forms.app Open in urlscan Pro
2606:4700:20::681a:314  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://my.forms.app/altcointrading/bitmexwithdrawalform Page URL
2. https://forms.app/phishing Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3845852%26time%3D1695796092904%26url%3Dhttps%253A%252F%252Fforms.app%252Fphishing%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true&liSync=true&e_ipv6=AQKLub63hQcKigAAAYrVUuLuj3UOJqzFRfB--ZchVPy3eIq6km40dLRB9pTgflZad5pv9sz0

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	bitmexwithdrawalform Show response my.forms.app/altcointrading/	10 KB 3 KB	847ms 73ms	Document text/html	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ce68e4067308c8c17c0eb75b1dbffef1c822a2974d4f6e74b1dcf51b51680d5 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private cf-cache-status DYNAMIC cf-ray 80d1af5a68264d8d-FRA content-encoding br content-type text/html date Wed, 27 Sep 2023 06:28:10 GMT last-modified Mon, 25 Sep 2023 14:42:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrW%2FrT6alK86OR3eWuIidyEwEKiALC6rrwTeak7SP23soHh2czxv%2Fu56W3w%2BfC3pflf3kzaRWScKftkQeef%2F%2FNC0%2FEuQEmqZ%2BxiA5FzvJcrELE8Pb%2F14Ge4lhnAxc%2BubgjdnQmQpIdEofg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; preload vary Accept-Encoding via 1.1 google, 1.1 google x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	vendor.88295.css my.forms.app/static/css/	3 KB 1 KB	51ms 50ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/vendor.88295.css Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e808cd0edaf67d8387fbe703bd507c622d7f4044b741d8a8758d9702fd313126 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769097 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-b52" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCKNI9exENgFMH%2BN6e%2FSZY6NsRxOHGZ2QqM1ot4c%2BQ0%2B4nyVqeDHtf%2F4P3SRzP22wwPHk2EMXhxsUSRSFAqz9akraNrfwouwREa4kO2YeVw6o9cWXmxSZ9Kh1VESqKvsIAhu8z9s70mKzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context da67dd8b3ca9fcb3e49970716d2569e3 cache-control max-age=2678400 cf-ray 80d1af5ae86f4d8d-FRA
GET H2	200	app.fdf6d.css my.forms.app/static/css/	84 KB 18 KB	54ms 53ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/app.fdf6d.css Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41c819559369007e80d5efd50bc3570f9bad3d54c0641eb3af095c3a26a931ac Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 52905 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:12 GMT server cloudflare etag W/"65113bb4-15105" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcFzAQ1%2Fp3svU1febzOiIJm5Qyol5NM0mlnE1JAqRitLT2ZNHrLddTFCZTJMRTWsBv5Z8qF%2BJEpjFahsfQy%2Br8I59D9t9zhDdUOW7Y6BdcOayVs6kqaVzh3lIV3dTEIzSMGl7I4PPHgm5Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 895ba6a2d1e1f2b3144e97f08aa5815b cache-control max-age=2678400 cf-ray 80d1af5ae8704d8d-FRA
GET H2	200	asyncstyles.cf055.css my.forms.app/static/css/	12 KB 3 KB	49ms 48ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/asyncstyles.cf055.css Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62555bed5586831f7937bc333a52b222faf65e8eba95b3f6718761595aa50d9f Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167055 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:12 GMT server cloudflare etag W/"65113bb4-2fb3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aycnG7B7WlvqTz1DOupzt2q4B6CwmkbQUT1B4kmNuWCaoS1FkVLicOasHWyKiXS8pDZ6aqHk8PpZtGBZ%2BDX4M2RPov8Y1mdo%2F7mi6rRtY4SKU4pt8kMLvdh87LwWHSIAohyPmdwcKgIDmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context df1f9d4c4412f2793de41e2c2811142c cache-control max-age=2678400 cf-ray 80d1af5ae8714d8d-FRA
GET H2	200	dcomponents.85bd8.css my.forms.app/static/css/	8 KB 2 KB	52ms 51ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/dcomponents.85bd8.css Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eec86002623a2bfc03a8dc48ee65a9992137360d025fd5adbaddabe504334c2e Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167055 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-1ee4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh0OYqeXOcmkMYJJCJzplwqkgZUrPEC1rbwwk0O6FNWvalTRnx740hkwLfolB55TeWXSP1ramruGJenpXBfZPR3O7oCZYatU6b3j7xFVU4834JvdHqHv8QouqBIIgjXK44ToLG6Td2i9jA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 0fae4e3f747344d23e88717042a09d89 cache-control max-age=2678400 cf-ray 80d1af5ae8724d8d-FRA
GET H2	200	iicon.4be22.css my.forms.app/static/css/	574 B 647 B	55ms 54ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/iicon.4be22.css Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4349ac712b9059b52bbc2f207a901fd176bbc44e679e24c07d58f64d23e2b849 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 14698 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-23e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETrLZOWZ208qFoCEL5YIj74O%2F5CYowtC3hsLK79oq4X1B5WuMq8BVlZKdkkCD%2Fr4BRSU%2B9NgwU%2BGWkJgW%2BJWQ816muZhibdDxgLgKWRzLFAco%2BHwp3iuyECLwDq7NkcC%2BUdo3vdZkNRqQA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 723047a739fa08dfea83a626acf993c2 cache-control max-age=2678400 cf-ray 80d1af5ae8734d8d-FRA
GET H2	200	app.13894.js Show response my.forms.app/static/js/	284 KB 75 KB	65ms 65ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/app.13894.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fda6f5df1b994d96fb32891b94feac3209b98b314ebdb2ffdf74736d6b9854a3 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167055 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:12 GMT server cloudflare etag W/"65113bb4-47015" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORacj7zRV7wpBCNjQPLV4C8RkvMxROjZpfMcfTasrv8SMen6stUuK3%2BTh1KFafWV8U6QBnsawIOLmasqkcM9eTgMCw4p%2FxHXmi8Tp3gzTUDJm%2BbMPmpznqW4%2BjcK%2BI8n1EZk1tbdgPy1Jg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context a2a4987b959f801fd967b9707da49e4e cache-control max-age=2678400 cf-ray 80d1af5ae8744d8d-FRA
GET H2	200	asyncstyles.a7aee.js Show response my.forms.app/static/js/	267 B 568 B	50ms 49ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/asyncstyles.a7aee.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 624c98a4aae29a8b19af5a99ce8683003dad8f99ae42d2dbe7b8305930ddbc81 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769097 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-10b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DkUOA4lwnE9qNFa7WjsCd2stj0iwzQ5E7ocWo%2Brvf3fNnrzEfqr8BC53J6VU53S1gWJ2DbqookuMTQtEONAzMpXDcIwASUHGnWckn3nCUKTTs5pb%2BrXjYtVu6XV19m5PjJj5r5Zyw%2BxeA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 0e152e8221446d03ecab15480e475a52 cache-control max-age=2678400 cf-ray 80d1af5ae8754d8d-FRA
