame

Frame: https://485f6f2f.sibforms.com/serve/MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ1buHLfIyNRo
Frame ID: C2A85733AB8ECE95B15EA8CB7A824710
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tracking.bothsides.tv/tracking/click?d=U3HlIYzSJKcB7OvJ_1k26FKRK4PDZlVMmPlGu2i2Csrjj5kIsRqhUibDoHb... HTTP 302
    https://www.bothsides.tv/signup.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

10
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

374 kB
Transfer

902 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tracking.bothsides.tv/tracking/click?d=U3HlIYzSJKcB7OvJ_1k26FKRK4PDZlVMmPlGu2i2Csrjj5kIsRqhUibDoHb5Mx97GbmMqsl_qV_1bp1bnrlTGP_BwAi__7QtYtScfo2qYpJZO_yUW6RvCwP_441te-yi12-_wULCUVZDwmD8yJcnqRw1 HTTP 302
    https://www.bothsides.tv/signup.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signup.html
www.bothsides.tv/
Redirect Chain
  • https://tracking.bothsides.tv/tracking/click?d=U3HlIYzSJKcB7OvJ_1k26FKRK4PDZlVMmPlGu2i2Csrjj5kIsRqhUibDoHb5Mx97GbmMqsl_qV_1bp1bnrlTGP_BwAi__7QtYtScfo2qYpJZO_yUW6RvCwP_441te-yi12-_wULCUVZDwmD8yJcnqRw1
  • https://www.bothsides.tv/signup.html
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bothsides.tv/signup.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.163.228.13 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-rank.glenwood.dreamhost.com
Software
Apache /
Resource Hash
83cde6052afc1e72fef391becb62f55935fc4229b2494b4813c2f94c8210f661

Request headers

:method
GET
:authority
www.bothsides.tv
:scheme
https
:path
/signup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
server
Apache
last-modified
Sun, 29 Nov 2020 22:30:12 GMT
etag
"eb3-5b5466fd4a3e9-gzip"
accept-ranges
bytes
cache-control
max-age=600
expires
Mon, 12 Apr 2021 23:33:32 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
1664
content-type
text/html

Redirect headers

cache-control
private
content-type
text/html; charset=utf-8
location
https://www.bothsides.tv/signup.html
server
Microsoft-IIS/10.0
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-ElasticEmail-ApiKey, X-ElasticEmail-BrowserToken, X-ElasticEmail-ImpersonateAs
access-control-expose-headers
X-ElasticEmail-BrowserToken, X-Total-Count, X-ElasticEmail-AccessToken
x-robots-tag
noindex, nofollow
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 12 Apr 2021 23:23:31 GMT
content-length
153
bsoi.jpg
www.bothsides.tv/images/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bothsides.tv/images/bsoi.jpg
Requested by
Host: www.bothsides.tv
URL: https://www.bothsides.tv/signup.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.163.228.13 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-rank.glenwood.dreamhost.com
Software
Apache /
Resource Hash
d50e4000d38d34ffcdedcd5cf8960dbbd69e4ac4bc361f0153c38eab62ad1b48

Request headers

Referer
https://www.bothsides.tv/signup.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
last-modified
Thu, 01 Oct 2020 17:42:21 GMT
server
Apache
etag
"18c83-5b09f89cdd4da"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
101507
expires
Wed, 12 May 2021 23:23:32 GMT
bothsides.jpg
www.bothsides.tv/images/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bothsides.tv/images/bothsides.jpg
Requested by
Host: www.bothsides.tv
URL: https://www.bothsides.tv/signup.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.163.228.13 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-rank.glenwood.dreamhost.com
Software
Apache /
Resource Hash
70c1c21e79268dba22b3d571aa6fa47c862f7f6a533b35e9f928bf35fb274d3f

Request headers

Referer
https://www.bothsides.tv/signup.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
last-modified
Thu, 01 Oct 2020 17:42:21 GMT
server
Apache
etag
"18a4e-5b09f89c2d86b"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
100942
expires
Wed, 12 May 2021 23:23:32 GMT
MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ...
485f6f2f.sibforms.com/serve/ Frame C2A8 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://485f6f2f.sibforms.com/serve/MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ1buHLfIyNRo
Requested by
Host: www.bothsides.tv
URL: https://www.bothsides.tv/signup.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e15c1278de8df675f1e064ea1fd1db93ad0fb8667ed12fde632f039bacb961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
485f6f2f.sibforms.com
:scheme
https
:path
/serve/MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ1buHLfIyNRo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bothsides.tv/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.bothsides.tv/

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da2282a4ecef6246e5d08a8a4c34f6f1b1618269812; expires=Wed, 12-May-21 23:23:32 GMT; path=/; domain=.sibforms.com; HttpOnly; SameSite=Lax
cache-control
public, s-maxage=300
vary
Accept-Encoding
x-sib-server
SENDINBLUE-srv-pr-rancher-worker-11
x-content-type-options
nosniff
x-xss-protection
1
cf-cache-status
HIT
age
57
cf-request-id
0969feced60000073ea5a2a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63f033f7ba39073e-FRA
content-encoding
gzip
sib-styles.css
sibforms.com/forms/end-form/build/ Frame C2A8 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sibforms.com/forms/end-form/build/sib-styles.css
Requested by
Host: 485f6f2f.sibforms.com
URL: https://485f6f2f.sibforms.com/serve/MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ1buHLfIyNRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd8fcf113a7e118a756f5fa12fdc00b398e9d1ef043a12c99ebe10e86d1f49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://485f6f2f.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
800
content-length
8716
cf-request-id
0969feceea0000073e8f3c4000000001
x-sib-server
SENDINBLUE-srv-pr-rancher-worker-4
last-modified
Mon, 12 Apr 2021 08:17:37 GMT
server
cloudflare
etag
"c659-5bfc2257c0a40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
63f033f7da58073e-FRA
expires
Tue, 13 Apr 2021 03:23:32 GMT
main.js
sibforms.com/forms/end-form/build/ Frame C2A8 		569 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibforms.com/forms/end-form/build/main.js
Requested by
Host: 485f6f2f.sibforms.com
URL: https://485f6f2f.sibforms.com/serve/MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ1buHLfIyNRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76be5381cba7bb9fc08132b07a912e4bd0c4457ca4a439dbda90629202a786ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://485f6f2f.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
826
cf-request-id
0969feceea0000073eca37e000000001
x-sib-server
SENDINBLUE-srv-pr-rancher-worker-23
last-modified
Mon, 12 Apr 2021 08:17:37 GMT
server
cloudflare
etag
"8e34f-5bfc2257c0a40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1
cache-control
public, max-age=14400
cf-ray
63f033f7da5b073e-FRA
expires
Tue, 13 Apr 2021 03:23:32 GMT
elastic-apm-rum.umd.min.js
sibforms.com/forms/end-form/ Frame C2A8 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js
Requested by
Host: 485f6f2f.sibforms.com
URL: https://485f6f2f.sibforms.com/serve/MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ1buHLfIyNRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ae07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ccf428acc2d789b70dbfb8b77436c998c9a8f06f82d8e257ca7413b5db2a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://485f6f2f.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
48
content-length
18845
cf-request-id
0969feceff0000073e83973000000001
x-sib-server
SENDINBLUE-srv-pr-rancher-worker-13
last-modified
Mon, 12 Apr 2021 08:13:48 GMT
server
cloudflare
etag
"e116-5bfc217d5c700-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
63f033f7fa7b073e-FRA
expires
Tue, 13 Apr 2021 03:23:32 GMT
7529907e9eaf8ebb5220c5f9850e3811.woff2
assets.sendinblue.com/font/Roboto/Latin/normal/normal/ Frame C2A8 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.sendinblue.com/font/Roboto/Latin/normal/normal/7529907e9eaf8ebb5220c5f9850e3811.woff2
Requested by
Host: 485f6f2f.sibforms.com
URL: https://485f6f2f.sibforms.com/serve/MUIEAFgOSnbYdPLAJQFuJafapVsPcVq0BNTAgfo2T6Xhk7RgF5J6x7cwulLmjvmteZkDl-BjbsksFbtI0I8WRlDrePUQdw7rokZOWUvXV5UHbx3TbzBgROFXyusEf2x-z7mv09SzN1HzryUOo-yuamQubiCI1Ldym7qql2qkx7PB2NfMDRxByUMkmTbB_YkhUzkvQ1buHLfIyNRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:90c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92b5e0133f0825ff255fc25b29669eb647b5ed127154841f37a10a85beccf55

Request headers

Origin
https://485f6f2f.sibforms.com
Referer
https://485f6f2f.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:23:32 GMT
cf-cache-status
HIT
age
56
cf-ray
63f033f81b8f4a61-FRA
content-length
14752
x-amz-id-2
PBz0f1xoMrJ4C+iLo3L/hhKqjex6QHLfmUgjOkQ6CWvL+2iwoR4N6Aem2uhO0TK07PpCxXuAU3c=
last-modified
Mon, 01 Feb 2021 07:48:39 GMT
server
cloudflare
etag
"7529907e9eaf8ebb5220c5f9850e3811"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
914VZJG2AEWVSTV7
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-request-id
0969fecf1300004a61888a5000000001
accept-ranges
bytes
content-type
font/woff2
expires
Thu, 10 Apr 2031 23:23:32 GMT
events
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame C2A8 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Requested by
Host: sibforms.com
URL: https://sibforms.com/forms/end-form/elastic-apm-rum.umd.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.129.63.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-63-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Encoding
gzip
Referer
https://485f6f2f.sibforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://485f6f2f.sibforms.com
date
Mon, 12 Apr 2021 23:23:33 GMT
x-cloud-request-id
gFQyGkE6T2GTI_9o5G4Wkg
x-found-handling-instance
instance-0000000004
x-found-handling-cluster
596808a16dec4fc39413bf34b0a70240
content-length
0
x-content-type-options
nosniff
events
596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io/intake/v2/rum/events
Protocol
H2
Server
108.129.63.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-63-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-encoding,content-type
Origin
https://485f6f2f.sibforms.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://485f6f2f.sibforms.com
access-control-expose-headers
Etag
access-control-max-age
3600
date
Mon, 12 Apr 2021 23:23:33 GMT
vary
Origin
x-cloud-request-id
pmqP8z9_SjKcxgYDrCnpZg
x-content-type-options
nosniff
x-found-handling-cluster
596808a16dec4fc39413bf34b0a70240
x-found-handling-instance
instance-0000000003
content-length
0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| d number| yr

0 Cookies