urlscan.io logo urlscan.io
SecurityTrails logo

www.recoverways.com Open in urlscan Pro
216.24.57.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://recoverways.com/
Effective URL: https://www.recoverways.com/
Submission: On March 15 via automatic, source certstream-suspicious — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 16 HTTP transactions. The main IP is 216.24.57.3, located in Sweden and belongs to RENDER, US. The main domain is www.recoverways.com.
TLS certificate: Issued by R3 on January 14th 2023. Valid for: 3 months.
This is the only time www.recoverways.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.24.57.253 397273 (RENDER)
5 216.24.57.3 397273 (RENDER)
1 146.75.118.208 54113 (FASTLY)
2 185.59.220.18 60068 (CDN77 ^_^)
2 104.21.15.207 13335 (CLOUDFLAR...)
3 138.199.37.227 60068 (CDN77 ^_^)
2 151.101.193.26 54113 (FASTLY)
1 138.199.37.232 60068 (CDN77 ^_^)
16 7
1    216.24.57.253 (Sweden)

ASN397273 (RENDER, US)
recoverways.com
5    216.24.57.3 (Sweden)

ASN397273 (RENDER, US)
www.recoverways.com
1    146.75.118.208 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
images.unsplash.com
2    185.59.220.18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 809075600.fra.cdn77.com
web-sdk.smartlook.com
2    104.21.15.207 (None, )

ASN13335 (CLOUDFLARENET, US)
embed.reform.app
forms.reform.app
3    138.199.37.227 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-227.bunnyinfra.net
assets.reform.app
2    151.101.193.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    138.199.37.232 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-232.bunnyinfra.net
stingray.reform.app
Apex Domain
Subdomains		 Transfer
6 reform.app
embed.reform.app
forms.reform.app
assets.reform.app
stingray.reform.app
276 KB
6 recoverways.com
recoverways.com
www.recoverways.com
111 KB
2 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1307
809 B
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 22804
17 KB
1 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 4086
176 KB
16 5
Domain Requested by
5 www.recoverways.com www.recoverways.com
3 assets.reform.app forms.reform.app
assets.reform.app
2 polyfill.io forms.reform.app
2 web-sdk.smartlook.com www.recoverways.com
web-sdk.smartlook.com
1 stingray.reform.app forms.reform.app
1 forms.reform.app embed.reform.app
1 embed.reform.app www.recoverways.com
1 images.unsplash.com www.recoverways.com
1 recoverways.com 1 redirects
16 9

This site contains no links.

Subject Issuer Validity Valid
www.recoverways.com
R3		 2023-01-14 -
2023-04-14		 3 months crt.sh
images.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-12 -
2024-04-12		 a year crt.sh
1688964705.rsc.cdn77.org
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
*.reform.app
GTS CA 1P5		 2023-01-26 -
2023-04-26		 3 months crt.sh
assets.reform.app
R3		 2023-02-04 -
2023-05-05		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
stingray.reform.app
R3		 2023-01-29 -
2023-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.recoverways.com/
Frame ID: D6CA90D8D680813FF3088445936FBBBD
Requests: 9 HTTP requests in this frame

Frame: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh
Frame ID: 117038558C5A7C4B71240064E1F17747
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RecoverWays

Page URL History Show full URLs

  1. https://recoverways.com/ HTTP 301
    https://www.recoverways.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