GET H2	200	dcomponents.d4bcf.js Show response my.forms.app/static/js/	12 KB 4 KB	52ms 51ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/dcomponents.d4bcf.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0972146d6593a93b4cf15369a6c4d21d7332d56cd11b55cc8bf460267bfcdc63 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167055 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-2ed3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhO9v9Havj0M6tpFXhbzJp15gut1LFcJgSekmV67HGMBSllIRSvdgjJcz5AkQ0YK53Di7YPcuP1xTie6qe%2BeRhlJi2prkG2mK%2FnzOr3p%2FaPhai2Z7xV7A1QFEtR%2BxjBhw5Foc0lAe1LHcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 655bdfaf8737ed9df7742a7b0c5809cf cache-control max-age=2678400 cf-ray 80d1af5ae8764d8d-FRA
GET H2	200	iicon.349e2.js Show response my.forms.app/static/js/	16 KB 5 KB	54ms 54ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/iicon.349e2.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d80484aa9c26d69a667cd3732b6f5dff297b71ff8e717274f5293a81d938a8a Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 18741 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-3e79" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdJVSwfprafxgBCHkV%2FKHrljyfZ1nvOnYLuLZ84HQVQYA%2B1czeiJaVDthU%2B9N5J%2BQZ8jTYLIiPxa57K9EIW5qLaJyLowr4TDW3fe9gcjkx3JImX%2FlCEam0e3YVhtbShyCxM2vyzF8lXEzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context a6b35b59f82f7f4897ed96040f7b5c25 cache-control max-age=2678400 cf-ray 80d1af5ae8774d8d-FRA
GET H2	200	vendor.1f58b.js Show response my.forms.app/static/js/	402 KB 129 KB	128ms 128ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vendor.1f58b.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a16315dd2ca9e48b719fc70257f9d3187dffeb6812bc92237971d6c8aa4ef4ef Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769097 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-64888" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eux0WoYg74CeR%2F7tXjQqPjAZUj9gktrnxkQ1knOyDEx%2FSWUTvwem9xsvTO6roPAed0r0%2BOYWuEwZA2eZu9DSyRslwmwAlW5mkDSHEWJmfZKAzdxwYChCHHFDCLc9AlcQgz86ZYTH6RMMyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context d83ebbb8887ed0c592049a3093d4a0b9 cache-control max-age=2678400 cf-ray 80d1af5b188d4d8d-FRA
GET H2	200	rocket-loader.min.js Show response my.forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	104ms 103ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff last-modified Mon, 25 Sep 2023 16:02:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding gzip etag W/"6511af19-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qYdKZzRx%2FjO7NKeB1xReDLZvvWTAqN2Pir85BK3KMnqJd75m4TOEghZpuawZy7I7RQx08jcnlcQy3Qx8YwYEu2t0pXVxi3F5%2BnL5vSgxZOTifXjv1WP670PEeZYH%2F6zEA1w1lf9nL5ejA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 80d1af5b188e4d8d-FRA expires Fri, 29 Sep 2023 06:28:10 GMT
GET H2	200	v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	162ms 77ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391 Request headers Referer https://my.forms.app/ Origin https://my.forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT content-encoding gzip last-modified Thu, 20 Jul 2023 18:10:27 GMT server cloudflare etag W/"2023.7.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 80d1af5b78d34d8d-FRA
GET H2	200	imaskedtext.49356.css my.forms.app/static/css/	0 725 B	103ms 102ms	Other text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/imaskedtext.49356.css Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 18741 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-51b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9h7Fsd%2BumlFKY0vHD6l%2Fr8C2I13tKBJ2MmZsbQy2Jz47WZnLAZ%2FwBwr9i86YrSEBYuRm5OoHCXOEjRcrIoq8pZ8qAipzOEoPGHUCvSDL6IzdBvETZgtDD20XGrM0WzcOlq9boOPsg3GUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 3413a0d6f91e30ecdf9fc180ba1ded41 cache-control max-age=2678400 cf-ray 80d1af5b18904d8d-FRA
GET H2	200	inputcomponents.c5dee.css my.forms.app/static/css/	0 5 KB	102ms 101ms	Other text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/inputcomponents.c5dee.css Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769097 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-5058" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fUdqttHHhxRE1IYpMspNCx9A1lc55mOJFaf6SvECrGlZD%2BshKmInq8wlwcL%2Fzs98UDFVnPSEQZS5tr3VbpKhrDV2BjISDXqmKO8Y10E%2FWtDPF5NYcSPTAM8ZoXjwqCjvx35eosjBgfkFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 2b34279a02189664d36e7510c9e20cbb cache-control max-age=2678400 cf-ray 80d1af5b18914d8d-FRA
GET H2	200	imaskedtext.8e5ba.js my.forms.app/static/js/	0 5 KB	101ms 100ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/imaskedtext.8e5ba.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 57009 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-3eb2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlTCzlfkNaIEw7gsoyrv3LklAA%2F%2BhB6hN1%2Fpv3E0gGtpml7F6yCAOv%2BTkR9ZMGBkjv6Ga4O%2FESHioObiXIi9ytgq03RnZKg4oMuu8afF0oLKcu4cL%2FomHGtxDGkCCveGPv%2FVXRI0QZpp5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context fb25b0799c596d1e4ea3344dbe4caa76 cache-control max-age=2678400 cf-ray 80d1af5b18934d8d-FRA
GET H2	200	inputcomponents.7bb6f.js my.forms.app/static/js/	0 21 KB	101ms 101ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/inputcomponents.7bb6f.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167055 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-1b7b2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHOvoDheyh%2FLykxfY9t%2BdhOkaSEHS%2FUzf43dlGtuBAR%2BRC4pUjY6HvwcxvufaOXybE0pcVd7oQ%2B8hrtG31YLFpmzS3pZ5b0cdEyk7szOi%2FO3zw7oUV9FhPkgtk%2F85loJPooNdVvEFFCRAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 8a776c9c1343196551a792c4196bc5fb cache-control max-age=2678400 cf-ray 80d1af5b18964d8d-FRA
