www.recoverways.com Open in urlscan Pro
216.24.57.253  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.recoverways.com/	16 KB 5 KB	141ms 46ms	Document text/html	216.24.57.253 RENDER
General Check archive.org Show headers Download Go to Full URL https://www.recoverways.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.253 , Sweden, ASN397273 (RENDER, US), Reverse DNS Software cloudflare / Resource Hash db7f5bcae483aee96b645b242a584ffbb557a4351cbef18d459728f411ba9e57 Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers age 246 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=0, s-maxage=300 cf-cache-status HIT cf-ray 7a80921e4ea42d99-ARN content-encoding br content-type text/html; charset=utf-8 date Wed, 15 Mar 2023 00:16:58 GMT etag W/"dac7f1020afda8b462208975cc527122" last-modified Sat, 11 Feb 2023 00:33:55 UTC server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H2	200	index.cd2175df.js Show response www.recoverways.com/assets/	15 KB 5 KB	49ms 45ms	Script text/javascript	216.24.57.253 RENDER
General Check archive.org Show headers Download Go to Full URL https://www.recoverways.com/assets/index.cd2175df.js Requested by Host: www.recoverways.com URL: https://www.recoverways.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.253 , Sweden, ASN397273 (RENDER, US), Reverse DNS Software cloudflare / Resource Hash e6045b935e0b195945f077d92fd193effbeb0c0d4c15dbdc1e1931c6250ec54b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.recoverways.com/ Origin https://www.recoverways.com accept-language se-SE,se;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:16:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT last-modified Sat, 11 Feb 2023 00:33:56 UTC server cloudflare age 246 etag W/"e0a6e7add38a9f8a4b6e440c7b8134ca" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=0, s-maxage=300 cf-ray 7a80921ebeca2d99-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	vendor.78c73341.js Show response www.recoverways.com/assets/	245 KB 80 KB	51ms 49ms	Script text/javascript	216.24.57.253 RENDER
General Check archive.org Show headers Download Go to Full URL https://www.recoverways.com/assets/vendor.78c73341.js Requested by Host: www.recoverways.com URL: https://www.recoverways.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.253 , Sweden, ASN397273 (RENDER, US), Reverse DNS Software cloudflare / Resource Hash 7e83bb187729a4a11528a4284f5cede65a549f7cd267fa0c8ee6288dbcd63493 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.recoverways.com/ Origin https://www.recoverways.com accept-language se-SE,se;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:16:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT last-modified Sat, 11 Feb 2023 00:33:55 UTC server cloudflare age 245 etag W/"66b8be43d94f8c1e3e6b54ec2ac2feb1" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=0, s-maxage=300 cf-ray 7a80921ebecc2d99-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	index.8f8ec780.css www.recoverways.com/assets/	29 KB 6 KB	45ms 43ms	Stylesheet text/css	216.24.57.253 RENDER
General Check archive.org Show headers Download Go to Full URL https://www.recoverways.com/assets/index.8f8ec780.css Requested by Host: www.recoverways.com URL: https://www.recoverways.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.253 , Sweden, ASN397273 (RENDER, US), Reverse DNS Software cloudflare / Resource Hash da57a4c5f94a3eaea8be435d93b279b3af30f2d7f95bf26c002cfba188560822 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language se-SE,se;q=0.9 Referer https://www.recoverways.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:16:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT last-modified Sat, 11 Feb 2023 00:33:55 UTC server cloudflare age 245 etag W/"3af23d92145f7852c0da3d254f668890" vary Accept-Encoding content-type text/css; charset=utf-8 cache-control public, max-age=0, s-maxage=300 cf-ray 7a80921ebecb2d99-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	icon.93651502.png www.recoverways.com/assets/	14 KB 14 KB	48ms 47ms	Image image/png	216.24.57.253 RENDER
