urlscan.io logo urlscan.io
SecurityTrails logo

apidays.typeform.com Open in urlscan Pro
104.18.41.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.ynotmail.net/wf/click?upn=Cw-2BNkudDHVa4TWF6EqdXths0f9GfNg-2F6ePlkwOtisfR8ZNcw-2FqsWduB9-2FzkenFXRHx8q4dBHxAk...
Effective URL: https://apidays.typeform.com/to/HHzv6E
Submission Tags: falconsandbox
Submission: On November 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 16 HTTP transactions. The main IP is 104.18.41.163, located in and belongs to . The main domain is apidays.typeform.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2022. Valid for: a year.
This is the only time apidays.typeform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.115.56 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net
click.ynotmail.net
1    66.71.243.7 (Atlanta, United States)

ASN46562 (PERFORMIVE, US)
www.ynotmail.com
1    2606:4700:3034::ac43:b6d3 (United States)

ASN13335 (CLOUDFLARENET, US)
re.tc
1    68.67.153.53 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: one.progmxs.pxlsrv.net
one.progmxs.com
2    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
5    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
3    104.18.41.163 (None, )

ASN- ()
apidays.typeform.com
1    2600:9000:2315:3c00:9:b3c8:b180:93a1 (None, )

ASN- ()
font.typeform.com
1    2600:9000:225a:ae00:4:f6ce:61c0:93a1 (None, )

ASN- ()
renderer-assets.typeform.com
Apex Domain
Subdomains		 Transfer
5 typeform.com
apidays.typeform.com
font.typeform.com
images.typeform.com Failed
renderer-assets.typeform.com
293 KB
5 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 750
15 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 690
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 404
523 B
1 progmxs.com
one.progmxs.com — Cisco Umbrella Rank: 115372
220 B
1 re.tc
re.tc
13 KB
1 ynotmail.com
www.ynotmail.com
340 B
1 ynotmail.net
click.ynotmail.net
279 B
16 8
Domain Requested by
5 js-agent.newrelic.com re.tc
3 apidays.typeform.com re.tc
apidays.typeform.com
2 secure.adnxs.com 1 redirects re.tc
1 renderer-assets.typeform.com apidays.typeform.com
1 font.typeform.com apidays.typeform.com
1 bam.nr-data.net js-agent.newrelic.com
1 one.progmxs.com 1 redirects
1 re.tc
1 www.ynotmail.com 1 redirects
1 click.ynotmail.net 1 redirects
0 images.typeform.com Failed apidays.typeform.com
16 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-24 -
2023-05-24		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
typeform.com
Cloudflare Inc ECC CA-3		 2022-06-27 -
2023-06-26		 a year crt.sh
*.typeform.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://apidays.typeform.com/to/HHzv6E
Frame ID: 6F5D9460EDBFE4A45101B1EDC3BF823B
Requests: 14 HTTP requests in this frame

Frame: https://apidays.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667592000
Frame ID: 0BB193B5DE6A5C85020AC40C06F92866
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.ynotmail.net/wf/click?upn=Cw-2BNkudDHVa4TWF6EqdXths0f9GfNg-2F6ePlkwOtisfR8ZNcw-2FqsWduB9-... HTTP 302
    https://www.ynotmail.com/clients/link.php?M=509894272&N=252912&L=853355&F=H HTTP 302
    https://re.tc/ojsictwf Page URL
  2. https://apidays.typeform.com/to/HHzv6E Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Page Statistics