GET H2	200	isvg.8d467.js my.forms.app/static/js/	0 11 KB	101ms 100ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/isvg.8d467.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 52905 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-7e99" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUzsGjBG2vXvaO5H4cdRIwB1zRhnf2mne2zQKsmCyeg4dJLtSmZQQEfFQWgSlEoWBjgtHuKCgQ2ZbKFXjNWaR15BIpKRfJt8aBlLr6svro0tcdkLSHAX%2F5q8UD%2BCcFNKn1q02RTUnZlVtA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 7ef7a1a75413c82fccef96f3096237ee cache-control max-age=2678400 cf-ray 80d1af5b18974d8d-FRA
GET H2	200	runtime~app.184b2.js Show response my.forms.app/static/js/	28 KB 8 KB	49ms 48ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/runtime~app.184b2.js Requested by Host: my.forms.app URL: https://my.forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 886f3d62b75209ca286e080d44391f25108d94daa42c3fc92552809fd7ace68b Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 142120 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 14:41:47 GMT server cloudflare etag W/"65119c2b-719b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sxey%2F3HZTPakk1Z5xDTiia1WxPuwQzhClGVCGqvSrmHgCO8n2BIqsht1dF1STp%2FskDGfhtEU7hs%2BAvVqqfMSBMqxbAZQ2R4%2BdKGW%2FC3Go1%2BQu2p4gvPeBRBJSFJO%2BpTiHjVNT7hV%2FMWCoA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 11b2c6edf11f70f9900e319681b7289d cache-control max-age=2678400 cf-ray 80d1af5bd90a4d8d-FRA
GET H2	200	newrelic.js Show response my.forms.app/static/	31 KB 11 KB	55ms 55ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/newrelic.js Requested by Host: my.forms.app URL: https://my.forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92c88fb8974cea100622abc06c6c4f65802da0ace3e37faac3ca63da633c575b Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 13954 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-7a7a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XI7iioYTydJ4OBhbi9UiUJRdPnHrPi8g%2BXYJRLS53DOYRNBvYEZrhJujsjWPyDl5XHIj79LHG5XQLWNoicgfk7IBiFiVKhxl%2FI4S3yoMInOcPY%2FZHw86TnnVIZs0J5z%2BcW%2FNE7UNXuvDgA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context e5c73ed5cb6d73190bc64e0653c063ea cache-control max-age=2678400 cf-ray 80d1af5bd90b4d8d-FRA
GET H2	200	gtm.js www.googletagmanager.com/	268 KB 90 KB	230ms 48ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WPSL383 Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 92197 x-xss-protection 0 last-modified Wed, 27 Sep 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Sep 2023 06:28:10 GMT
GET H2	200	analytics.js Show response analytics.forms.app/static/	5 KB 2 KB	51ms 50ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.forms.app/static/analytics.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3a33d8bbb382d1ee7fa68e08cf3171a854b91ac6400652c539631d9bb828185f Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT strict-transport-security max-age=15552000; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 19093 cf-polished origSize=6045 x-powered-by Express cf-bgj minify last-modified Thu, 21 Sep 2023 20:45:29 GMT x-krakend Version 2.4.3 server cloudflare etag W/"179d-18ab97d9228" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4JN%2FDQYBoP3FciWWIi27BQnNcqi8gbpyItMdsDshxFYHJBwZN%2B5gI%2FmW28F80WUGcLA5sZ6t1k0DsSmENB%2FDJ%2BVQcpRDumPTFF77ofuxAl6afX9399NS%2BxUgOgZ4YtyigHsZkeNX4ywlVTtnEhmj1Q%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=2678400 x-krakend-completed false cf-ray 80d1af5bf9274d8d-FRA
GET H2	200	country-en.cd357.js Show response my.forms.app/static/js/	4 KB 3 KB	49ms 49ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/country-en.cd357.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adb51afb83492ea39672c5c0aa8a9f7a2f4f0c150e174adaad345ef42ecfe6b8 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-102a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vk34%2BwYVLuBwe7eMc%2Bz8pjS0VBbLtSbnplKUxwVguXfEkmeDha8cvwCklYIz0xa4DlDZBoJHF8h0%2FIvqTPLNOq9I7cI07eW03tOQolqk6DJOz7hxvSwX%2BPGaHpOGm3KEfavQjmnR4%2BuJaQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 3a6eabde3dede69e8ee776320b326fe7 cache-control max-age=2678400 cf-ray 80d1af5c49624d8d-FRA
GET H2	200	lang-en.2c543.js my.forms.app/static/js/	87 KB 30 KB	56ms 56ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/lang-en.2c543.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 36326 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-15d1f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRYO8vKFApHtj8rzOuFMOCEPTj3Gz4WuWv3rrxD6MBc1HuHOYA%2BBu%2BEnGEohwbJ10lFSbpRhyXPE1ra7%2BGRj1kGIx62EBsHf2rh1QRnEoH%2BNrqWPNQPF2Ar46%2FJjYHjUKd0QqH7NmTM3Jw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context e50f34c28c76828af69592c729f80d35 cache-control max-age=2678400 cf-ray 80d1af5c49644d8d-FRA
GET H2	200	vendors~FormView~webfontloader.8a52d.js my.forms.app/static/js/	12 KB 5 KB	55ms 54ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vendors~FormView~webfontloader.8a52d.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 57008 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-2f93" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0XVDf%2BGb1l0IFZxTeW4GpKPwz9b%2BvpCHQlHiJTKL75ttjtppof5SJnRVC7s2vu8mtNtptnrTtZB8vmnnLAOMmNzaAVCtE6iohqN3KxSSp8WHksy2HxWbFlmUCClQ1CjEZ9DP9kgt2zpMw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 91515a49dabf92c44c1fead081a57f9f cache-control max-age=2678400 cf-ray 80d1af5c79794d8d-FRA
GET H2	200	vuelazyload.374fd.js my.forms.app/static/js/	19 KB 7 KB	56ms 55ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vuelazyload.374fd.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-4c8e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FztnH3psVo5lOhkYS9ezu%2FMoC7MwnLxRX73otKgtTDnA4RhGVG4UcoYy0XRhcXhWN7T5RMTu17jP8tYURvbzkqzW2F4DduAHkZuyt0CUJyO7fVYXkVDgqm4uJLlyPOA9ipo44%2Fy19LJeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 80afd4b7f94b598f5fad7b08d779d32f cache-control max-age=2678400 cf-ray 80d1af5c797a4d8d-FRA
GET H2	200	swal.7e789.css my.forms.app/static/css/	24 KB 5 KB	54ms 53ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/swal.7e789.css Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d8e1be3ed70b58ededd6e0375fc68f65fd5a734e7a231c6a3fc9fd91d9fab3 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-5ef9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKxDuQvvxIaWekXHY1soxQxR6SYFXhW2yDw8WtowHcqdHwn0p472Ao%2FwOX4uvz8fg6zGQoWi6ZMivcZfeaKFiLwYcgG8EjXDxONCCsRJ5yORPT8txqd7CnQ9rAOq0Y9np3yE%2BdPVBB34dA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 5c493bfc5d19a8325f933c5bfc6387c9 cache-control max-age=2678400 cf-ray 80d1af5c79784d8d-FRA
