go.galls.com Open in urlscan Pro
104.17.74.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go2.galls.com/MzAwLVhURS05NjgAAAGOcOR5PKtO3CPdSc9iBVqobN0hO672uHHraTlh9oHGZ2PibWwxJoOJ-NL36mt5PkTftp8oIj0=
Effective URL:
https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h...
Submission: On September 26 via api (September 26th 2023, 3:29:08 pm UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 36 HTTP transactions. The main IP is 104.17.74.206, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.galls.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 2nd 2023. Valid for: a year.

This is the only time go.galls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 19	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.83.112 18.239.83.112	16509 (AMAZON-02) (AMAZON-02)
2	23.197.137.224 23.197.137.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:b20d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
36	10

1 104.17.72.206 (United States)

ASN13335 (CLOUDFLARENET, US)

go2.galls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.17.74.206 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.galls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-112.ams58.r.cloudfront.net

uploads.knak.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.137.224 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-137-224.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b20d (United States)

ASN13335 (CLOUDFLARENET, US)

www.galls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

300-xte-968.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	galls.com 1 redirects go2.galls.com go.galls.com www.galls.com — Cisco Umbrella Rank: 495683	5 MB
6	gstatic.com www.gstatic.com fonts.gstatic.com	425 KB
3	google.com www.google.com — Cisco Umbrella Rank: 11	30 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683	89 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 7483	6 KB
1	mktoresp.com 300-xte-968.mktoresp.com	318 B
1	knak.io uploads.knak.io	9 KB
36	7

	Domain	Requested by
19	go.galls.com	1 redirects go2.galls.com go.galls.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	www.google.com	go.galls.com www.gstatic.com www.google.com
3	maxcdn.bootstrapcdn.com	go.galls.com maxcdn.bootstrapcdn.com
2	fonts.gstatic.com	www.google.com
2	munchkin.marketo.net	go.galls.com munchkin.marketo.net
1	300-xte-968.mktoresp.com	munchkin.marketo.net
1	www.galls.com	go.galls.com
1	uploads.knak.io	go.galls.com
1	go2.galls.com
36	10

This site contains links to these domains. Also see Links.

Domain
www.galls.com
policies.google.com
www.linkedin.com
www.facebook.com
www.youtube.com
galls.blog
www.instagram.com

Subject Issuer	Validity	Valid
go2.galls.com Cloudflare Inc ECC CA-3	`2023-02-02` - `2024-02-01`	a year	crt.sh
go.galls.com Cloudflare Inc ECC CA-3	`2023-02-02` - `2024-02-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
uploads.knak.com Amazon RSA 2048 M01	`2023-06-28` - `2024-07-26`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
Frame ID: C1F6EB8B5E0AF36341EC9DC9A090EB78
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjgZ8mAAAAACOIk8ALjJExBU7Z_eU1wgZS_LcH&co=aHR0cHM6Ly9nby5nYWxscy5jb206NDQz&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=p5lp3jlon5iu
Frame ID: 8C0AB389B253A35B6915FC856B65DF13
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Galls

Page URL History Show full URLs

https://go2.galls.com/MzAwLVhURS05NjgAAAGOcOR5PKtO3CPdSc9iBVqobN0hO672uHHraTlh9oHGZ2PibWwxJoOJ-NL3... Page URL
https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

36
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

6062 kB
Transfer

6945 kB
Size

5
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.galls.com/?utm_source=Marketo&utm_medium=email+&utm_campaign=FS_Q3&utm_content=LP

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.galls.com/equip/index.html?utm_source=Marketo&utm_medium=email+&utm_campaign=FS_Q3&utm_content=Landing+page

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/galls

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gallsconnect/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gallspublicsafety