General Check archive.org Show headers Download Go to Show image Full URL https://www.recoverways.com/assets/icon.93651502.png Requested by Host: www.recoverways.com URL: https://www.recoverways.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.24.57.253 , Sweden, ASN397273 (RENDER, US), Reverse DNS Software cloudflare / Resource Hash 93651502a2798e8f49e4a8d785f5b5c3b94a15a8db6f8752d337e9bec41e3ef3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language se-SE,se;q=0.9 Referer https://www.recoverways.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:16:58 GMT x-content-type-options nosniff cf-cache-status HIT last-modified Sat, 11 Feb 2023 00:33:56 UTC server cloudflare age 245 etag "1e0f9f1c214c6f83b22a620114630f49" vary Accept-Encoding content-type image/png cache-control public, max-age=0, s-maxage=300 accept-ranges bytes cf-ray 7a80921efeeb2d99-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14444
GET H2	200	photo-1541976844346-f18aeac57b06 images.unsplash.com/	175 KB 176 KB	160ms 52ms	Image image/jpeg	146.75.122.208 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.unsplash.com/photo-1541976844346-f18aeac57b06?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwzNTI4Mzh8MHwxfGFsbHx8fHx8fHx8fDE2NzQ2ODE2NjU&ixlib=rb-4.0.3&q=80&w=1080 Requested by Host: www.recoverways.com URL: https://www.recoverways.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.122.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash 1bfd26c081452a1042e1657b3b03e910cb08724fe52e278ae952769e5de97838 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language se-SE,se;q=0.9 Referer https://www.recoverways.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:16:58 GMT x-content-type-options nosniff age 4783090 x-cache HIT, HIT x-imgix-id 0156eb8f760ceb2b821adfdf994a9e279b37a4bc cross-origin-resource-policy cross-origin content-length 179283 x-served-by cache-sjc10074-SJC, cache-hhn-etou8220035-HHN x-imgix-render-farm 01.1096 last-modified Wed, 18 Jan 2023 15:38:49 GMT server imgix content-type image/jpeg access-control-allow-origin * cache-control public, max-age=315360000 accept-ranges bytes timing-allow-origin *
GET H2	200	recorder.js Show response web-sdk.smartlook.com/	3 KB 2 KB	168ms 46ms	Script application/javascript	185.59.220.18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://web-sdk.smartlook.com/recorder.js Requested by Host: www.recoverways.com URL: https://www.recoverways.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS 809075600.fra.cdn77.com Software CDN77-Turbo / Resource Hash 7d1b5c76eef3148ace086022708bf24214e9c02a1d3664b11634b71b7611d8f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language se-SE,se;q=0.9 Referer https://www.recoverways.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 15 Mar 2023 00:16:58 GMT strict-transport-security max-age=31536000 content-encoding gzip x-cache HIT x-77-cache HIT cross-origin-resource-policy cross-origin x-age 106 x-77-nzt Abk73BAdgqD/agAAAA x-accel-expires @1678839912 last-modified Thu, 09 Mar 2023 15:00:09 GMT server CDN77-Turbo etag W/"6409f479-c4a" x-77-nzt-ray 9083393017cb26007a0e1164d91d2b32 vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=600
GET H2	200	embed.js Show response embed.reform.app/v1/	2 KB 2 KB	321ms 242ms	Script application/javascript	104.21.15.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.reform.app/v1/embed.js Requested by Host: www.recoverways.com URL: https://www.recoverways.com/assets/index.cd2175df.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.15.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8799a782417998d9f08aaae5d2409ccd7949fe95d77bc7beec834681c9170a58 Request headers accept-language se-SE,se;q=0.9 Referer https://www.recoverways.