GET H2	200	swal.3be71.js my.forms.app/static/js/	73 KB 20 KB	56ms 56ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/swal.3be71.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-122f5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgt0wkAKPcpF6TfsFKNhEhSlNkKIjGRxUAe8%2Bjjy%2BEEaCuy6kQGll4qtjvXDy0R5WnbzQ0bR8x6g7BfEAiCi4oUiI1L8bYT7XyUyZR0p4OYHZNMPcYK1szDJmmNRT2S63%2FTR62AXYBNNzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 44045ed3855c9f857efed86a46899046 cache-control max-age=2678400 cf-ray 80d1af5c797b4d8d-FRA
GET H2	200	vuegtm.52e1f.js my.forms.app/static/js/	10 KB 4 KB	56ms 55ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vuegtm.52e1f.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 18740 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-2730" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9YOCVJdJv1XSrADAIOZb9ZILc4DbzbzVL86YRmxjrT3Vi7V%2BVgL3pBBlEoHWxXbCq9AUeR5Lre3qfYkOlrjUpRUPRTk1waaNjHYAiH2qcCqZ1200t3I2KoXRV6fnc49n9mv7db9UXfX%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 6d8dff8f1049ee13134b87901dc1b7e1 cache-control max-age=2678400 cf-ray 80d1af5c797c4d8d-FRA
GET H2	200	vendors~Account-FormsPaymentDetails~FormBuilder~FormDesign~FormResult~FormView~MySubmissions~SharedR~0e3d7433.685b4.js my.forms.app/static/js/	877 B 972 B	54ms 49ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vendors~Account-FormsPaymentDetails~FormBuilder~FormDesign~FormResult~FormView~MySubmissions~SharedR~0e3d7433.685b4.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 756354 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-36d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GknsV51q4EsXEU5NTdAsfDVcd2%2Bcw2zeyT5YevR5S8nVQ5WS0FNEtE9T%2BNLE1mZEmLgeJM7c9uZ5CTYVeFIx%2FimXXSnMsWUVPfzMFX4OgOtXkQtUqCJXIG0g3KFEG%2FHZjimnlzlpwDVJlA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 00bbf0a588b8f3b1ba75bd9f6aff8fb6 cache-control max-age=2678400 cf-ray 80d1af5c89854d8d-FRA
GET H2	200	vendors~Account-Profile~DownloadRecordFile~DownloadRecords~FormBuilder~FormBuilderLayout~FormDesign~FormView.d4120.js my.forms.app/static/js/	5 KB 3 KB	63ms 59ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vendors~Account-Profile~DownloadRecordFile~DownloadRecords~FormBuilder~FormBuilderLayout~FormDesign~FormView.d4120.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 56452 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-14eb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6g6KUi%2B4Lrr2y8DN9CsJCpFGO%2BbjZ2kZ2v45URI%2BxyEFTG2UwhY1xWf%2BLhvGTZZZdyYaT29ZWeQ1VxerYRwaDYbNnLN6bTiLzZ%2B0MPap7RkbKV2Ds0CpyHF59iqCMeU9ygw37Ve93Fgag%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 54d73333bc2a95560679ffd356be482c cache-control max-age=2678400 cf-ray 80d1af5c898c4d8d-FRA
GET H2	200	Account-FormsPaymentDetails~FormBuilder~FormDesign~FormResult~FormView~MySubmissions~SharedReport~Sh~8f1bf5b1.c0442.js my.forms.app/static/js/	1 KB 957 B	65ms 61ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/Account-FormsPaymentDetails~FormBuilder~FormDesign~FormResult~FormView~MySubmissions~SharedReport~Sh~8f1bf5b1.c0442.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 52904 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-40c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAsANmo129nOZ7JmNuoI%2BoO8WlVxoRfHN7%2BOaZ2oJszvEzDnIb0Gxb8EBhlkZSZMu4%2BLgCWiShq8fMYPJb0NR%2BpWy4GoQehcCZ%2BfK4dMvjHeh%2F%2B0S45Dz1STqYi18u3jM4grarNjJBNdbA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control private, max-age=2678400 cf-ray 80d1af5c898d4d8d-FRA
GET H2	200	FormShare~FormView~SharedReport~designcomponents~shareresult.78264.css my.forms.app/static/css/	248 B 587 B	58ms 54ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/FormShare~FormView~SharedReport~designcomponents~shareresult.78264.css Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d48e50c3c9d5d31ac1b91817355ae8323dd09e215225b9386df72ab801a1edb7 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76ckHB0BMKboWY2AGoDzVbMnj078cgdCbI6Qk7RY2ZzVw%2BcZtbh8CP5i3GJy6W7nAsqR6WpBdrFINlBnoaO6qrH9hMHIbn25CE9W51pUNY3uv%2BTPzIdwteOulJV6mRqdr2nFTiuauKswBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context aeb131f6c49e5e386d48f5ddabffd1ac cache-control max-age=2678400 cf-ray 80d1af5c89884d8d-FRA
GET H2	200	FormShare~FormView~SharedReport~designcomponents~shareresult.23303.js my.forms.app/static/js/	2 KB 1 KB	63ms 59ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormShare~FormView~SharedReport~designcomponents~shareresult.23303.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167054 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:12 GMT server cloudflare etag W/"65113bb4-9b4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrgN249XgiyPFxm%2BdNOe5cTg4E6gJrAKdqyHL2rDeaLivucSk%2BAb03Ci0gVBPZZCEkRfIBUGVpld%2F5VQc8QSviryDXKRhcI45bFK7iYq%2F9uWJ%2FCvl3YDJxouzHRuGIYUIfSBmbrIq%2FYEjQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context c7404cf67217a6a121588a3d43831df3 cache-control max-age=2678400 cf-ray 80d1af5c898e4d8d-FRA
GET H2	200	FormBuilder~FormBuilderLayout~FormDesign~FormView.0f941.js my.forms.app/static/js/	51 KB 8 KB	57ms 53ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormBuilder~FormBuilderLayout~FormDesign~FormView.0f941.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167054 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-cd1f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJYQY1eqTyAZwMJmNKvPum%2FZ0uHgf%2BCMW%2BXODS87bsLit428AVusHQ3q88ietCTU8pWRsxX9mYHBkhsLnWZySkvvRVGrzIB%2F9ygl3k%2BSOwngA8w1ZFbiBQH%2BfExOgJ%2FVmngES0g35WqrGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context dedb459d76e6425c4d9a3b228e7f8b96 cache-control max-age=2678400 cf-ray 80d1af5c898f4d8d-FRA
GET H2	200	FormShare~FormView~SharedReport~shareresult.6b922.css my.forms.app/static/css/	178 B 567 B	51ms 47ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/FormShare~FormView~SharedReport~shareresult.6b922.css Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07221221b6c2a3c94e8c6932cb9461efc738f2ca6f0f921ad5938d563c01c4a9 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-b2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7%2Fytc22U2tvAF3R3UKSc%2FcDOyzmiNwRaXxQvbEnNE0ZTO%2BJI9T5ui3QOoYDlclhhx5Tu3UR%2BK%2FS07k85bOg4r6kKYbWOloopE7tc0tLDkI6JtjuNfDxH0y8bc5cbs5Q06t6I2ED5UJARA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context d4ede737753fb61d7ef58563fa34293a cache-control max-age=2678400 cf-ray 80d1af5c89894d8d-FRA