7
IPs

4
Countries

580 kB
Transfer

1531 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://recoverways.com/ HTTP 301
    https://www.recoverways.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.recoverways.com/
Redirect Chain
  • https://recoverways.com/
  • https://www.recoverways.com/
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recoverways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.3 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7f5bcae483aee96b645b242a584ffbb557a4351cbef18d459728f411ba9e57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=300
cache-tag
srv-cermdqen6mpk51988vs0
cf-cache-status
DYNAMIC
cf-ray
7a808c18cc321695-ARN
cloudflare-cdn-cache-control
public, max-age=300
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 15 Mar 2023 00:12:52 GMT
etag
W/"dac7f1020afda8b462208975cc527122"
last-modified
Sat, 11 Feb 2023 00:33:55 UTC
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a808c145bc72d62-ARN
content-length
63
content-type
text/html; charset=utf-8
date
Wed, 15 Mar 2023 00:12:51 GMT
location
https://www.recoverways.com/
server
cloudflare
vary
Accept-Encoding
index.cd2175df.js
www.recoverways.com/assets/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recoverways.com/assets/index.cd2175df.js
Requested by
Host: www.recoverways.com
URL: https://www.recoverways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.3 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6045b935e0b195945f077d92fd193effbeb0c0d4c15dbdc1e1931c6250ec54b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.recoverways.com/
Origin
https://www.recoverways.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 11 Feb 2023 00:33:56 UTC
server
cloudflare
etag
W/"e0a6e7add38a9f8a4b6e440c7b8134ca"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-tag
srv-cermdqen6mpk51988vs0
cache-control
public, max-age=0, s-maxage=300
cf-ray
7a808c1c9d2d1695-ARN
cloudflare-cdn-cache-control
public, max-age=300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendor.78c73341.js
www.recoverways.com/assets/ 		245 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recoverways.com/assets/vendor.78c73341.js
Requested by
Host: www.recoverways.com
URL: https://www.recoverways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.3 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e83bb187729a4a11528a4284f5cede65a549f7cd267fa0c8ee6288dbcd63493
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.recoverways.com/
Origin
https://www.recoverways.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 11 Feb 2023 00:33:55 UTC
server
cloudflare
etag
W/"66b8be43d94f8c1e3e6b54ec2ac2feb1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-tag
srv-cermdqen6mpk51988vs0
cache-control
public, max-age=0, s-maxage=300
cf-ray
7a808c1c9d2f1695-ARN
cloudflare-cdn-cache-control
public, max-age=300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.8f8ec780.css
www.recoverways.com/assets/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.recoverways.com/assets/index.8f8ec780.css
Requested by
Host: www.recoverways.com
URL: https://www.recoverways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.3 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da57a4c5f94a3eaea8be435d93b279b3af30f2d7f95bf26c002cfba188560822
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.recoverways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 11 Feb 2023 00:33:55 UTC
server
cloudflare
etag
W/"3af23d92145f7852c0da3d254f668890"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-tag
srv-cermdqen6mpk51988vs0
cache-control
public, max-age=0, s-maxage=300
cf-ray
7a808c1c9d2e1695-ARN
cloudflare-cdn-cache-control
public, max-age=300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon.93651502.png
www.recoverways.com/assets/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.recoverways.com/assets/icon.93651502.png
Requested by
Host: www.recoverways.com
URL: https://www.recoverways.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.24.57.3 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93651502a2798e8f49e4a8d785f5b5c3b94a15a8db6f8752d337e9bec41e3ef3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.recoverways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:53 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 11 Feb 2023 00:33:56 UTC
server
cloudflare
etag
"1e0f9f1c214c6f83b22a620114630f49"
vary
Accept-Encoding
content-type
image/png
cache-tag
srv-cermdqen6mpk51988vs0
cache-control
public, max-age=0, s-maxage=300
cf-ray
7a808c1cfd4e1695-ARN
cloudflare-cdn-cache-control
public, max-age=300
content-length
14444
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
photo-1541976844346-f18aeac57b06
images.unsplash.com/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1541976844346-f18aeac57b06?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwzNTI4Mzh8MHwxfGFsbHx8fHx8fHx8fDE2NzQ2ODE2NjU&ixlib=rb-4.0.3&q=80&w=1080
Requested by
Host: www.recoverways.com
URL: https://www.recoverways.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1bfd26c081452a1042e1657b3b03e910cb08724fe52e278ae952769e5de97838
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.recoverways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:52 GMT
x-content-type-options
nosniff
age
4782843
x-cache
HIT, HIT
x-imgix-id
0156eb8f760ceb2b821adfdf994a9e279b37a4bc
cross-origin-resource-policy
cross-origin
content-length
179283
x-served-by
cache-sjc10074-SJC, cache-fra-eddf8230090-FRA
x-imgix-render-farm
01.1096
last-modified
Wed, 18 Jan 2023 15:38:49 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
recorder.js
web-sdk.smartlook.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.recoverways.com
URL: https://www.recoverways.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
809075600.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
7d1b5c76eef3148ace086022708bf24214e9c02a1d3664b11634b71b7611d8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.recoverways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 15 Mar 2023 00:12:52 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
461
x-77-nzt
Abk73BDoC5b/zQEAAA
x-accel-expires
@1678839311
last-modified
Thu, 09 Mar 2023 15:00:09 GMT
server
CDN77-Turbo
etag
W/"6409f479-c4a"
x-77-nzt-ray
90833930e2d46121840d11641d264731
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
init.aa7ffdce9b9138dff07a.js
web-sdk.smartlook.com/es6/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.aa7ffdce9b9138dff07a.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
809075600.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f098275e8915aec8016b5a995b98cc9356ccf4e778ba330150ba6b7cc01fe78d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.recoverways.com/
Origin
https://www.recoverways.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 15 Mar 2023 00:12:52 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
462661
x-77-nzt
Abk73BAOnWj/RQ8HAA
x-accel-expires
@1709912511
last-modified
Thu, 09 Mar 2023 15:00:09 GMT
server
CDN77-Turbo
etag
W/"6409f479-d787"
x-77-nzt-ray
9083393057d7d922840d1164ef6dba39
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
embed.js
embed.reform.app/v1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.reform.app/v1/embed.js
Requested by
Host: www.recoverways.com
URL: https://www.recoverways.com/assets/index.cd2175df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8799a782417998d9f08aaae5d2409ccd7949fe95d77bc7beec834681c9170a58