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-nf-request-id 01GVGH0NEJ9TH2SCBD9C7HDAQE date Wed, 15 Mar 2023 00:16:59 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-polished origSize=2449 etag W/"cd5b6d4cf03f6ba356a88b596859c116-ssl-df" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NA7e5Gg0CECvprDLF5bMyxzY6Zh1L92Mn%2FwOjTZNCyOoR96f2dBhFi14eZN1qfmryMZfaA0Lutah%2FjJTPfNxAR9%2B6OaSlTLAS%2B9GSX1nNrmBzxLBNzLxnlVS27Rfqs%2Bj5oFs"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400, must-revalidate cf-ray 7a80921fef53b503-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	init.aa7ffdce9b9138dff07a.js Show response web-sdk.smartlook.com/es6/	54 KB 16 KB	183ms 89ms	Script application/javascript	185.59.220.18 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://web-sdk.smartlook.com/es6/init.aa7ffdce9b9138dff07a.js Requested by Host: web-sdk.smartlook.com URL: https://web-sdk.smartlook.com/recorder.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS 809075600.fra.cdn77.com Software CDN77-Turbo / Resource Hash f098275e8915aec8016b5a995b98cc9356ccf4e778ba330150ba6b7cc01fe78d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.recoverways.com/ Origin https://www.recoverways.com accept-language se-SE,se;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 15 Mar 2023 00:16:58 GMT strict-transport-security max-age=31536000 content-encoding gzip x-cache HIT x-77-cache HIT cross-origin-resource-policy cross-origin x-age 462907 x-77-nzt Abk73BCqA+H/OxAHAA x-accel-expires @1709912511 last-modified Thu, 09 Mar 2023 15:00:09 GMT server CDN77-Turbo etag W/"6409f479-d787" x-77-nzt-ray 90833930ead892017a0e1164f3c8f63a vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable
GET H2	200	s1rdlh Show response forms.reform.app/SWPP1X/get-handbook/ Frame B0E5	28 KB 10 KB	649ms 649ms	Document text/html	104.21.15.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.reform.app/SWPP1X/get-handbook/s1rdlh Requested by Host: embed.reform.app URL: https://embed.reform.app/v1/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.15.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 714288be23de0926231fbd6a9fb9cb06cdc158fa630c1ee2967f86c3e36e4cba Request headers Referer https://www.recoverways.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 7a8092217848b503-OSL content-encoding br content-type text/html; charset=UTF-8 date Wed, 15 Mar 2023 00:16:59 GMT last-modified Wed, 15 Mar 2023 00:16:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgLowSYh0iFCB4cskZ8v8DqGhxPkpKcpjY7RCdiyphZD7yEs49uhhTvwdZT49tMtyBvoM%2FrnqgFk7DiDjT06decSAwvXUnLm2cGdCJEowGQF0iWgi2w73TVDP2sQY3YTAtgw"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-do-app-origin 5671b30c-e6a4-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200
GET H2	200	app.css assets.reform.app/bbc55f6/css/ Frame B0E5	70 KB 15 KB	158ms 49ms	Stylesheet text/css	138.199.37.227 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.reform.app/bbc55f6/css/app.css?id=23a888c6ebdb0a4ae7ece869564d782e Requested by Host: forms.reform.app URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS 138-199-37-227.bunnyinfra.net Software BunnyCDN-DE1-860 / Resource Hash 410bacdbe6d79f555a9f010e3bf791d4449aa1b8bed9df7b9f2cfdf183982a75 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language se-SE,se;q=0.9 Referer https://forms.reform.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:16:59 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cdn-edgestorageid 1075 x-amz-request-id tx0000000000000737e9d9e-00640b73b2-58c53c94-nyc3c cdn-cachedat 03/10/2023 18:15:14 cdn-pullzone 696880 last-modified Fri, 10 Mar 2023 18:11:42 GMT server BunnyCDN-DE1-860 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"23a888c6ebdb0a4ae7ece869564d782e" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 887fd8d6-f02f-46a7-ba81-c9ba5d0264e1 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 x-rgw-object-type Normal cdn-requestid a3bb453fdef1c6e96ae5def632c9e6f9 cdn-requestcountrycode SE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	polyfill.min.js Show response polyfill.io/v3/ Frame B0E5	101 B 659 B	95ms 30ms	Script text/javascript	151.101.1.26 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?features=ResizeObserver Requested by Host: forms.reform.app URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.26 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language se-SE,se;q=0.9 Referer https://forms.reform.