GET H2	200	FormShare~FormView~SharedReport~shareresult.d9406.js my.forms.app/static/js/	4 KB 1 KB	52ms 50ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormShare~FormView~SharedReport~shareresult.d9406.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 57008 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-e70" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWa4uihd8buNzwICTiU4AxJmZbWwyjkSkpDCuXMrM7qlKZ1dJV%2FauW2RHn2KqVzlUmlXv7NuhFrb%2FaLhAsWhRgKMt76bXKZtH%2FioufJid5nc90PEnoxl1UB9M0u93MdEKDXU%2BwDJua4Cvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 26e9a8a32bab508ade624a75d3c49eec cache-control max-age=2678400 cf-ray 80d1af5c89904d8d-FRA
GET H2	200	FormBuilder~FormDesign~FormTemplate~FormView.d3010.js my.forms.app/static/js/	277 B 580 B	58ms 56ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormBuilder~FormDesign~FormTemplate~FormView.d3010.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 53867 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-115" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPrHpNTPG7Ct1MAxWpc9ftAlg6n3PlmQCXSI%2FCzdeWTRH595OREFajlXK7ZxViVivoL7Lzs%2FktMs8mjXZhcP2e5gqHxtJDaNwvAnnvba7k24B5fl2mlEAiUWnS%2BijxPpLYHRvhsPiQvB7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 60f92025f094749cfd1e2cd7993036aa cache-control max-age=2678400 cf-ray 80d1af5c89924d8d-FRA
GET H2	200	FormBuilder~FormDesign~FormView.c1bce.css my.forms.app/static/css/	17 KB 4 KB	62ms 60ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/FormBuilder~FormDesign~FormView.c1bce.css Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec921769d9e29606535ee563e8ea031c7b486ccceb8559b51fd1027e957101ee Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 18740 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:12 GMT server cloudflare etag W/"65113bb4-43b5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oCs5DEAZqwQQ033FKgyKoY%2FnAZ%2BcjpTBZN%2BMvx%2FD0cuqYETAPKEyhlM2vfvOI3nd8GS2pjDBJsAdIxU%2FGVi%2FSBGqBOYL4JWaN4WzJ%2BZodzvekZC31uxLuKiHgDbV2fZ7HdO8fjwV19uBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 1c46ca45cc2d44ec253b7f880466bd65 cache-control max-age=2678400 cf-ray 80d1af5c898a4d8d-FRA
GET H2	200	FormBuilder~FormDesign~FormView.f9cbd.js my.forms.app/static/js/	17 KB 6 KB	54ms 52ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormBuilder~FormDesign~FormView.f9cbd.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167054 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:12 GMT server cloudflare etag W/"65113bb4-44ef" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFauzaEdD0VSwzFDzbKCf41AOCVUMPn1SjrAwNBf50xDUAwkJHgzgKV4BJ4fcgts32nI12mnPK8iM8EjrkTVaYwf7zN1O4HDtoF1UIT2dgJYPvPPHm6kEUkkf8%2FgImCqOaB4vQ7a07jSaw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 7596e89bf3abe97ba76e2a28956fbbf8 cache-control max-age=2678400 cf-ray 80d1af5c89934d8d-FRA
GET H2	200	FormDesign~FormView.c9762.js my.forms.app/static/js/	3 KB 796 B	57ms 55ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormDesign~FormView.c9762.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167054 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-bee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZ24BnALuXbALl9%2Bpm43UPdhZdTps9GSg4n2HHmffER9xYDrcrCNP9gYIJ8EAYPwW%2B0%2B12uBNWKFVzNGoBddGXN%2BZXFHi2z49N%2FpVMEknN8UZrZf1hb1RBZgQOviZSxV0Mi1MKWgTDDOhg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 73d278251a4b188a579d508ede312790 cache-control max-age=2678400 cf-ray 80d1af5c89944d8d-FRA
GET H2	200	FormView.6e7ef.css my.forms.app/static/css/	16 KB 4 KB	53ms 51ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/FormView.6e7ef.css Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e4c64cb02cac4862b40216b5f79ce1d80e690e669855394d9a010dc88c744bd Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 574499 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 20 Sep 2023 14:33:16 GMT server cloudflare etag W/"650b02ac-3f23" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJ42dvfSRlw%2Bp0xPp2pG1C%2FNo12oncZQzoW4MGqb6aAtNFc5Nss5VA9PrOIhJvN4gNnQKZXYfU4VpE4ekcV7qDGj3jjMRHAZhrxviOYLweKfqjmK1XaNz0XMOBXBEVw4fjT9NKXpgWRdrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 75edc2b008c29693c20d24df46f19dd9 cache-control max-age=2678400 cf-ray 80d1af5c898b4d8d-FRA
GET H2	200	FormView.c6c75.js my.forms.app/static/js/	52 KB 15 KB	58ms 56ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormView.c6c75.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 167054 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:12 GMT server cloudflare etag W/"65113bb4-d0ff" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzZAxI6DPQVnmGqKJjg3z24qJgWIBygOfltc3hAkXHiOaT5uTZPJEEMCcfQsBm%2B2WQGq6AJXaeYipKCZ%2B8KnQRJkbn%2FKa38JqMn6IqWvd9fpf1PkQOjVE3qaWMpnMiKspXIPIUWyc1NsKQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 1452be4bac82b3c9e2c3ccbd7dcf1cec cache-control max-age=2678400 cf-ray 80d1af5c89964d8d-FRA
GET H2	200	isvg.8d467.js my.forms.app/static/js/	32 KB 11 KB	52ms 51ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/isvg.8d467.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 52905 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-7e99" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVc7npZsG7Lr1LifflgLtkRhx7XpmdhuHFmauDKDOYxp0nQFeoyac5ymPqTZwWsQSRDv3wxpU%2FLSUuHNfoqhZ0kcCeKiuPObaGhycxFbnYUt%2B2cADzXWx7PyRCQFd5RevLJR%2B3w4%2FJaUeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 7ef7a1a75413c82fccef96f3096237ee cache-control max-age=2678400 cf-ray 80d1af5c99994d8d-FRA
GET H2	200	Account-PaymentHistory~mainheader~upgradepopup.d9970.css my.forms.app/static/css/	75 B 506 B	67ms 66ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/Account-PaymentHistory~mainheader~upgradepopup.d9970.css Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43b12f6495a618486a60ae8ea1415bfd7acfd0c523f9654488c7694c02508d24 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-4b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDdysAnWeX%2BfEj9dOysyqRYXk%2F%2Bs576YLw1dWezW1efJ%2FTDFdiMZ3q4s6ktadkqJv68hKwVQzNsOwSPavoRDKyjjMgv2gIaNqpX8fxJ3k1mminqSDYsPJmxKhulqwuAZMAxRzdaW4%2BnKww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context bdebaeac5c68995118ec43a0c69c78b1 cache-control max-age=2678400 cf-ray 80d1af5cb9b24d8d-FRA
