mgomezi.typeform.com Open in urlscan Pro
2606:4700::6812:1a47 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tiny.cc/5adysz
Effective URL:
https://mgomezi.typeform.com/to/Bguzhzxo
Submission: On September 30 via manual (September 30th 2020, 7:59:23 pm UTC) from US

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6812:1a47, located in United States and belongs to CLOUDFLARENET, US. The main domain is mgomezi.typeform.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 16th 2020. Valid for: a year.

This is the only time mgomezi.typeform.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 2	157.245.113.153 157.245.113.153	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:303... 2606:4700:3031::6812:3a9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
2	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1a47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:9400:8:2495:5540:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206e:3e00:4:f6ce:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.244.81 99.86.244.81	16509 (AMAZON-02) (AMAZON-02)
7	54.149.62.40 54.149.62.40	16509 (AMAZON-02) (AMAZON-02)
29	12

2 157.245.113.153 (United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

tiny.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6812:3a9c (United States)

ASN13335 (CLOUDFLARENET, US)

soo.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1f7b6b812d45c6411e0c395f49476a93.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1a47 (United States)

ASN13335 (CLOUDFLARENET, US)

mgomezi.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9400:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206e:3e00:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

renderer-assets.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.244.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-244-81.vie50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.149.62.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-62-40.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	segment.io api.segment.io	1008 B
6	typeform.com mgomezi.typeform.com images.typeform.com renderer-assets.typeform.com	917 KB
6	googlesyndication.com 1f7b6b812d45c6411e0c395f49476a93.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	13 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	doubleclick.net securepubads.g.doubleclick.net	95 KB
2	tiny.cc 2 redirects tiny.cc	754 B
1	segment.com cdn.segment.com	65 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	googletagservices.com www.googletagservices.com	17 KB
1	soo.gd soo.gd	2 KB
29	12

	Domain	Requested by
7	api.segment.io	cdn.segment.com
3	renderer-assets.typeform.com	mgomezi.typeform.com renderer-assets.typeform.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	mgomezi.typeform.com	soo.gd renderer-assets.typeform.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	tiny.cc	2 redirects
1	cdn.segment.com	renderer-assets.typeform.com
1	images.typeform.com	mgomezi.typeform.com
1	1f7b6b812d45c6411e0c395f49476a93.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	soo.gd
1	www.googletagservices.com	soo.gd
1	soo.gd
29	16

This site contains links to these domains. Also see Links.

Domain
typeformsem.typeform.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-19` - `2021-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
typeform.com Cloudflare Inc ECC CA-3	`2020-09-16` - `2021-09-16`	a year	crt.sh
*.typeform.com Amazon	`2019-12-24` - `2021-01-24`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://mgomezi.typeform.com/to/Bguzhzxo
Frame ID: 91D9A31CE52563810A70CD83777D897A
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 223B4BE327C6FFB36C818D51DCE58EC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tiny.cc/5adysz HTTP 301
https://tiny.cc/5adysz HTTP 303
https://soo.gd/ELAi Page URL
https://mgomezi.typeform.com/to/Bguzhzxo Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

29
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

16
Subdomains

12
IPs

2
Countries

1164 kB
Transfer

2308 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://typeformsem.typeform.com/to/Y6qFrrYV?utm_campaign=Bguzhzxo&utm_source=typeform.com-16951974-Free&utm_medium=typeform&utm_content=typeform-footer&utm_term=EN
Title: Powered by Typeform

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tiny.cc/5adysz HTTP 301
https://tiny.cc/5adysz HTTP 303
https://soo.gd/ELAi Page URL
https://mgomezi.typeform.com/to/Bguzhzxo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://tiny.cc/5adysz HTTP 301
https://tiny.cc/5adysz HTTP 303
https://soo.gd/ELAi