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 15 Mar 2023 00:16:59 GMT age 1262464 detected-user-agent Chrome Mobile/111.0.0 useragent_normaliser chrome/111.0.0 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113 referrer-policy origin-when-cross-origin last-modified Wed, 22 Feb 2023 11:03:04 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=UTF-8 access-control-allow-origin * normalized-user-agent chrome/111.0.0 cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	app.js Show response assets.reform.app/bbc55f6/js/ Frame B0E5	427 KB 129 KB	105ms 95ms	Script application/javascript	138.199.37.227 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.reform.app/bbc55f6/js/app.js?id=9fff3a529359da408e8652ee2a376929 Requested by Host: forms.reform.app URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS 138-199-37-227.bunnyinfra.net Software BunnyCDN-DE1-860 / Resource Hash 371846d70465feb1df67cce12fb905a0900ee07fb99e38e784772f0be247d8a8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language se-SE,se;q=0.9 Referer https://forms.reform.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:16:59 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cdn-edgestorageid 874 x-amz-request-id tx000000000000056846488-00640b73b2-593a2ef9-nyc3c cdn-cachedat 03/10/2023 18:15:14 cdn-pullzone 696880 last-modified Fri, 10 Mar 2023 18:11:42 GMT server BunnyCDN-DE1-860 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"9fff3a529359da408e8652ee2a376929" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 887fd8d6-f02f-46a7-ba81-c9ba5d0264e1 cache-control public, max-age=31536000 x-rgw-object-type Normal cdn-requestid 3e3e0ea77aff2a3a1adf8eda2b2d0e83 cdn-requestcountrycode SE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	script.js Show response stingray.reform.app/ Frame B0E5	6 KB 2 KB	497ms 155ms	Script application/javascript	185.93.1.244 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://stingray.reform.app/script.js Requested by Host: forms.reform.app URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.93.1.244 Chicago, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 185-93-1-244.bunnyinfra.net Software BunnyCDN-IL1-845 / Resource Hash 19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81 Request headers accept-language se-SE,se;q=0.9 Referer https://forms.reform.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:17:00 GMT content-encoding br cdn-edgestorageid 845 x-vapor-base64-encode True cdn-cachedat 03/13/2023 23:10:10 cdn-pullzone 848539 last-modified Tue, 28 Feb 2023 17:38:08 GMT server BunnyCDN-IL1-845 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"d41d8cd98f00b204e9800998ecf8427e" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid aa90c48b-f401-4fa1-aac1-c94c8f3ae560 cache-control public, max-age=0 cdn-requestid 6472d5f550a8b7a757483a352602505c cdn-requestcountrycode SE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	polyfill.min.js polyfill.io/v3/ Frame B0E5	101 B 209 B	68ms 66ms	Other text/javascript	151.101.1.26 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?features=ResizeObserver Requested by Host: forms.reform.app URL: https://forms.reform.app/SWPP1X/get-handbook/s1rdlh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.26 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language se-SE,se;q=0.9 Referer https://forms.reform.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 15 Mar 2023 00:17:00 GMT age 1262464 detected-user-agent Chrome Mobile/111.0.0 useragent_normaliser chrome/111.0.0 server-timing HIT, fastly;desc="Edge time";dur=1 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113 referrer-policy origin-when-cross-origin last-modified Wed, 22 Feb 2023 11:03:04 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=UTF-8 access-control-allow-origin * normalized-user-agent chrome/111.0.0 cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	692.js Show response assets.reform.app/bbc55f6/js/ Frame B0E5	446 KB 117 KB	58ms 58ms	Script application/javascript	138.199.37.227 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.reform.app/bbc55f6/js/692.js?id=bab2b129881ca024 Requested by Host: assets.reform.app URL: https://assets.reform.app/bbc55f6/js/app.js?id=9fff3a529359da408e8652ee2a376929 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.37.227 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS 138-199-37-227.bunnyinfra.net Software BunnyCDN-DE1-860 / Resource Hash ef792a632ce6a9cea7dc006627890dd34ad2ce741c8e0d76014430c7ada3e43a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language se-SE,se;q=0.9 Referer https://forms.reform.