GET H2	200	Account-PaymentHistory~mainheader~upgradepopup.c7deb.js my.forms.app/static/js/	1 KB 1003 B	68ms 67ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/Account-PaymentHistory~mainheader~upgradepopup.c7deb.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:15 GMT server cloudflare etag W/"6501ab93-4c1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2TYLb46Hu9hBZPAnvl8KY69Z9l%2BY4w6wAWwE5a0H8SHEwiDEdGOrXMwDE8uIXholYjFLmzT0tscf25QTuYPev7OAwFCZxrY8r9DcXBgwfRceQtoFx1jqmCdjvtkXu%2B7ojrtuC9TjKw1IQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context e89a92b85663fd39c888b9f492347445 cache-control max-age=2678400 cf-ray 80d1af5cb9b54d8d-FRA
GET H2	200	mainheader.5dfd0.css my.forms.app/static/css/	10 KB 3 KB	68ms 67ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/css/mainheader.5dfd0.css Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 549e946e7794fa2ab076481b6ffcc1e03b47c50c2b902affbcc9076c18db7a0b Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 18740 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-26f3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8s2ZxoR6W7LL8L5Jno8K0dH6KyCJR%2FG6cboyG2CGb0R4x%2BZC5ZTD1OvAzNMNAHiyqPzAdF6yl0BYaQcmneYlf8ybsjtHBEE2rgG7gzxvJ4%2FHE5fi6%2B6LUAPzQ4Mww3TjBNLM7Xbqb%2FEBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-cloud-trace-context 8406b88536a16f173c82bbe56efe0b8c cache-control max-age=2678400 cf-ray 80d1af5cb9b44d8d-FRA
GET H2	200	mainheader.4f587.js my.forms.app/static/js/	9 KB 3 KB	69ms 68ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/mainheader.4f587.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 57008 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-2538" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHne53F%2FV2FvnjnzZPlw9Rn1p58862Llxqo0KqUtrh8ISSut75GGw4P3odWlcSMPuo9q6YYRLdzLa5%2BSTsI%2FJeMMrSqr0DYlQ7VF5g2xZYGGf2Czey7VivNe2JCArutfNRHdEfH77GqHGw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 8f5aa5b0f671e9c3596e20c07dd3d007 cache-control max-age=2678400 cf-ray 80d1af5cb9b64d8d-FRA
GET H2	200	vendors~FormResult~SubmitterRecord~fineuploaderwrappers~formrecorddetailpopup~messages.f9a0e.js my.forms.app/static/js/	0 43 KB	56ms 56ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vendors~FormResult~SubmitterRecord~fineuploaderwrappers~formrecorddetailpopup~messages.f9a0e.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 756354 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-2611b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXqpQStj%2BkluGm4%2F3dFLm3Vv%2BFGxXbBXROXcetBKKOMe0MkK%2BIG7VluW7Sk1nqw9ZNdGipfFtf8%2BxFOPGTjkJbpWkmQ%2FiZgG69tl%2Bg%2FrWulS%2FyImkjQ24RdkhCVr39s7Xy8sfHCQ0ZQONQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context e56ad97ded276a1c1bfcb87fd60e54bd cache-control max-age=2678400 cf-ray 80d1af5d0a0f4d8d-FRA
GET H2	200	FormResult~SubmitterRecord~fineuploaderwrappers~formrecorddetailpopup~messages.0e9fc.js my.forms.app/static/js/	0 1 KB	49ms 47ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/FormResult~SubmitterRecord~fineuploaderwrappers~formrecorddetailpopup~messages.0e9fc.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 756354 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-701" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU2gQ6XlbvncW6wCdp48fAYfqoW1j%2B%2BCx%2B7nSjn2z%2BLWnw9YgMxh0zY1%2FtlUtD1RLEjGfaLRHF1fhR%2B6ibxQKcpIoBgM%2F1gIhGTKlyuU2UUhJM1qu2%2Bwg02fOIRx1Bbxi7wufipflnvi1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 3886fb562fb0881cb7dd9a68fc7a5477 cache-control max-age=2678400 cf-ray 80d1af5d1a164d8d-FRA
GET H2	200	fineuploaderwrappers.f5f94.js my.forms.app/static/js/	0 3 KB	55ms 52ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/fineuploaderwrappers.f5f94.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 142116 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 14:41:47 GMT server cloudflare etag W/"65119c2b-1f76" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viPPCTYHaoPjI%2BGGg%2B79UZgfuxZjj1OsYvx4fyeH4RqKSMj6Iz%2BAm96A6hLX3x3pCrzyL%2BJ6D91RaWPh4Q3%2Ful2vmD2hXXMm9c6Mo52X0ZMevAHJrepPKjBNwU6HnOWZcFtJ65802QqQNA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 8ce955ac8b60e9bc0f1bb8b7be7cd963 cache-control max-age=2678400 cf-ray 80d1af5d1a174d8d-FRA
GET H2	200	vendors~Discover~DiscoverForm~DiscoverUser~FormArchive~FormBuilder~FormList~FormResult~FormTrash~MyS~c11352bf.0c5a7.js my.forms.app/static/js/	0 766 B	49ms 47ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/vendors~Discover~DiscoverForm~DiscoverUser~FormArchive~FormBuilder~FormList~FormResult~FormTrash~MyS~c11352bf.0c5a7.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 756354 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-26b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2Xqr%2BRBvteaE8u1Eib1AWvpjEGPFgWITYsfjqq5tCMPtOTcsoxgvzk5dmbdU%2Fh0xEuCPUtrGMHzbbAfJcMRuueo23ZnRPtXozRtoUWl6%2FbL93ESJS7cb50PylboBI5ziHiby66XANhrGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control private, max-age=2678400 cf-ray 80d1af5d1a184d8d-FRA
GET H2	200	iavatar.7b8bf.js my.forms.app/static/js/	0 2 KB	54ms 52ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/iavatar.7b8bf.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 53867 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-a22" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cq7tYdwY1fef3PUNMrKJEflzfoDrf6D5Dmz84OfqG%2FeTBf3tGKH%2FOJsMbnkX7sbT8su1eCVVt4Zp3fbWYdNwFKxi7ZBnsLTA7dB4PL5beoPGpvdn8o49RJpxr04uNZn3GnPbNc3zDO0sdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 54ed90ffdbc3043e1a8a293265f2e98a cache-control max-age=2678400 cf-ray 80d1af5d1a1a4d8d-FRA
GET H2	200	ialert.0bec7.js my.forms.app/static/js/	0 984 B	53ms 51ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/ialert.0bec7.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-48f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGJaO9WFoT3ohyAyaLeLpIQz2CPFBV0duOtU94BzJujJiJcZJNIl6CqFC5LYl5AIv%2Fp3n%2F3CJ9f0sAOP2Un%2F1XMdYNliAkq08XoS4Cub2pmeSQlK7kaQzqnoQ%2FQPXuaprebSxLjbQ6uQXQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context b5b564b516a2ce48bb9337e37bd09e10 cache-control max-age=2678400 cf-ray 80d1af5d1a1b4d8d-FRA