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.recoverways.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id
01GVE9J1F9HQPZ7SRKWNSC547D
date
Wed, 15 Mar 2023 00:12:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-polished
origSize=2449
etag
W/"cd5b6d4cf03f6ba356a88b596859c116-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3NHsI4LeeObZS3jhMnMCsuCDnKomjCkwQa5yFG%2F5GqxSQBPxZwaRWA0YXp1EqiA9E8Q8zkacutr67IRjalUUg0hSQ6Czw4AYMlYm0ZtoRB0nEF0fXMJNc9ze2twZsuv7s4l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
7a808c23db5d35ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
s1rdlh
forms.reform.app/SWPP1X/get-handbook/ Frame 1170 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.reform.app/SWPP1X/get-handbook/s1rdlh
Requested by
Host: embed.reform.app
URL: https://embed.reform.app/v1/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714288be23de0926231fbd6a9fb9cb06cdc158fa630c1ee2967f86c3e36e4cba

Request headers

Referer
https://www.recoverways.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a808c254c3c35ea-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 15 Mar 2023 00:12:54 GMT
last-modified
Wed, 15 Mar 2023 00:12:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKIkDzoqOrc7Zf21sSxIinkhHOe5w9KM1b%2Fndr6lapZPJrOfUet8l0n61tnwkXibCx3MVpVI5RBU46SZDmkb%2FN8ZeVezzi8DuYyIJOQOZpCCL7Ctaw%2FdQjau5YJl6325HXDT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
5671b30c-e6a4-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
app.css
assets.reform.app/bbc55f6/css/ Frame 1170 		70 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.reform.app/bbc55f6/css/app.css?id=23a888c6ebdb0a4ae7ece869564d782e
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-227.bunnyinfra.net
Software
BunnyCDN-DE1-860 /
Resource Hash
410bacdbe6d79f555a9f010e3bf791d4449aa1b8bed9df7b9f2cfdf183982a75
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
1075
x-amz-request-id
tx0000000000000737e9d9e-00640b73b2-58c53c94-nyc3c
cdn-cachedat
03/10/2023 18:15:14
cdn-pullzone
696880
last-modified
Fri, 10 Mar 2023 18:11:42 GMT
server
BunnyCDN-DE1-860
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"23a888c6ebdb0a4ae7ece869564d782e"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
887fd8d6-f02f-46a7-ba81-c9ba5d0264e1
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
x-rgw-object-type
Normal
cdn-requestid
50f0a66b55e41f6f99f49af0a0953911
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
polyfill.min.js
polyfill.io/v3/ Frame 1170 		101 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=ResizeObserver
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 00:12:54 GMT
age
1262219
detected-user-agent
Chrome Mobile/111.0.0
useragent_normaliser
chrome/111.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 22 Feb 2023 11:03:04 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/111.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
app.js
assets.reform.app/bbc55f6/js/ Frame 1170 		427 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.reform.app/bbc55f6/js/app.js?id=9fff3a529359da408e8652ee2a376929
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-227.bunnyinfra.net
Software
BunnyCDN-DE1-860 /
Resource Hash
371846d70465feb1df67cce12fb905a0900ee07fb99e38e784772f0be247d8a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
874
x-amz-request-id
tx000000000000056846488-00640b73b2-593a2ef9-nyc3c
cdn-cachedat
03/10/2023 18:15:14
cdn-pullzone
696880
last-modified
Fri, 10 Mar 2023 18:11:42 GMT
server
BunnyCDN-DE1-860
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"9fff3a529359da408e8652ee2a376929"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
887fd8d6-f02f-46a7-ba81-c9ba5d0264e1
cache-control
public, max-age=31536000
x-rgw-object-type
Normal
cdn-requestid
c00cf4b69364de43fdc84b74fe0643e5
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
script.js
stingray.reform.app/ Frame 1170 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stingray.reform.app/script.js
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-232.bunnyinfra.net
Software
BunnyCDN-DE1-874 /
Resource Hash
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:55 GMT
content-encoding
br
cdn-edgestorageid
1053
x-vapor-base64-encode
True
cdn-cachedat
03/13/2023 23:09:36
cdn-pullzone
848539
last-modified
Tue, 28 Feb 2023 17:38:08 GMT
server
BunnyCDN-DE1-874
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control
public, max-age=0
cdn-requestid
5f4580e63949706f9adba2b5c6c0581f
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
polyfill.min.js
polyfill.io/v3/ Frame 1170 		101 B
157 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=ResizeObserver
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 00:12:54 GMT
age
1262219
detected-user-agent
Chrome Mobile/111.0.0
useragent_normaliser
chrome/111.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 22 Feb 2023 11:03:04 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/111.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
692.js
assets.reform.app/bbc55f6/js/ Frame 1170 		446 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.reform.app/bbc55f6/js/692.js?id=bab2b129881ca024
Requested by
Host: assets.reform.app
URL: https://assets.reform.app/bbc55f6/js/app.js?id=9fff3a529359da408e8652ee2a376929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-227.bunnyinfra.net
Software
BunnyCDN-DE1-860 /
Resource Hash
ef792a632ce6a9cea7dc006627890dd34ad2ce741c8e0d76014430c7ada3e43a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 00:12:55 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cdn-edgestorageid
756
x-amz-request-id
tx0000000000000737e5eaf-00640b73b3-58c8a088-nyc3c
cdn-cachedat
03/10/2023 18:15:15
cdn-pullzone
696880
last-modified
Fri, 10 Mar 2023 18:11:42 GMT
server
BunnyCDN-DE1-860
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"561cedcf7fec4a9e710c330ecd029ee4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
887fd8d6-f02f-46a7-ba81-c9ba5d0264e1
cache-control
public, max-age=31536000
x-rgw-object-type
Normal
cdn-requestid
2521724ec14f93291a26736f942faf7a
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| smartlook object| webpackChunk_smartlook_recorder object| __SENTRY__ function| __defProp function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __async function| Reform object| reform