Search URL Search Domain Scan URL

URL: https://galls.blog/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gallsauthority/?hl=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go2.galls.com/MzAwLVhURS05NjgAAAGOcOR5PKtO3CPdSc9iBVqobN0hO672uHHraTlh9oHGZ2PibWwxJoOJ-NL36mt5PkTftp8oIj0= Page URL
https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://go.galls.com/1170%20x%20any%20height%20-%20insert%20banner%20URL HTTP 302
https://www.galls.com/

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MzAwLVhURS05NjgAAAGOcOR5PKtO3CPdSc9iBVqobN0hO672uHHraTlh9oHGZ2PibWwxJoOJ-NL36mt5PkTftp8oIj0=
go2.galls.com/ 527 B
1 KB 612ms
209ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.galls.com/MzAwLVhURS05NjgAAAGOcOR5PKtO3CPdSc9iBVqobN0hO672uHHraTlh9oHGZ2PibWwxJoOJ-NL36mt5PkTftp8oIj0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-F/P7+Im2a+tf2QceVgz19wkjU6ePKAMeqbO2W5vTeHI=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 80cc8a3ebbeb9150-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-F/P7+Im2a+tf2QceVgz19wkjU6ePKAMeqbO2W5vTeHI=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type: text/html;charset=UTF-8
date: Tue, 26 Sep 2023 15:29:01 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: f0968579f78e6c50

GET
H2 200 Primary Request workwearsolutions.html Show response
go.galls.com/ 24 KB
7 KB 1221ms
688ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg

Requested by

Host: go2.galls.com
URL: https://go2.galls.com/MzAwLVhURS05NjgAAAGOcOR5PKtO3CPdSc9iBVqobN0hO672uHHraTlh9oHGZ2PibWwxJoOJ-NL36mt5PkTftp8oIj0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd74e2623688766d72c72755c874865aa7a34a45ae7c30c7b000dc070c90c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go2.galls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 80cc8a436b9d047e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 15:29:02 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
vary: *,Accept-Encoding
x-asset-type: LP
x-content-type-options: nosniff

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
19 KB 75ms
30ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: go.galls.com
URL: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 21253889
cdn-cachedat: 2021-06-08 17:56:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4bd704688cb08bed1c10c8f26826e421
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 80cc8a480e95695b-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 73ms
29ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632
age: 19122891
cdn-cachedat: 12/13/2021 21:25:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 80cc8a480e97695b-FRA
cdn-requestpullsuccess: True

GET
H2 200 63e25db736ac4.png
uploads.knak.io/user_uploads/63dc53f48cb40/ 9 KB
9 KB 112ms
30ms Image
image/png 18.239.83.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.knak.io/user_uploads/63dc53f48cb40/63e25db736ac4.png
Requested by: Host: go.galls.com
URL: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-112.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb8377b93f1d25a209fb92beb484dc0336ea27a686645d48cb57e1dbaec920cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

x-amz-version-id: z8JFxdzIycj3PBVyfSCIMvB4oqhQBGWe
date: Tue, 26 Sep 2023 14:36:44 GMT
via: 1.1 eb5552d4fb69ca0d0578ffa97b7b08fa.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 14:18:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 59782
x-amz-server-side-encryption: AES256
etag: "2ef78785059478ccd6a6264f562167a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9140
x-amz-cf-id: mw1cAAJQmrO2jaz2H0YckdVa1lF-DIML8AeVs-DkZPQ2VhPhfJfPXQ==