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ELAi Show response
soo.gd/
Redirect Chain

http://tiny.cc/5adysz
https://tiny.cc/5adysz
https://soo.gd/ELAi

3 KB
2 KB

499ms
465ms

Document
text/html

2606:4700:3031::6812:3a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://soo.gd/ELAi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:3a9c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c14081c466c7c76ee5f64f8d0e919f7f1b0f9ff7a50774411153804bdbcdfb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: soo.gd
:scheme: https
:path: /ELAi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:04 GMT
content-type: text/html; Charset=UTF-8;charset=UTF-8
set-cookie: __cfduid=d98e243463ecbe4e0b1b011abc7c4680c1601495943; expires=Fri, 30-Oct-20 19:59:03 GMT; path=/; domain=.soo.gd; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
x-robots-tag: noindex, nofollow
i-am: Alpha
strict-transport-security: max-age=31536000; includeSubdomains;
cf-cache-status: DYNAMIC
cf-request-id: 058231e1dd000005c43b094200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601495944"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5db085afcd0505c4-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Wed, 30 Sep 2020 19:59:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: tycc044676f8cb025e7dbe4aa2b4dd6635cc=1; expires=Fri, 30-Sep-2022 19:59:03 GMT; Max-Age=63072000; path=/; SameSite=None tiny_client=38a89081a9978486919015595e1df44a; expires=Fri, 30-Sep-2022 19:59:03 GMT; Max-Age=63072000; path=/; SameSite=None
X-Frame-Options: sameorigin
X-Robots-Tag: nofollow, noindex
Location: https://soo.gd/ELAi
Content-Encoding: gzip

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
17 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: soo.gd
URL: https://soo.gd/ELAi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35f38b2f4be2c99cde2f7227fe74dea107d13eff37f50727f0244023f2b7fed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "649 / 165 of 1000 / last-modified: 1601484765"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17466
x-xss-protection: 0
expires: Wed, 30 Sep 2020 19:59:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-2

Requested by

Host: soo.gd
URL: https://soo.gd/ELAi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e17a6435c5a856a922de8613d4f7989104a10ec961403430c75c9b91645f8e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36462
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Sep 2020 19:59:04 GMT

GET
H2 200 pubads_impl_2020092901.js Show response
securepubads.g.doubleclick.net/gpt/ 270 KB
95 KB 36ms
36ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

36791f910a6b9922e91d0fbe1ecb4d5d4158862ed27a53759ee5a201cba4ef4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 08:45:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96984
x-xss-protection: 0
expires: Wed, 30 Sep 2020 19:59:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2605
date: Wed, 30 Sep 2020 19:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 30 Sep 2020 21:15:39 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
57 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=666322004&t=pageview&_s=1&dl=https%3A%2F%2Fsoo.gd%2FELAi&ul=en-us&de=UTF-8&dt=ELAi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=747095001&gjid=444750371&cid=1737718647.1601495944&tid=UA-31510493-2&_gid=1775455842.1601495944&_r=1&gtm=2ou9g1&z=1292433297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 19:59:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://soo.gd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js
adservice.google.de/adsid/ 109 B
168 B 19ms
18ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=soo.gd

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=soo.gd

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
securepubads.g.doubleclick.net/gampad/ 412 B
392 B 51ms
51ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3388031960813224&correlator=3700492416359808&output=ldjh&impl=fif&eid=21067580%2C21066994%2C21067194%2C44727580&vrg=2020092901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200930&iu_parts=5837603%2CSGD_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1601495944&dt=1601495944237&dlt=1601495944110&idt=101&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1216140633&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsoo.gd%2FELAi&dssz=10&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x423&msz=0x0&ga_vid=1737718647.1601495944&ga_sid=1601495944&ga_hid=666322004&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://soo.gd
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1f7b6b812d45c6411e0c395f49476a93.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 56ms
38ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1f7b6b812d45c6411e0c395f49476a93.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 Primary Request Bguzhzxo Show response
mgomezi.typeform.com/to/ 138 KB
39 KB 678ms
653ms Document
text/html 2606:4700::6812:1a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgomezi.typeform.com/to/Bguzhzxo

Requested by

Host: soo.gd
URL: https://soo.gd/ELAi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 1.492.0-3.117.0

Resource Hash

74183b281b61e70c8861d759dbd46199bb0155f0a02c48fff021396878eaf330

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

:method: GET
:authority: mgomezi.typeform.com
:scheme: https
:path: /to/Bguzhzxo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://soo.gd/ELAi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soo.gd/ELAi