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 00:17:00 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cdn-edgestorageid 756 x-amz-request-id tx0000000000000737e5eaf-00640b73b3-58c8a088-nyc3c cdn-cachedat 03/10/2023 18:15:15 cdn-pullzone 696880 last-modified Fri, 10 Mar 2023 18:11:42 GMT server BunnyCDN-DE1-860 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"561cedcf7fec4a9e710c330ecd029ee4" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 887fd8d6-f02f-46a7-ba81-c9ba5d0264e1 cache-control public, max-age=31536000 x-rgw-object-type Normal cdn-requestid 8d0516c90e237ed14c480ed0221bbdaf cdn-requestcountrycode SE cdn-status 200 cdn-requestpullsuccess True

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| smartlook object| __SENTRY__ object| webpackChunk_smartlook_recorder function| __defProp function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __async function| Reform object| reform

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.unsplash.com/	1970-01-20 19:06:15	Name: ugid Value: e47051879ac10976a61331a373a3d0a75596131
			forms.reform.app/	1970-01-20 10:20:46	Name: reform_session Value: eyJpdiI6IjBid1lmeWkyYTVmc0xZalRSSGJRM0E9PSIsInZhbHVlIjoidmxVRjkzTFFBY3oxN0dnNG1yUE1zM1NMNkRvSDJLQTBjN012SW0yanArZW02YXBXMUFXQUJJSkRXRk91NHUxVTM4V2JmOGNLOW1WRTlydGdzRXo2WnFKYU1oMmNjd3BCMG1IelpZS2FqeWt6blMxMG5ZbE53MnlJc0xTY0g1OEYiLCJtYWMiOiJmZTRmYjlmYTVmY2Q0ODA2NjZhZWU2MTRjNTc2NjYxMTM1MDM4Y2ZmNjZmNmFiNWJiMmRhNWNkMjg2ZWM3NGY0IiwidGFnIjoiIn0%3D
			forms.reform.app/	1970-01-20 10:20:46	Name: CJlpkavKSejq0z9Xru2gdqmg7aEKNCmBXxrta1Dj Value: eyJpdiI6Ik5pVFI5aTQwYUJ3NitHTWpQSXdpYVE9PSIsInZhbHVlIjoidzdvSXIydWJja0U1aU9TZjlYMit2WUh5Zks1QkMrc3lPRmo3QzkrZGRzTFIwQ29QNlVrWXBoVTRKdUZJVjVJelBsNXNUU2xkZHpHU2RLZ3NWNllYcktwenNXMVdGcWMvTFVUdnBtTXl4aUR1dnBqVzV4dENPb2lnK1E1ZDdZVithL0dsdmVDbzZSUE5GMTRiMkIxTGxzYkF0WlpuV05RQkVHV2VTVUcyMkdwTDNLWHYyWGU3Y1FFdldSVTdyNXZ1cFlFYnNqYkMrNkhyTWlqZmc2bGNYNjJEdnBveU9nRFlxZFp1RmsrU0lZSWprYjlTOGhHSVJJTGQ4L2JyMW00d08wN2ZhTHpxTFV2NWFlV1JhTkNSWWd1eCtXdHpnWW5DbVFtWVhwaWhQQ0tCMmNVR3M4eVZPQXhQNENyWmtZYXF4VG85WDlOdnEyckhHNVFJNlRrVU5oVFdGUVFOOHdkUk5VdUgwOFJWbCtXWmVmKzhaN2dvLzVrMEUyaXFDSW5NalRXMzdQM3hxTjg3Nk9pcWZ0RkYvUT09IiwibWFjIjoiNTBmYmVjM2UyYjg3YmM2MGJkMzFjMmIxYjMwZDUxMzY3ZWMxNDAwNzE3MjE3MjQ1NDRlODU1Y2Y5YWY3ZTkyMiIsInRhZyI6IiJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.reform.app
embed.reform.app
forms.reform.app
images.unsplash.com
polyfill.io
stingray.reform.app
web-sdk.smartlook.com
www.recoverways.com
104.21.15.207
138.199.37.227
146.75.122.208
151.101.1.26
185.59.220.18
185.93.1.244
216.24.57.253
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81
1bfd26c081452a1042e1657b3b03e910cb08724fe52e278ae952769e5de97838
371846d70465feb1df67cce12fb905a0900ee07fb99e38e784772f0be247d8a8
410bacdbe6d79f555a9f010e3bf791d4449aa1b8bed9df7b9f2cfdf183982a75
714288be23de0926231fbd6a9fb9cb06cdc158fa630c1ee2967f86c3e36e4cba
7d1b5c76eef3148ace086022708bf24214e9c02a1d3664b11634b71b7611d8f8
7e83bb187729a4a11528a4284f5cede65a549f7cd267fa0c8ee6288dbcd63493
8799a782417998d9f08aaae5d2409ccd7949fe95d77bc7beec834681c9170a58
93651502a2798e8f49e4a8d785f5b5c3b94a15a8db6f8752d337e9bec41e3ef3
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da57a4c5f94a3eaea8be435d93b279b3af30f2d7f95bf26c002cfba188560822
db7f5bcae483aee96b645b242a584ffbb557a4351cbef18d459728f411ba9e57
e6045b935e0b195945f077d92fd193effbeb0c0d4c15dbdc1e1931c6250ec54b
ef792a632ce6a9cea7dc006627890dd34ad2ce741c8e0d76014430c7ada3e43a
f098275e8915aec8016b5a995b98cc9356ccf4e778ba330150ba6b7cc01fe78d