GET
H2 200 First%20Sight%20Workwear%20Graphic%2008162023.jpg
go.galls.com/rs/300-XTE-968/images/ 153 KB
154 KB 143ms
140ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/First%20Sight%20Workwear%20Graphic%2008162023.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1c1467ddf7714ed3ec9d740e0440afaeb20178dc19e1f2a8523510de65e1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 19:44:35 GMT
server: cloudflare
etag: "2a806ad-26503-605f7d6976157"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef5f047e-FRA
content-length: 156931
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 Picture7.png
go.galls.com/rs/300-XTE-968/images/ 3 KB
3 KB 167ms
163ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/Picture7.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa0c855866f55600290fd5d8db9e566e0524fc7b69f879813e18d78c99dd2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 14:31:12 GMT
server: cloudflare
etag: "2a806ec-a35-6052a4b6f3571"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef60047e-FRA
content-length: 2613
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 Picture13.png
go.galls.com/rs/300-XTE-968/images/ 6 KB
6 KB 167ms
163ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/Picture13.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4cc16b2619dd79e3ae8f97d42ecb5c37aaca0b72d59f7f0f1f89172da4374cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 14:31:12 GMT
server: cloudflare
etag: "2a807af-1847-6052a4b6fb272"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef62047e-FRA
content-length: 6215
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 Picture9.png
go.galls.com/rs/300-XTE-968/images/ 4 KB
4 KB 166ms
163ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/Picture9.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e4acf2899d4ad3948a0d996cda4065645e992125a187e952edcc4d6c456d1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 14:31:12 GMT
server: cloudflare
etag: "2a8078d-f08-6052a4b6f50c9"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef63047e-FRA
content-length: 3848
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 Picture10.png
go.galls.com/rs/300-XTE-968/images/ 5 KB
5 KB 141ms
138ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/Picture10.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2369a21802611311e3364c85ff46c1d7ed858a526166e164b3be00ecdcc1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 14:31:12 GMT
server: cloudflare
etag: "2a80799-1217-6052a4b6f8392"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef64047e-FRA
content-length: 4631
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 Picture15.png
go.galls.com/rs/300-XTE-968/images/ 1 KB
1 KB 165ms
162ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/Picture15.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6fc768910582bb3fee9531c06ab7db9a4b7a35de6067afd82e16b3a81e353e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 14:31:12 GMT
server: cloudflare
etag: "2a807ba-500-6052a4b72b014"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef65047e-FRA
content-length: 1280
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 forms2.min.js Show response
go.galls.com/js/forms2/js/ 208 KB
69 KB 168ms
164ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.galls.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 07 Sep 2023 05:56:12 GMT
server: cloudflare
etag: "26c0474-34099-604be84687700"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 80cc8a47ef5d047e-FRA
expires: Tue, 26 Sep 2023 19:29:02 GMT

GET
H2 200 b90ec8fc-e6f6-4619-bcbb-c4da331e0141.jpg
go.galls.com/rs/300-XTE-968/images/ 20 KB
20 KB 165ms
163ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/b90ec8fc-e6f6-4619-bcbb-c4da331e0141.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f9866b7b0e267d879fd5b85b8f0b679f83700f9c7f301f2b04c0fedde11019

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 17:56:59 GMT
server: cloudflare
etag: "2a8064b-50bb-605190d8a414c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef67047e-FRA
content-length: 20667
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 9db15e2e-3165-4a2e-b277-f6948ca43f46.jpg
go.galls.com/rs/300-XTE-968/images/ 21 KB
21 KB 165ms
163ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/9db15e2e-3165-4a2e-b277-f6948ca43f46.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e583a733afd8d58285040f901199e58c4a31d490a16d12dd735ad836b35ec5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 17:56:59 GMT
server: cloudflare
etag: "2a8064f-536d-605190d8a4534"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a47ef69047e-FRA
content-length: 21357
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 3ae49b53-a8ca-4e5e-9932-ac65514259c7.jpg
go.galls.com/rs/300-XTE-968/images/ 12 KB
12 KB 166ms
164ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/3ae49b53-a8ca-4e5e-9932-ac65514259c7.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74f748bbea7e42c5f8d9fbe29efecaf8deacd27b1d67d0edff9d64c0c5327635

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 17:39:52 GMT
server: cloudflare
etag: "2a807c0-3065-60518d04ecd50"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a480f7d047e-FRA
content-length: 12389
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 eQuip.png
go.galls.com/rs/300-XTE-968/images/ 331 KB
332 KB 185ms
182ms Image
image/png 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/eQuip.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

635602ac06a2748b024caea6abe9fe6fe7b21682d5f6b6f5e60ed2d40a98f84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 09 Sep 2023 06:23:20 GMT
server: cloudflare
etag: "2a80239-52d4b-604e721269162"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a480f7e047e-FRA
content-length: 339275
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 shutterstock_436658284.jpg
go.galls.com/rs/300-XTE-968/images/ 4 MB
4 MB 184ms
182ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/shutterstock_436658284.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7efe7942d4b7dc7d3acc5d6376c94036d3a48a75b03f0de06a9659d94089547f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 14:31:12 GMT
server: cloudflare
etag: "2a8078b-47cafd-6052a4b6f50c9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a480f7f047e-FRA
content-length: 4705021
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H2 200 FB002AC18H1098.jpg
go.galls.com/rs/300-XTE-968/images/ 261 KB
261 KB 185ms
183ms Image
image/jpeg 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.galls.com/rs/300-XTE-968/images/FB002AC18H1098.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02186c4cb87226b241c8cb668e4864f54de364e3f2f21c0d3bb3c5719b29ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 12 Sep 2023 14:31:12 GMT
server: cloudflare
etag: "2a80727-4128b-6052a4b6f3959"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 80cc8a480f80047e-FRA
content-length: 266891
expires: Tue, 26 Sep 2023 15:30:02 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 116ms
33ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.galls.com
URL: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 26 Sep 2023 15:29:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 stripmkttok.js Show response
go.galls.com/js/ 2 KB
762 B 186ms
182ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.galls.com/js/stripmkttok.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 07 Sep 2023 05:56:12 GMT
server: cloudflare
etag: "26c05a3-602-604be84687700"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 80cc8a47ef5e047e-FRA
content-length: 678
expires: Tue, 26 Sep 2023 19:29:02 GMT

GET
H2

200

/
www.galls.com/
Redirect Chain

https://go.galls.com/1170%20x%20any%20height%20-%20insert%20banner%20URL
https://www.galls.com/

0
0

923ms
865ms

Image
text/html

2606:4700::6811:b20d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.galls.com/
Requested by: Host: go.galls.com
URL: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
Protocol: H2
Server: 2606:4700::6811:b20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Redirect headers

date: Tue, 26 Sep 2023 15:29:03 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.galls.com
cf-ray: 80cc8a484fc2047e-FRA

GET
H2 200 getForm Show response
go.galls.com/index.php/form/ 5 KB
2 KB 1027ms
1027ms XHR
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.galls.com/index.php/form/getForm?munchkinId=300-XTE-968&form=1091
Requested by: Host: go.galls.com
URL: https://go.galls.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ed68ee57ee2ba572bab9599d31aa308b972faf1143882a3be48f84d713acad

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: a277#18ad21baa62
x-marketo-source: Form Service
cf-ray: 80cc8a494911047e-FRA
cached: false

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 81ms
81ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 26 Sep 2023 15:29:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 04 Jan 2024 15:29:02 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 65ms
34ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://go.galls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
cdn-cachedat: 06/09/2022 10:24:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4e6cc794d973c53baa59dec31fd319bc
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 80cc8a498e9c3602-FRA
cdn-requestpullsuccess: True

POST
H/1.1 200
OK visitWebPage
300-xte-968.mktoresp.com/webevents/ 2 B
318 B 760ms
130ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://300-xte-968.mktoresp.com/webevents/visitWebPage?_mchNc=1695742143003&_mchCn=workwearsolutions&_mchId=300-XTE-968&_mchTk=_mch-galls.com-1695742143003-23552&mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg&_mchWs=j1RR&_mchHo=go.galls.com&_mchPo=&_mchRu=%2Fworkwearsolutions.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fgo2.galls.com%2F&_mchQp=mkt_tok%3DMzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date: Tue, 26 Sep 2023 15:29:03 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 8bbe682e-a61a-4f37-8a32-d23c1e952264

GET
H2 200 forms2.css
go.galls.com/js/forms2/css/ 13 KB
3 KB 139ms
139ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.galls.com/js/forms2/css/forms2.css

Requested by

Host: go.galls.com
URL: https://go.galls.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 07 Sep 2023 05:56:12 GMT
server: cloudflare
etag: "26c046c-3437-604be84687700"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 80cc8a4fcf47047e-FRA
content-length: 2623
expires: Tue, 26 Sep 2023 19:29:04 GMT

GET
H2 200 forms2-theme-round.css
go.galls.com/js/forms2/css/ 4 KB
1 KB 160ms
160ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.galls.com/js/forms2/css/forms2-theme-round.css

Requested by

Host: go.galls.com
URL: https://go.galls.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/workwearsolutions.html?mkt_tok=MzAwLVhURS05NjgAAAGOcOR5PDSBEnjfxA7xsZIXKpGyv6rcb04roFKMqcrZJ6K4h3FhF9I4JbfudO9hllDgb8qP40pPZvOBkAV3cr-I_1fsMEmpSA7-oZ2jgg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 07 Sep 2023 05:56:12 GMT
server: cloudflare
etag: "26c046b-e46-604be84687700"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 80cc8a4fcf49047e-FRA
content-length: 968
expires: Tue, 26 Sep 2023 19:29:04 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 908 B
900 B 83ms
31ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaCallback

Requested by

Host: go.galls.com
URL: https://go.galls.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b56dc6065a1ef0239d5e980969c382bbafa43b62b897f79c3405b06977be2f4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.galls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 26 Sep 2023 15:29:04 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 456 KB
184 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.galls.com/
Origin: https://go.galls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 13:58:53 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8C0A 51 KB
29 KB 45ms
44ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjgZ8mAAAAACOIk8ALjJExBU7Z_eU1wgZS_LcH&co=aHR0cHM6Ly9nby5nYWxscy5jb206NDQz&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=p5lp3jlon5iu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e03250a6a7d9e53cf5e2a81dcf95221d9f06531b1392b54fcb88a3ac08a65e17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sdr0paJKVP53IeslrqWo_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.galls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sdr0paJKVP53IeslrqWo_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 15:29:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 8C0A 55 KB
24 KB 61ms
20ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjgZ8mAAAAACOIk8ALjJExBU7Z_eU1wgZS_LcH&co=aHR0cHM6Ly9nby5nYWxscy5jb206NDQz&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=p5lp3jlon5iu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 10:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 10:30:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 8C0A 456 KB
184 KB 71ms
30ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 13:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187854
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 13:58:53 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8C0A 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Mon, 25 Sep 2023 07:44:15 GMT
x-content-type-options: nosniff
age: 114289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 02 Oct 2023 07:44:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8C0A 15 KB
16 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 23 Sep 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 304261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8C0A 15 KB
15 KB 72ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Sat, 23 Sep 2023 05:51:22 GMT
x-content-type-options: nosniff
age: 293862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 05:51:22 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8C0A 102 B
135 B 29ms
29ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjgZ8mAAAAACOIk8ALjJExBU7Z_eU1wgZS_LcH&co=aHR0cHM6Ly9nby5nYWxscy5jb206NDQz&hl=de&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=p5lp3jlon5iu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date: Tue, 26 Sep 2023 15:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 26 Sep 2023 15:29:04 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go2.galls.com/	1970-01-20 15:02:23	Name: __cf_bm Value: iMKl2DBw2HSWtREnYh5KsMs.7eBNWQz_G1exptop5Dk-1695742141-0-AdPoS8lYenoYQsBDWmAgoZd+oI3ydLqkAeQOgvTpv4CMCT6r4P0LdCap5Fl5jRPre2EaW5SJlrE2Pe6DqF0R+VM=
.go.galls.com/	1970-01-20 15:02:23	Name: __cf_bm Value: .i0odFPYieeXJZqgjnuEFH6yywZzIeqnSeE7yRAbfJ4-1695742142-0-AcKjlRp3lhcVs36D8sw8IrtzZ55cuwsYJzjM9pF423S6UgS68gr3Tf0IAN4HvTfkaqxFPMwAJg//FrnC8Vk38qA=
.galls.com/	1970-01-21 00:38:22	Name: _mkto_trk Value: id:300-XTE-968&token:_mch-galls.com-1695742143003-23552
go.galls.com/	1969-12-31 23:59:59	Name: BIGipServerab57web-nginx-app_https Value: !sJmLEmj4mP1QWnKkCIQPm+cqSAXSEW6+d9GX0DShgc3vH1eHsDnLU403AuyO7fJtbaKedWePegP1N40=
.galls.com/	1969-12-31 23:59:59	Name: rwecpCOM Value: 000001342907405518427729848040

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-F/P7+Im2a+tf2QceVgz19wkjU6ePKAMeqbO2W5vTeHI=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

300-xte-968.mktoresp.com
fonts.gstatic.com
go.galls.com
go2.galls.com
maxcdn.bootstrapcdn.com
munchkin.marketo.net
uploads.knak.io
www.galls.com
www.google.com
www.gstatic.com
104.17.72.206
104.17.74.206
18.239.83.112
192.28.144.124
23.197.137.224
2606:4700::6811:b20d
2606:4700::6812:bcf
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2004
2a00:1450:4001:829::2003
05ed68ee57ee2ba572bab9599d31aa308b972faf1143882a3be48f84d713acad
0aa0c855866f55600290fd5d8db9e566e0524fc7b69f879813e18d78c99dd2a8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2f6fc768910582bb3fee9531c06ab7db9a4b7a35de6067afd82e16b3a81e353e
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
635602ac06a2748b024caea6abe9fe6fe7b21682d5f6b6f5e60ed2d40a98f84b
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6e4acf2899d4ad3948a0d996cda4065645e992125a187e952edcc4d6c456d1ef
74f748bbea7e42c5f8d9fbe29efecaf8deacd27b1d67d0edff9d64c0c5327635
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7efe7942d4b7dc7d3acc5d6376c94036d3a48a75b03f0de06a9659d94089547f
8bd74e2623688766d72c72755c874865aa7a34a45ae7c30c7b000dc070c90c7f
92fd239ffc7ccfa6d1586848df32f07e749d3fea1a39143948f7dac710a19531
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9af3aa843ca57a0c7b85eae7c3c66feae378f1329dd6484caf2efc98f595c4e0
b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395
b56dc6065a1ef0239d5e980969c382bbafa43b62b897f79c3405b06977be2f4d
bc2369a21802611311e3364c85ff46c1d7ed858a526166e164b3be00ecdcc1b9
d4cc16b2619dd79e3ae8f97d42ecb5c37aaca0b72d59f7f0f1f89172da4374cb
e02186c4cb87226b241c8cb668e4864f54de364e3f2f21c0d3bb3c5719b29ac6
e03250a6a7d9e53cf5e2a81dcf95221d9f06531b1392b54fcb88a3ac08a65e17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e583a733afd8d58285040f901199e58c4a31d490a16d12dd735ad836b35ec5aa
eb8377b93f1d25a209fb92beb484dc0336ea27a686645d48cb57e1dbaec920cb
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f8f9866b7b0e267d879fd5b85b8f0b679f83700f9c7f301f2b04c0fedde11019
fd1c1467ddf7714ed3ec9d740e0440afaeb20178dc19e1f2a8523510de65e1e0

go.galls.com Open in urlscan Pro 104.17.74.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

50 %IPv6

7 Domains

10 Subdomains

10 IPs

2 Countries

6062 kBTransfer

6945 kBSize

5 Cookies

9 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.galls.com Open in urlscan Pro
104.17.74.206 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

6062 kB
Transfer

6945 kB
Size

5
Cookies

36 HTTP transactions
0 data transactions