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:04 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d53eb0e4d53d3cb1e49e9381507f3f22f1601495944; expires=Fri, 30-Oct-20 19:59:04 GMT; path=/; domain=.typeform.com; HttpOnly; SameSite=Lax; Secure
age: 2328
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-security-policy-report-only: report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors https: ;
pragma: no-cache
vary: Accept-Encoding
x-cache: HIT
x-cache-lookup: HIT
x-envoy-upstream-service-time: 3
x-powered-by: 1.492.0-3.117.0
x-varnish: 35814339 39702746
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers: Location, X-Request-Id
strict-transport-security: max-age=63072000; includeSubDomains
x-newp: Yes
cf-cache-status: DYNAMIC
cf-request-id: 058231e4750000d7112d85f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5db085b3e967d711-FRA
content-encoding: gzip

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6426
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092901.js?21067580

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 19:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Wed, 30 Sep 2020 19:59:04 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 223B 0
0 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://soo.gd/ELAi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://soo.gd/ELAi

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Wed, 30 Sep 2020 19:35:05 GMT
expires: Thu, 30 Sep 2021 19:35:05 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1439
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
117 B 18ms
16ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020092901&jk=3388031960813224&bg=!-vml-eFYNN4Ts3qiOzcCAAAAclIAAAAQCgFaSZQfEEGDbTWxcrxyit0oar7-m2taVeEGq35m7kmngNYlI56Ivli9aHC-GclwhOn8-5hr4QVNqwbd5VH3FxPn3Dy_9vRw3wVnHngOqH1lwUObkLQLMQ5D1SZ34lvFTjICLxN9exGBEg-T6omkS472gLcMJxpzV_5QPd1ahMosXYb-C5SsYcs42oMF8bBFcpWg0gqgw4waJo0M2fP02CBXCiVCeAkexbsKZkmSZO8X5OBQBeobbCQCc81QjICwsLA5efzQO_vQBpA1U-ar3HcQtpjbqiOPjzK7sKnymwz2mDJGO2HMyptj-41C51aqkbkVa6Ep0uRuFj_alD4yCqLPy1PleULiHHXZOwEYzwqsyW8WeV3FpgAoKmL4WqFezajrwm8WwT0e8vD7IgFALYE2oQlJhNcXdWjC8gJWpoCsYbvA7_Ht2YMn4D8nUkTKqTdPs19onrb3XDNasJkBn9W3S80OzLFZ1jXyEjJGMA_fKcrHXknnvw7-jf7Zzw8U-VeNdh38GYIlhqZg76NYB1JE2XAoFgCRACroD3wxITnDVBKCpA1_5IVlG5mFkfS0ZG8saa4Ezu1rXC6ew6UWLTfyJ5gWhD2_lFn7-qT7IONiFsCLaMfvBM98Gj4lU0eUbfhmsCNsQGPfv3bKSJv-WtHIZS16ROUa1ZJvfKmxnANswZ1y869ZfKDXo4zdvRCQGnAB1pdSGZSZUwISjeoPgVXbLV9M-ZLPEbehDRK1X6mlK494wy_v6t2zQKBs6kG4l7HgEXJknd0WGebJ5QRT7cdy-lsu9Z6BbUH8xBnYgUddnXIylh0wbQekBFj6PsCiMdCzDee3oc-eJLdt8fPHPxah1KahodnBdOp3h1nGLtGq8HtyuVzfT4jKRxJ5XGQkpqeF5BvE2sn7N_GWQk6U_03ay_K2QhDAXFPtfNqCOpkOrByPyKjYZb1jg5LgeODBwdnxwCzs-OPN8lJ2c9d9boiizEax15ni3U_XARxqlZ1m_xWVfU1z1KmcavC89ho

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/ELAi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 19:59:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 large
images.typeform.com/images/Gsf7Cuf9w2xP/background/ 277 KB
278 KB 45ms
16ms Image
image/jpeg 2600:9000:2156:9400:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/Gsf7Cuf9w2xP/background/large

Requested by

Host: mgomezi.typeform.com
URL: https://mgomezi.typeform.com/to/Bguzhzxo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9400:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e2cd0c494e2c0a192b2661e162d8f92cca5a9dba38f8b624f36fe6dc3c4ea2fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 17:09:41 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront), 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
age: 96564
x-amzn-requestid: b44a3715-7b53-4cb1-aa9e-7693f71c6dd5
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-amzn-trace-id: Root=1-5f736a55-1e79583283e53cf4cedc535d;Sampled=0
content-security-policy: script-src 'self'
x-amz-cf-pop: DUS51-C1, FRA50-C1
x-amz-apigw-id: To2NWEj_oAMFvUA=
content-length: 284143
x-amz-cf-id: 4SKQcD2BzLBY79r8JKTC3gbFdrlfeS70Xnncx-gGr1pvKRl6bIgjpw==

GET
H2 200 modern-renderer.a5102e004e66c897da8e.js Show response
renderer-assets.typeform.com/ 477 KB
144 KB 72ms
21ms Script
application/x-javascript 2600:9000:206e:3e00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-renderer.a5102e004e66c897da8e.js
Requested by: Host: mgomezi.typeform.com
URL: https://mgomezi.typeform.com/to/Bguzhzxo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3e00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5b2dba7d0e86101aa7e9b1e4631457ae769dc2b75fbc05ec3d9cd2be5d6f89a

Request headers

Origin: https://mgomezi.typeform.com
Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 10:51:53 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 32833
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Mon, 28 Sep 2020 08:02:55 GMT
server: AmazonS3
etag: W/"69b10eae8317e6be38fff20149d636f3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
via: 1.1 315b8dfb52e5c49bd834510b0301e939.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: KOb0xrD09ieNwsUn7uyMJ5MEh_OBikzgdSoqr7bWXQZ2HOH2isKM7A==

GET
H2 200 modern-vendors~form.f5b28c47ee14de10f253.js Show response
renderer-assets.typeform.com/ 409 KB
409 KB 18ms
18ms Script
application/x-javascript 2600:9000:206e:3e00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-vendors~form.f5b28c47ee14de10f253.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.a5102e004e66c897da8e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3e00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d60bc6ddbfe54406c4fa9fdc44af0ac7515c28befc7205e893705ed057c7bf66

Request headers

Origin: https://mgomezi.typeform.com
Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 20:13:51 GMT
via: 1.1 315b8dfb52e5c49bd834510b0301e939.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method
age: 85516
x-cache: Hit from cloudfront
status: 200
content-length: 418396
last-modified: Mon, 28 Sep 2020 08:02:55 GMT
server: AmazonS3
etag: "af6c39ac1215a769693f83b302477c74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: WK4y3BkGPDZCe_FWtvCTOBgPmIz06XhG91q_4Axu8Asm0PP8Gv6-mg==

GET
H2 200 modern-form.a732850e2250effc6f12.js Show response
renderer-assets.typeform.com/ 168 KB
46 KB 18ms
18ms Script
application/x-javascript 2600:9000:206e:3e00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-form.a732850e2250effc6f12.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.a5102e004e66c897da8e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3e00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 571c599d81fd4a858c1df0921922e0aa941fd0e4c6f457caf622c49a64afb6e9

Request headers

Origin: https://mgomezi.typeform.com
Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 10:51:54 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 32832
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 29 Sep 2020 12:23:09 GMT
server: AmazonS3
etag: W/"05044bd67c5a97be1cf0129e08411fd0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
via: 1.1 315b8dfb52e5c49bd834510b0301e939.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: _G1uihrgmmpAQl9G7LtDTbdUSLlR-76-_N2_JqFWTehyT9lg_9SpzA==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/ 354 KB
65 KB 131ms
45ms Script
text/javascript 99.86.244.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.f5b28c47ee14de10f253.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.244.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-244-81.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7863f5a0dc2d75467d6adf524237b638b8247d9eb0d8d781a04b8fc229277754

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: mqm56qBzpUWe2gQjw6JjjgNYr6cAY6gd
content-encoding: gzip
etag: "da297ffe8802d405d8eb88df1a7e8548"
age: 245
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 65701
access-control-allow-origin: *
last-modified: Tue, 29 Sep 2020 21:46:37 GMT
server: AmazonS3
date: Wed, 30 Sep 2020 19:55:01 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: Btv1QF1HeEzNncoktVpNStIvNljEPrJb4W91BkBn6-nm0uwObonlBA==

POST
H2 200 view-form-open
mgomezi.typeform.com/forms/Bguzhzxo/insights/events/ 2 B
159 B 561ms
560ms Other
application/json 2606:4700::6812:1a47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mgomezi.typeform.com/forms/Bguzhzxo/insights/events/view-form-open

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.f5b28c47ee14de10f253.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 30 Sep 2020 19:59:05 GMT
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 24
content-length: 2
cf-request-id: 058231e88e0000d7112d8ab200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mgomezi.typeform.com
x-newp: Yes
access-control-expose-headers: Location, X-Request-Id
cf-ray: 5db085ba7ff7d711-FRA
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
144 B 571ms
193ms XHR
application/json 54.149.62.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/i
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.62.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-62-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:06 GMT
access-control-allow-origin: https://mgomezi.typeform.com
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
144 B 268ms
194ms XHR
application/json 54.149.62.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.62.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-62-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:06 GMT
access-control-allow-origin: https://mgomezi.typeform.com
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
144 B 1143ms
1143ms XHR
application/json 54.149.62.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/i
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.62.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-62-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:09 GMT
access-control-allow-origin: https://mgomezi.typeform.com
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
144 B 1033ms
1032ms XHR
application/json 54.149.62.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.62.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-62-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:09 GMT
access-control-allow-origin: https://mgomezi.typeform.com
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
144 B 1030ms
1030ms XHR
application/json 54.149.62.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.62.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-62-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:09 GMT
access-control-allow-origin: https://mgomezi.typeform.com
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
144 B 1033ms
1033ms XHR
application/json 54.149.62.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.62.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-62-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:09 GMT
access-control-allow-origin: https://mgomezi.typeform.com
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
144 B 1036ms
1035ms XHR
application/json 54.149.62.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.62.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-62-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://mgomezi.typeform.com/to/Bguzhzxo
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 30 Sep 2020 19:59:09 GMT
access-control-allow-origin: https://mgomezi.typeform.com
content-length: 21
vary: Origin
content-type: application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.typeform.com/	1970-01-19 21:37:11	Name: ajs_anonymous_id Value: %22c322882e-0e0f-4fc5-8f31-a6ac72935794%22
.typeform.com/	1970-01-19 21:37:11	Name: ajs_user_id Value: 16950423
.typeform.com/	1970-01-19 21:37:11	Name: attribution_user_id Value: fc8500ab-9944-4d56-86c6-50b6c4ec61ad
.typeform.com/	1970-01-19 13:34:47	Name: __cfduid Value: d53eb0e4d53d3cb1e49e9381507f3f22f1601495944

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f7b6b812d45c6411e0c395f49476a93.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.segment.io
cdn.segment.com
images.typeform.com
mgomezi.typeform.com
pagead2.googlesyndication.com
renderer-assets.typeform.com
securepubads.g.doubleclick.net
soo.gd
tiny.cc
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
157.245.113.153
172.217.23.162
2600:9000:206e:3e00:4:f6ce:61c0:93a1
2600:9000:2156:9400:8:2495:5540:93a1
2606:4700:3031::6812:3a9c
2606:4700::6812:1a47
2a00:1450:4001:801::2001
2a00:1450:4001:809::2001
2a00:1450:4001:81a::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:821::200e
54.149.62.40
99.86.244.81
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
35f38b2f4be2c99cde2f7227fe74dea107d13eff37f50727f0244023f2b7fed7
36791f910a6b9922e91d0fbe1ecb4d5d4158862ed27a53759ee5a201cba4ef4f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
571c599d81fd4a858c1df0921922e0aa941fd0e4c6f457caf622c49a64afb6e9
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74183b281b61e70c8861d759dbd46199bb0155f0a02c48fff021396878eaf330
7863f5a0dc2d75467d6adf524237b638b8247d9eb0d8d781a04b8fc229277754
c14081c466c7c76ee5f64f8d0e919f7f1b0f9ff7a50774411153804bdbcdfb8e
d5b2dba7d0e86101aa7e9b1e4631457ae769dc2b75fbc05ec3d9cd2be5d6f89a
d60bc6ddbfe54406c4fa9fdc44af0ac7515c28befc7205e893705ed057c7bf66
e17a6435c5a856a922de8613d4f7989104a10ec961403430c75c9b91645f8e91
e2cd0c494e2c0a192b2661e162d8f92cca5a9dba38f8b624f36fe6dc3c4ea2fb

mgomezi.typeform.com Open in urlscan Pro 2606:4700::6812:1a47 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

69 %IPv6

12 Domains

16 Subdomains

12 IPs

2 Countries

1164 kBTransfer

2308 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mgomezi.typeform.com Open in urlscan Pro
2606:4700::6812:1a47 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

16
Subdomains

12
IPs

2
Countries

1164 kB
Transfer

2308 kB
Size

4
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!