16
Requests

75 %
HTTPS

30 %
IPv6

8
Domains

11
Subdomains

8
IPs

2
Countries

322 kB
Transfer

1017 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.ynotmail.net/wf/click?upn=Cw-2BNkudDHVa4TWF6EqdXths0f9GfNg-2F6ePlkwOtisfR8ZNcw-2FqsWduB9-2FzkenFXRHx8q4dBHxAkqRRChEDTqwmZURlG1KuStuFo39rxpUciS5UhqAEyvrnhLfwiPx5nw_ssJ9vc4vUVbVwqx9l-2BbvRM-2ByH9l8F8IdZUmCT3B2MIrC5SqShiY7OriQeHcXXSQgHh0gJxU7nXipawSP4U9SEHPcVI57eCyZCufzW5cR0Ihkz7oK3SsS2F8928pUuPTiBlCuS-2BtvUgFIOIFZ-2BR-2Fs6ifH18UX5yxYRg5c0aiF03JzGeEP1r3HEGYWEL4hj-2BQlTDNkhDhXa55-2Fo-2BLQ-2BKilIpAc-2B8HYGtyhljNZHz4b6rDfZA9ARrusu0XS7ssM5ENCgEZZQY4fB-2BN-2FKVL-2B7zX2PQST-2FnF6-2FH2FHEzoDYXxgG1i7cLPCUgOd66p7eTDmL-2Fl HTTP 302
    https://www.ynotmail.com/clients/link.php?M=509894272&N=252912&L=853355&F=H HTTP 302
    https://re.tc/ojsictwf Page URL
  2. https://apidays.typeform.com/to/HHzv6E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://click.ynotmail.net/wf/click?upn=Cw-2BNkudDHVa4TWF6EqdXths0f9GfNg-2F6ePlkwOtisfR8ZNcw-2FqsWduB9-2FzkenFXRHx8q4dBHxAkqRRChEDTqwmZURlG1KuStuFo39rxpUciS5UhqAEyvrnhLfwiPx5nw_ssJ9vc4vUVbVwqx9l-2BbvRM-2ByH9l8F8IdZUmCT3B2MIrC5SqShiY7OriQeHcXXSQgHh0gJxU7nXipawSP4U9SEHPcVI57eCyZCufzW5cR0Ihkz7oK3SsS2F8928pUuPTiBlCuS-2BtvUgFIOIFZ-2BR-2Fs6ifH18UX5yxYRg5c0aiF03JzGeEP1r3HEGYWEL4hj-2BQlTDNkhDhXa55-2Fo-2BLQ-2BKilIpAc-2B8HYGtyhljNZHz4b6rDfZA9ARrusu0XS7ssM5ENCgEZZQY4fB-2BN-2FKVL-2B7zX2PQST-2FnF6-2FH2FHEzoDYXxgG1i7cLPCUgOd66p7eTDmL-2Fl HTTP 302
  • https://www.ynotmail.com/clients/link.php?M=509894272&N=252912&L=853355&F=H HTTP 302
  • https://re.tc/ojsictwf
Request Chain 1
  • https://one.progmxs.com/seg?add=17761909&t=2 HTTP 302
  • https://secure.adnxs.com/seg?add=17761909&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17761909%26t%3D2

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ojsictwf
re.tc/
Redirect Chain
  • http://click.ynotmail.net/wf/click?upn=Cw-2BNkudDHVa4TWF6EqdXths0f9GfNg-2F6ePlkwOtisfR8ZNcw-2FqsWduB9-2FzkenFXRHx8q4dBHxAkqRRChEDTqwmZURlG1KuStuFo39rxpUciS5UhqAEyvrnhLfwiPx5nw_ssJ9vc4vUVbVwqx9l-2Bb...
  • https://www.ynotmail.com/clients/link.php?M=509894272&N=252912&L=853355&F=H
  • https://re.tc/ojsictwf
34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f636d00d616d01e0cbf93b3b8fb37fcc3e1b36115419a6c380c66c1acdb54ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7650815e0f149b69-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 04 Nov 2022 21:39:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Moyg76wVxw36EI5LQayUgOeVobie8S%2FhoQSrQzrxoK2U6wprZQ93AqpnJZmLXNNRiM0y8LtYaaw%2FoJ1AXAPBIC4w4%2FuwGzfwhkLRss%2Fh6OcwZTGP5NvQK8IkqDfesnNCHVNmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 vegur
x-content-type-options
nosniff
x-request-id
5db4fdac-f97e-4444-a450-012a4e3c58ad
x-runtime
0.017337
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 04 Nov 2022 21:39:57 GMT
Keep-Alive
timeout=20
Location
https://re.tc/ojsictwf
Server
nginx
Strict-Transport-Security
max-age=10886400; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
bounce
secure.adnxs.com/
Redirect Chain
  • https://one.progmxs.com/seg?add=17761909&t=2
  • https://secure.adnxs.com/seg?add=17761909&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17761909%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17761909%26t%3D2
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://re.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Nov 2022 21:39:58 GMT
AN-X-Request-Uuid
e260ddc7-4fc5-43ea-9ab8-76a812a7f801
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 04 Nov 2022 21:39:58 GMT
AN-X-Request-Uuid
484d70cb-ce44-45c7-b4db-5ae7f740c4a2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17761909%26t%3D2
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
552.2d6a2503-1220.js
js-agent.newrelic.com/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://re.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding
gzip
via
1.1 varnish
date
Fri, 04 Nov 2022 21:39:58 GMT
x-amz-request-id
13XVKPVJK07DY7NP
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5890
x-amz-id-2
RK3xDHl9D7sdk2TaK1/Lk+oqyVYkdE9vVHlfn37J/bOqV73n1eyv0MGsGxBsfqicIVQMgZBjybI=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 05 Oct 2022 14:53:43 GMT
server
AmazonS3
x-timer
S1667597999.973718,VS0,VE0
etag
"777ac0df4dba632ad1b2955c88dd51ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
153
290.2d6a2503-1220.js
js-agent.newrelic.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://re.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding
gzip
via
1.1 varnish
date
Fri, 04 Nov 2022 21:39:59 GMT
x-amz-request-id
BN22F669EMTSKFHW
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3424
x-amz-id-2
uVPGBf80zKp7P4CzYXGiq9YdclTkd6ou8GhfLPXx5rxUW0nEDImO3Vc682nluPJl2YJLifGN5ng=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 05 Oct 2022 14:53:42 GMT
server
AmazonS3
x-timer
S1667597999.018812,VS0,VE0
etag
"13898fbb4d7a1f83fc6722c4c12faf40"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
77
368.2d6a2503-1220.js
js-agent.newrelic.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://re.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding
gzip
via
1.1 varnish
date
Fri, 04 Nov 2022 21:39:59 GMT
x-amz-request-id
46YYV1DD9HC2K5XK
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1443
x-amz-id-2
YkGs2zbnEAfnJGDzD6GKTZETX/x3o2zjIq+sp4SZrsr++eaVuE3vhId17DeeAIb8kAQs0S2Tfas=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 05 Oct 2022 14:53:42 GMT
server
AmazonS3
x-timer
S1667597999.019725,VS0,VE0
etag
"16b4f3676c3859e1378a2ccdebbad675"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
137
768.2d6a2503-1220.js
js-agent.newrelic.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://re.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding
gzip
via
1.1 varnish
date
Fri, 04 Nov 2022 21:39:59 GMT
x-amz-request-id
NCS9RY4MKNH0MEZ6
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2225
x-amz-id-2
pmLpeRYOgRF8NGYtqELlPNhkMNhxCmeLmFxHMSiWdqr6vPl9xkjwajsnevYO4/aTRO5bS/vuKBE=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 05 Oct 2022 14:53:42 GMT
server
AmazonS3
x-timer
S1667597999.019962,VS0,VE0
etag
"d6cc8b42eda6fd7734014b03b87b5787"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
114
775.2d6a2503-1220.js
js-agent.newrelic.com/ 		1 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://re.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding
gzip
via
1.1 varnish
date
Fri, 04 Nov 2022 21:39:59 GMT
x-amz-request-id
G5M6WCCXVXBH6QPG
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
632
x-amz-id-2
V8y/74c2s+Aph0Rj37JQ9wnYKn4Ktglpc6qUTGmx7LxHENAHUKHu0kF8ruFpr2/hEv/0Xs9rhWM=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 05 Oct 2022 14:53:42 GMT
server
AmazonS3
x-timer
S1667597999.019942,VS0,VE0
etag
"1dfdb74c0491489bf04c6deadb56add2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
136
8cc64a7907
bam.nr-data.net/1/ 		49 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8cc64a7907?a=6686660&v=1220.PROD&to=Jl4MRRBbWggDERpHUwFYEFQBQBkXDgxC&rst=2967&ck=0&s=7815514e5fed7448&ref=https://re.tc/ojsictwf&qt=3&ap=17&be=2213&fe=580&dc=4&perf=%7B%22timing%22:%7B%22of%22:1667597996079,%22n%22:0,%22f%22:1519,%22dn%22:1520,%22dne%22:1587,%22c%22:1587,%22s%22:1624,%22ce%22:1668,%22rq%22:1668,%22rp%22:2131,%22rpe%22:2211,%22dl%22:2134,%22di%22:2217,%22ds%22:2217,%22de%22:2217,%22dc%22:2792,%22l%22:2792,%22le%22:2795%7D,%22navigation%22:%7B%7D%7D&fp=2226&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://re.tc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 04 Nov 2022 21:39:59 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
76508166abb69079-FRA
Primary Request HHzv6E
apidays.typeform.com/to/ 		146 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apidays.typeform.com/to/HHzv6E
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.163 -, , ASN (),
Reverse DNS
Software
cloudflare / 7374-6.24.9
Resource Hash
2670f99b9239c6ee4c25f3beb85d6ff176fe81053e0c7cce4f600ab1d466d00a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://re.tc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers
Location, X-Request-Id
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
76508174e9ee9b71-FRA
content-encoding
gzip
content-security-policy-report-only
report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type
text/html; charset=utf-8
date
Fri, 04 Nov 2022 21:40:01 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm3m5dRMq3l0tf0s62u8Vqyl%2F1ALPIx0sNoCs%2BYf8%2BzxYdekf9H%2BEMJ25E8hYgio4%2FV%2BBbcOG6Lleha3d2QlTohmKtov%2Bqt%2B17AQPdg3YGaz4xaADTDBRhQdsmvKKf6ZkP6ybx%2BH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
MISS
x-cache-lookup
HIT
x-envoy-upstream-service-time
100
x-powered-by
7374-6.24.9
x-varnish
81104394
8cc64a7907
bam.nr-data.net/jserrors/1/ 		0
0
8cc64a7907
bam.nr-data.net/events/1/ 		0
0
index.css
font.typeform.com/dist/google/karla/ 		1 KB
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://font.typeform.com/dist/google/karla/index.css
Requested by
Host: apidays.typeform.com
URL: https://apidays.typeform.com/to/HHzv6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:3c00:9:b3c8:b180:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7159665d46932ea05eeb92e0973a5b629050e6b896f7535c5048e46ce7cf5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apidays.typeform.com/to/HHzv6E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 01:27:44 GMT
x-amz-version-id
4FZVvbPlgSG5PUEOWewtwaAnyNCVPDma
content-encoding
gzip
via
1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
159139
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 08 Jul 2022 07:39:50 GMT
server
AmazonS3
etag
W/"04f4e733e7bee3187fbea23840392dee"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=432000
x-amz-cf-id
PsAGjZu_WjLuoL2MowGkUSh2rPSKyp_2XTPlil5NMnBBl8qWZn_OoA==
large
images.typeform.com/images/VsMwGGWHrJnC/background/ 		0
0
modern-renderer.89df2b24b0cbb9c54913.js
renderer-assets.typeform.com/ 		741 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-renderer.89df2b24b0cbb9c54913.js
Requested by
Host: apidays.typeform.com
URL: https://apidays.typeform.com/to/HHzv6E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:ae00:4:f6ce:61c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://apidays.typeform.com/to/HHzv6E
Origin
https://apidays.typeform.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
IINj7cpR9ASsXcqJrNR5C478HtNJoksZ
content-encoding
gzip
via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
date
Fri, 04 Nov 2022 09:05:10 GMT
x-amz-cf-pop
TXL50-P1
age
45293
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 02 Nov 2022 14:14:48 GMT
server
AmazonS3
etag
W/"ac6e0952e7a3d1b5660357df4266bb91"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
max-age=2419200
x-amz-cf-id
-QvzNkuWsrDdBnuT0AtWXpo5w-N9t4Wuvi4UJYfJwBetg5aV5dkHkA==
invisible.js
apidays.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0BB1 		36 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apidays.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1667592000
Requested by
Host: re.tc
URL: https://re.tc/ojsictwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.163 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
94ec7f3f17cd3cec0e94f26034bb676424cbe50c2d0f56225037e58b26d9ac83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:40:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPK4HsYrGklFsPZ9dvLbt0HKTE7QRXgMkgAb3lFUPYJSIefrrLlzwTGJ%2BLcc73UBA6%2FKOFJ6FoesidxfC0T9t58TJbt7Tt3RnQ57DR2KwQJoAbCEKywvssuBsDh4a5pwohM0XNZ9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7650817a4d719b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
apidays.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0BB1 		19 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://apidays.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: apidays.typeform.com
URL: https://apidays.typeform.com/to/HHzv6E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.163 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fefbab0fac20427c201ca5e5e7b1b7f142bee1167d3ef5902c74561632ddc400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:40:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjmbcOnjjV1ekQwr42gF1%2FUFaso5bZ1aBihTAC8jfXO0lTbsZsjDrntkUGa2jUrtjvFaGcPYHr%2BhIEJLVpQ8gSeyqGu6gXOFct8u27HTbIEy%2F0lk9gTV%2FS7JZ6T6054kSEH75ite"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7650817b5c8e929c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/8cc64a7907?a=6686660&v=1220.PROD&to=Jl4MRRBbWggDERpHUwFYEFQBQBkXDgxC&rst=5902&ck=0&s=7815514e5fed7448&ref=https://re.tc/ojsictwf
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/8cc64a7907?a=6686660&v=1220.PROD&to=Jl4MRRBbWggDERpHUwFYEFQBQBkXDgxC&rst=5903&ck=0&s=7815514e5fed7448&ref=https://re.tc/ojsictwf
Domain
images.typeform.com
URL
https://images.typeform.com/images/VsMwGGWHrJnC/background/large

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

4 Cookies

Domain/Path Name / Value
re.tc/ Name: campaigns
Value: %FF%1E%40%055%24%AD%12-%81h%28%24%DBO%F0
re.tc/ Name: _retarget-links_session
Value: NzM1U1hwVXNIWUR3VHB2WDNSUEI4RXhKc1V6ZUJRYmhUcEJxNmpDL3JRZjRzMHh4QmUzZlN2RCt0VWxGQWpxSEJFaXQzWXF0N3Fva0ZFRG1SeVZtUWx6KzdIL0ZVOVNFTHpyaUNjd3c2UzA9LS1oU3FaczdDTkxodTVRZ3VLdEt5aTVnPT0%3D--3063c88ed09a7d7e8ae935a230680ef048576998
.adnxs.com/ Name: uuid2
Value: 8940342313563788958
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E>7jxcK@!]tbP6j2F-XstGt!@DR2$cCAP

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block