3 Cookies

Domain/Path Name / Value
.unsplash.com/ Name: ugid
Value: e47051879ac10976a61331a373a3d0a75596130
forms.reform.app/ Name: reform_session
Value: eyJpdiI6IkhRendDSmtKZ21RQ2R1RGduaWNaYWc9PSIsInZhbHVlIjoiZ1J1YWFBS1RlcllpcGhZNUt0cDhCZlVQRG9qelNJRk1saXE4b21vV2RKQ0JsZGRIaHYzWHU5VnFWek95UThpMC94dmVqMXI1NzBhVXJiRnJPcDBJWEdJOHpNb2NQNGZNSTBwOEN5L0hGeXVSUlhNMGFLUzFKMmxZN1hOSjhCR1kiLCJtYWMiOiIwNDlhMmEwMTZhN2M2ZjZmMGNlOTdiNGU4ZjRkNDc1YjU3YjFmNjFkNDI2ZjllMjE0YmU3OWQwMDE3NTViMmYyIiwidGFnIjoiIn0%3D
forms.reform.app/ Name: BgseU82lZJMnAMmCtQ2XsOznBKmKQCmcSS0NvVi4
Value: eyJpdiI6IjFzc3B0MWdKU2VSOXlBbVBNUU5SbUE9PSIsInZhbHVlIjoiYjdXNTRHdjRqNVVEam5Rb3AyalprOGNzTlUyQmY4QXZXMjN0dml2SWxUdFJOSWU0UjBJV3ByWDRZMGcrYUUzaU5KblRUVVVxNjFEdWVxYzdSYkI2TmZrSnljbThKcVc2THVDVGdXc3VuZkNWQlhndGNIQiszRDRvQXRMMU43a0NkTklrMXZJVEZ6T1lLeUc1R1ROcjdVNExwMkplOWpJTWt4YjE0ZmFmKy9uV1AreFRxVy9yWldtL0FHWWhYZDNGRVFlek8zSmxiOHNFazk4bTRJb1hUbDd6RmxrLy8zTUVOcUpLTS9EbEtzdGFQZVAxS0toQ1dvYStVdzBlQ2g0d0hiWVkrNWNCWnNQSXNzdTVIUUU4QTc5aU9hTEZrNUlpOTRVdEN4T09lLzBYQnBtU1JEQmJqNHhWa1I4WnpneW44NUZEVWVQa0JpL0RCM3lOZXpkQXE4NzVULzFaRnZqNkQrS0hObUlFRWIxVUVKdDdFeUwrMmR6ODBubmRVdlBjSmM2LzN3U1NudDhFSXdGUHhDV3Nodz09IiwibWFjIjoiYzg2ZGQ1ZjU2MTdiNGZkMTg3OTM2NjZhZGE4OTY0M2UxMWQ3MDU2ZGNjY2EzOWRjNThkNTczZDRmODY4MTI2YSIsInRhZyI6IiJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff