URL: https://accountsbeta.goformz.com/
Submission: On April 26 via automatic, source certstream-suspicious

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 18 HTTP transactions. The main IP is 104.214.20.1, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is accountsbeta.goformz.com.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 28th 2020. Valid for: a year.
This is the only time accountsbeta.goformz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.214.20.1 8075 (MICROSOFT...)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.111.234.67 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 1 3.248.28.111 16509 (AMAZON-02)
1 54.154.106.202 16509 (AMAZON-02)
1 52.203.100.2 14618 (AMAZON-AES)
18 11
Domain Requested by
5 s.adroll.com 1 redirects accountsbeta.goformz.com
s.adroll.com
4 accountsbeta.goformz.com accountsbeta.goformz.com
2 munchkin.marketo.net accountsbeta.goformz.com
munchkin.marketo.net
2 ssl.google-analytics.com 1 redirects accountsbeta.goformz.com
2 fonts.googleapis.com accountsbeta.goformz.com
cdn.jsdelivr.net
1 nextroll.com
1 d.adroll.com
1 d.adroll.mgr.consensu.org 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net accountsbeta.goformz.com
1 cdn.jsdelivr.net accountsbeta.goformz.com
18 11

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft RSA TLS CA 01
2020-09-28 -
2021-09-28
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-04-26 -
2022-03-26
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2021-03-29 -
2022-04-06
a year crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
adroll.com
R3
2021-03-30 -
2021-06-28
3 months crt.sh
adroll.mgr.consensu.org
Amazon
2020-10-08 -
2021-11-07
a year crt.sh
nextroll.com
R3
2021-03-21 -
2021-06-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://accountsbeta.goformz.com/
Frame ID: 920E2813B11EFA8F7987CA723B40C80E
Requests: 18 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+semantic(?:\.min)\.css"/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /munchkin\.marketo\.net\/munchkin\.js/i

Page Statistics

18
Requests

78 %
HTTPS

58 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

492 kB
Transfer

1912 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1501231552&utmhn=accountsbeta.goformz.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GoFormz%20-%20Login&utmhid=26708917&utmr=-&utmp=%2F&utmht=1619474895645&utmac=UA-28255181-1&utmcc=__utma%3D142417316.1670197906.1619474896.1619474896.1619474896.1%3B%2B__utmz%3D142417316.1619474896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=952638896&utmredir=1&utmu=qBAAACAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28255181-1&cid=1670197906.1619474896&jid=952638896&_v=5.7.2&z=1501231552
Request Chain 12
  • https://s.adroll.com/j/exp/JKRGNHO45VEE5PS4IRQCLD/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 14
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/JKRGNHO45VEE5PS4IRQCLD?_s=751063b015be581e13b60b3b11914c3c&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/JKRGNHO45VEE5PS4IRQCLD/?_s=751063b015be581e13b60b3b11914c3c&_b=2

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
accountsbeta.goformz.com/
5 KB
3 KB
Document
General
Full URL
https://accountsbeta.goformz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.214.20.1 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af89e5994259c650ac5601bcd51693633d18bbdb04aac0d602ff323abc28db8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; preload

Request headers

Host
accountsbeta.goformz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Transfer-Encoding
chunked
Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:31:24 GMT
Accept-Ranges
bytes
ETag
"1d70a22da65e4cc"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Request-Context
appId=cid-v1:8e3f11f8-7ec7-4a08-a902-fbc82f84d862
Strict-Transport-Security
max-age=5184000; preload
X-Powered-By
ASP.NET
Date
Mon, 26 Apr 2021 22:08:15 GMT
semantic.min.css
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/
614 KB
101 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6563339
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
103066
etag
W/"99738-xBtVnjRc5piOJZyFKbhk0QxxYOQ"
x-served-by
cache-fra19145-FRA, cache-hhn4076-HHN
date
Mon, 26 Apr 2021 22:08:15 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css2
fonts.googleapis.com/
8 KB
742 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;1,400;1,600&display=swap
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aefdc60009c8ab15bfa8a03906d00102d1f104b57fb2b8696157c24c537d4ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 22:08:15 GMT
server
ESF
date
Mon, 26 Apr 2021 22:08:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 22:08:15 GMT
main.77bf1048.chunk.css
accountsbeta.goformz.com/static/css/
17 KB
5 KB
Stylesheet
General
Full URL
https://accountsbeta.goformz.com/static/css/main.77bf1048.chunk.css
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.214.20.1 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e5980816e94d81ede049cb5a07b5901827605619809bbf8c69a1a2c215cb692
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
accountsbeta.goformz.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://accountsbeta.goformz.com/
Connection
keep-alive
Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=5184000; preload
Content-Encoding
gzip
ETag
"1d70a22da65b307"
Last-Modified
Tue, 23 Feb 2021 20:31:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Mon, 26 Apr 2021 22:08:15 GMT
Request-Context
appId=cid-v1:8e3f11f8-7ec7-4a08-a902-fbc82f84d862
2.5bcd4393.chunk.js
accountsbeta.goformz.com/static/js/
697 KB
248 KB
Script
General
Full URL
https://accountsbeta.goformz.com/static/js/2.5bcd4393.chunk.js
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.214.20.1 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
76dc0b52ec1ba117a2cde286a3b194d8f5adc6e0f0bfb90eb0d57a8b92bc66e4
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
accountsbeta.goformz.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://accountsbeta.goformz.com/
Connection
keep-alive
Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=5184000; preload
Content-Encoding
gzip
ETag
"1d70a22da6f1535"
Last-Modified
Tue, 23 Feb 2021 20:31:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Mon, 26 Apr 2021 22:08:15 GMT
Request-Context
appId=cid-v1:8e3f11f8-7ec7-4a08-a902-fbc82f84d862
main.ca06ffa5.chunk.js
accountsbeta.goformz.com/static/js/
45 KB
14 KB
Script
General
Full URL
https://accountsbeta.goformz.com/static/js/main.ca06ffa5.chunk.js
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.214.20.1 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
09afa1169dac9f41f7361105076c23e4a3c990d18376bf63aeda8db435fc98b6
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
accountsbeta.goformz.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://accountsbeta.goformz.com/
Connection
keep-alive
Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=5184000; preload
Content-Encoding
gzip
ETag
"1d70a22da654514"
Last-Modified
Tue, 23 Feb 2021 20:31:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Mon, 26 Apr 2021 22:08:15 GMT
Request-Context
appId=cid-v1:8e3f11f8-7ec7-4a08-a902-fbc82f84d862
css
fonts.googleapis.com/
3 KB
457 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.jsdelivr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 21:23:14 GMT
server
ESF
date
Mon, 26 Apr 2021 22:08:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 22:08:15 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6843
date
Mon, 26 Apr 2021 20:14:12 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 26 Apr 2021 22:14:12 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1501231552&utmhn=accountsbeta.goformz.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28255181-1&cid=1670197906.1619474896&jid=952638896&_v=5.7.2&z=1501231552
35 B
113 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28255181-1&cid=1670197906.1619474896&jid=952638896&_v=5.7.2&z=1501231552
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Apr 2021 22:08:15 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 22:08:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28255181-1&cid=1670197906.1619474896&jid=952638896&_v=5.7.2&z=1501231552
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3200b4fbd5f5164830fb4d1918ca1e080c7c24604f90e05a6e95e3a4d4305963

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 22:08:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Apr 2021 01:33:39 GMT
Server
AkamaiNetStorage
ETag
"cf28dcd62414fc8651ebe7ee71a78f43:1619141619.210294"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
764
munchkin.js
munchkin.marketo.net/159/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 22:08:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Wed, 04 Aug 2021 22:08:15 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/
22 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://accountsbeta.goformz.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 01:32:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
592573
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Wed, 20 Apr 2022 01:32:03 GMT
roundtrip.js
s.adroll.com/j/
41 KB
13 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: accountsbeta.goformz.com
URL: https://accountsbeta.goformz.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RbvMQlISgmBBsnMKx1p.bqgidE6ZF3W8
Content-Encoding
gzip
ETag
"4748055dbdd5649bb8f3f2a9b89f85b1"
x-amz-request-id
0TYC7TY00BPM4X39
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
12978
x-amz-id-2
xC3iFrWUEgHG0SuvuCH6nQBOaU1a4splR14HQ6mRp3SvQuveQvqOiaFUYYgTfWzs3RoZtaGAtsk=
Last-Modified
Wed, 14 Apr 2021 13:35:10 GMT
Server
AmazonS3
Date
Mon, 26 Apr 2021 22:08:16 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/JKRGNHO45VEE5PS4IRQCLD/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
A6E4D842C4F3666B
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified
Tue, 19 Jan 2021 16:25:36 GMT
Server
AmazonS3
Date
Mon, 26 Apr 2021 22:08:16 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Mon, 26 Apr 2021 22:08:16 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/JKRGNHO45VEE5PS4IRQCLD/G3LCCHIRHVE5PIDMMMEZZR/
4 KB
2 KB
Script
General
Full URL
https://s.adroll.com/j/pre/JKRGNHO45VEE5PS4IRQCLD/G3LCCHIRHVE5PIDMMMEZZR/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DmCrCA2imuky7wfXdLsQihOuUemjcFLX
Content-Encoding
gzip
ETag
"33ed216ef4569e95a97e55fb39d91d38"
x-amz-request-id
VFKFPQ9D5RZC47S6
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1800
x-amz-id-2
XO6+/HbyWHIIBT5ueM9CBkRSQuyyYdbwMl9frjsxrE1tC/2+GV+KkcLWrqf217ccXjCnTdmjqA4=
Last-Modified
Mon, 26 Apr 2021 00:36:04 GMT
Server
AmazonS3
Date
Mon, 26 Apr 2021 22:08:16 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/JKRGNHO45VEE5PS4IRQCLD/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/JKRGNHO45VEE5PS4IRQCLD?_s=751063b015be581e13b60b3b11914c3c&_b=2
  • https://d.adroll.com/consent/check/JKRGNHO45VEE5PS4IRQCLD/?_s=751063b015be581e13b60b3b11914c3c&_b=2
385 B
478 B
Script
General
Full URL
https://d.adroll.com/consent/check/JKRGNHO45VEE5PS4IRQCLD/?_s=751063b015be581e13b60b3b11914c3c&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.106.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
abb06fa18df4e03b8638c5e27cd65aded7e5b9e63062c491adf00e7f7f497e17

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 22:08:16 GMT
server
nginx/1.18.0
content-length
385
content-type
application/javascript

Redirect headers

location
https://d.adroll.com/consent/check/JKRGNHO45VEE5PS4IRQCLD/?_s=751063b015be581e13b60b3b11914c3c&_b=2
date
Mon, 26 Apr 2021 22:08:16 GMT
server
nginx/1.18.0
content-length
105
consent_tcfv2.js
s.adroll.com/j/
397 KB
55 KB
Script
General
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding
gzip
ETag
"1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id
A69171E1B091337A
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
55575
x-amz-id-2
yoIlukz3YEvOBK1HxwlkbNJJLFooR6oknblZSheWVr9zxlfX0UE6Ma9blKUgz71LTXOgFW39Yjs=
Last-Modified
Mon, 07 Dec 2020 23:59:35 GMT
Server
AmazonS3
Date
Mon, 26 Apr 2021 22:08:16 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
favicon-32x32.png
nextroll.com/
2 KB
2 KB
Image
General
Full URL
https://nextroll.com/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.100.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-100-2.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer
https://accountsbeta.goformz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 22:08:17 GMT
Via
1.1 vegur
Last-Modified
Thu, 22 Apr 2021 18:59:50 GMT
Server
Apache
Etag
"64f-5c09448a4b580"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1615

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| analytics object| _gaq object| _gat object| gaGlobal string| adroll_adv_id string| adroll_pix_id object| webpackJsonp function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| __adroll_loaded string| adroll_sid object| dataLayer object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list function| __cmp function| __tcfapi object| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild

5 Cookies

Domain/Path Name / Value
.goformz.com/ Name: __utmt
Value: 1
.goformz.com/ Name: __utmb
Value: 142417316.1.10.1619474896
.goformz.com/ Name: __utmc
Value: 142417316
.goformz.com/ Name: __utmz
Value: 142417316.1619474896.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.goformz.com/ Name: __utma
Value: 142417316.1670197906.1619474896.1619474896.1619474896.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=5184000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accountsbeta.goformz.com
cdn.jsdelivr.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
munchkin.marketo.net
nextroll.com
s.adroll.com
ssl.google-analytics.com
stats.g.doubleclick.net
104.111.234.67
104.214.20.1
2a00:1450:4001:803::200a
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c0c::9d
2a02:26f0:6c00::210:baab
2a04:4e42:1b::621
3.248.28.111
52.203.100.2
54.154.106.202
09afa1169dac9f41f7361105076c23e4a3c990d18376bf63aeda8db435fc98b6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
3200b4fbd5f5164830fb4d1918ca1e080c7c24604f90e05a6e95e3a4d4305963
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4e5980816e94d81ede049cb5a07b5901827605619809bbf8c69a1a2c215cb692
5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124
76dc0b52ec1ba117a2cde286a3b194d8f5adc6e0f0bfb90eb0d57a8b92bc66e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
abb06fa18df4e03b8638c5e27cd65aded7e5b9e63062c491adf00e7f7f497e17
aefdc60009c8ab15bfa8a03906d00102d1f104b57fb2b8696157c24c537d4ad4
af89e5994259c650ac5601bcd51693633d18bbdb04aac0d602ff323abc28db8a
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52