GET H2	200	iicon.349e2.js my.forms.app/static/js/	0 5 KB	53ms 51ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/iicon.349e2.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 18741 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-3e79" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6KryPrIqK2gtyBIUa0O%2BCy7cLYinbvKnHz6NsmJlHpqeOmMajSLyDpMwkwOsjIFeHMUtRSBSbHxQFBvZcgJ8GB%2FAYhuEiCcU3nXO4xj8NduIpWA4awJ1izzxmWKdC2dmGOVQ6Aw7oQ7Zw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context a6b35b59f82f7f4897ed96040f7b5c25 cache-control max-age=2678400 cf-ray 80d1af5d1a1c4d8d-FRA
GET H2	200	imenu.95666.js my.forms.app/static/js/	0 857 B	50ms 48ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/imenu.95666.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769096 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-35e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kV29VkHk7ZWyIwpTsdGPB8vJQUOZWftS54qulwVXZ0Nsgkg0qDeAH%2BMOMBpZgTgEtDeUzacW6PyhuMsHDCqupwHy5t%2B79PgvtJXTiXNuaccJsEkxWrjnIr3dfpGePQqZzrDRzRArFTZJ9g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context cb30e23063298e38d793fe626f45569e cache-control max-age=2678400 cf-ray 80d1af5d1a1d4d8d-FRA
GET H2	200	isidebar.a3079.js my.forms.app/static/js/	0 2 KB	60ms 59ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/isidebar.a3079.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 56452 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 07:50:13 GMT server cloudflare etag W/"65113bb5-18a1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrZIEgKeDO9U8tVn2Wmf8%2FEFkZ0HyX%2FK5hvt%2FiI%2FrdcfffFcgbmOTJAoEHmoeKdH7QhQBY6Qa%2B6sTg82Bq54ju2UbR8%2BdfM2mRC8si%2B2w4TiBLrnJ2uhTYs%2BvvemMOkTVqAHHQn2hPDmtw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context da4e7256b4af2c43a32b243c6dc7b514 cache-control max-age=2678400 cf-ray 80d1af5d1a1f4d8d-FRA
GET H2	200	questionvalidation.e98ad.js my.forms.app/static/js/	0 1 KB	54ms 53ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/questionvalidation.e98ad.js Requested by Host: my.forms.app URL: https://my.forms.app/static/js/runtime~app.184b2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 56452 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-505" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyAV78zBWeAXKX6FnUH5s%2BVXjgcMb9x77pOA3%2F5IYPYtXyNFxrZokSmTHSim4f6kWSGJ7YolS3FwqQ5ZXvRKysqOuVH%2F69NcY9892W1cyFLjpQ0tx3huT29vzF%2BCNGPlSO4mrc%2F%2BixWePA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context c4bc68eb5b520b88dff40f926b33b3b2 cache-control max-age=2678400 cf-ray 80d1af5d1a204d8d-FRA
GET H2	200	gettimezonefromutc api.forms.app/user/	444 B 803 B	141ms 53ms	XHR text/plain	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.forms.app/user/gettimezonefromutc?timezoneUtc=Europe%2FBerlin Requested by Host: my.forms.app URL: https://my.forms.app/static/js/vendor.1f58b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://my.forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 769059 x-custom-header GCR last-modified Mon, 18 Sep 2023 08:39:53 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twOS3rlcHpUHoxUcKmmR81N8w1CTx9GRa1e2UDNoCyczbTMW3J3QssVDqXArjDGR93eORhChI92G2j7bbmx4wXk3fIJne4nxI%2BUtEKfsUa44oCBwUrLv9pq1jHdYFc%2BcwQSbxRyN445DvtM%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * x-frame-options SAMEORIGIN cache-control max-age=2678400 cf-ray 80d1af5d3bd52bfc-FRA
POST H2	204	rum my.forms.app/cdn-cgi/	0 157 B	45ms 45ms	XHR text/plain	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://my.forms.app/altcointrading/bitmexwithdrawalform accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 content-type application/json Response headers date Wed, 27 Sep 2023 06:28:10 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://my.forms.app x-frame-options DENY access-control-allow-credentials true cf-ray 80d1af5cb9b74d8d-FRA
POST H2	200	e analytics.forms.app/	40 B 406 B	64ms 64ms	XHR application/json	2606:4700:20::681a:214 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.forms.app/e Requested by Host: analytics.forms.app URL: https://analytics.forms.app/static/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:214 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers Referer https://my.forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-type application/json Response headers date Wed, 27 Sep 2023 06:28:10 GMT strict-transport-security max-age=15552000; preload cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-krakend Version 2.4.3 vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaB%2FRIG0SQsJdVKfbdTsEt3Ci8Pv4AguLTA%2FcnDu7nGGUKcAj7tf3vRVWRK%2FT3BQWRjLn2ajtxvw49jx29fRVm25d3Lh8iw2ckCxfhzjX9BAk2Xx0Z3MCDKrSD2OeD6D28ihA0%2FKqIqSQtb07akJoFY%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 x-krakend-completed true cf-ray 80d1af5dbcbe3809-FRA content-length 40
GET H2	200	css2 fonts.googleapis.com/	4 KB 733 B	151ms 61ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Great+Vibes&family=Kalam:wght@700&family=Sriracha&display=swap Requested by Host: my.forms.app URL: https://my.forms.app/static/css/mainheader.5dfd0.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 27 Sep 2023 06:28:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 27 Sep 2023 06:28:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 27 Sep 2023 06:28:10 GMT
OPTIONS H2	204	e analytics.forms.app/ Frame	0 0	157ms 72ms	Preflight	2606:4700:20::681a:214 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.forms.app/e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:214 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://my.forms.app Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 43200 cf-cache-status DYNAMIC cf-ray 80d1af5d4c753809-FRA date Wed, 27 Sep 2023 06:28:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlibOz0mqUV7paMRv3gxlIplZyXsSNggMd35n2rP9MID2miPE18Koc%2B4mP5WmLEP44rLt90B80LDoCUvKTfS3QnXXMsqGmOnwfbIAdx4SBkRl8H6i5ObqNtE%2FnztroiKVunuwL%2FWa1Nt2XdIcaqVFgo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; preload vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	css fonts.googleapis.com/	14 KB 1 KB	114ms 52ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&;devanagari,latin-ext Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 27 Sep 2023 06:28:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 27 Sep 2023 06:28:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 27 Sep 2023 06:28:10 GMT
GET H2	403	bitmexwithdrawalform api.forms.app/form/altcointrading/	20 B 387 B	172ms 167ms	XHR application/json	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.forms.app/form/altcointrading/bitmexwithdrawalform Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers Accept application/json, text/plain, */* Referer https://my.forms.app/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; preload vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAUhsh6BepR9hPZhLCzuad4VPWGMd1kHdvvl8nkXBMHLleOFdhO%2Bgz3sTo7P%2FEKhsjR%2FlwwA3ajZOi%2BaGg%2F0YhUDaEKmPUJMo59t27O4zEOxPe5MCH7gnS0DdACe5CNFL7y4erqvQcqWwg4%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * x-cloud-trace-context a4c786f33a5861fd25ae75c4bcd3f9b0 cache-control private cf-ray 80d1af5d6c012bfc-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 48 KB	382ms 40ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&;devanagari,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://my.forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 21 Sep 2023 18:16:19 GMT x-content-type-options nosniff age 475911 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Sep 2024 18:16:19 GMT
GET H2	200	analytics.js www.google-analytics.com/	52 KB 21 KB	342ms 39ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 27 Sep 2023 05:49:43 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2307 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 27 Sep 2023 07:49:43 GMT
GET H2	200	/ googleads.g.doubleclick.net/pagead/viewthroughconversion/587928374/	3 KB 2 KB	357ms 54ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/587928374/?random=1695796090575&cv=11&fst=1695796090575&bg=ffffff&guid=ON&async=1&gtm=45He39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&hn=www.googleadservices.com&frm=0&tiba=Contact%20Form%20%7C%20forms.app&auid=196227790.1695796091&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1321 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bat.js bat.bing.com/	44 KB 13 KB	371ms 69ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Wed, 27 Sep 2023 06:28:09 GMT last-modified Wed, 06 Sep 2023 22:41:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: CE256ED303DD4D1E962107A4822A96CD Ref B: FRA31EDGE0621 Ref C: 2023-09-27T06:28:10Z etag "09cc4613e1d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12981
GET H2	200	fbevents.js connect.facebook.net/en_US/	197 KB 53 KB	340ms 39ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Sep 2023 06:28:10 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53229 x-xss-protection 0 pragma public x-fb-debug mqZLgWBt/BVUbOPAKWtDZ4qIl1goezbDQXAbYloVW+ZtdAvj6UcZaH6/tamgTHJdYBavab8cpAJDaNWjAxhMLg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	js www.googletagmanager.com/gtag/	258 KB 88 KB	59ms 59ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-740JKHV4FZ&l=dataLayer&cx=c Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89634 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 27 Sep 2023 06:28:10 GMT
GET H2	200	js www.googletagmanager.com/gtag/	204 KB 73 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-794725785&l=dataLayer&cx=c Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74993 x-xss-protection 0 last-modified Wed, 27 Sep 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Sep 2023 06:28:10 GMT
POST H2	200	794725785 google.com/pagead/form-data/	0 0	335ms 48ms	Ping text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google.com/pagead/form-data/794725785?em=tv.1&gtm=45He39p0&auid=196227790.1695796091 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPSL383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers
POST H2	204	794725785 google.com/ccm/form-data/	0 243 B	334ms 47ms	Ping text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google.com/ccm/form-data/794725785?em=tv.1&gtm=45He39p0&auid=196227790.1695796091 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPSL383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://my.forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST		e analytics.forms.app/	0 0
GET H2	200	Primary Request phishing Show response forms.app/	50 KB 11 KB	709ms 703ms	Document text/html	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/phishing Requested by Host: my.forms.app URL: https://my.forms.app/static/js/FormView.c6c75.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Nuxt Resource Hash e8ff4b697d28c4fbcb528bc187263405d3c938aae98d9089b58dd6577503c7f9 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://my.forms.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private cf-cache-status DYNAMIC cf-ray 80d1af601c634d8d-FRA content-encoding br content-type text/html;charset=utf-8 date Wed, 27 Sep 2023 06:28:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZNkJS3vKFdkCGYHE1iCOW7M1UmeKW9ZB0%2F1IJXpEBqezgtC0AVigFAQ3Goe5fznZl28LJq1QMgWCt3ld1r67xPUMxWRrIYWWVbUq2rRL2vp%2Bvk1XsLcV2lTDUK7lFoGoPsd5oKAJg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; preload vary Accept-Encoding,Accept-Encoding via 1.1 google, 1.1 google x-cloud-trace-context 30a48ef5785560a64476e87b91228a69;o=1 x-content-type-options nosniff x-powered-by Nuxt x-xss-protection 1; mode=block
GET H2	200	logo-home.svg my.forms.app/static/img/	9 KB 4 KB	54ms 54ms	Image image/svg+xml	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://my.forms.app/static/img/logo-home.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 51680 content-encoding br x-xss-protection 1; mode=block last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag W/"6501ab94-23c3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obtN482oTMdvuEfyOt2nN2ReB0q55LkCrjWRG%2BQ94WOLbNsDXVhraoxc82aC5gNxOasxDChNqwqCzk92mWa9yKLvxGHHjpUdXVh9kkH3w8SbsISd%2B8HsyqL9X5nz%2FX0tyc2BA3zwE6uI1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-cloud-trace-context 9ed2ec421cb8dc90358e6a4a63ea03ce cache-control max-age=2678400 cf-ray 80d1af5e8b444d8d-FRA
GET H2	200	form-disable.png my.forms.app/static/img/	8 KB 8 KB	53ms 53ms	Image image/webp	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://my.forms.app/static/img/form-disable.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 2627 cf-polished origFmt=png, origSize=9896 content-disposition inline; filename="form-disable.webp" content-length 7820 x-xss-protection 1; mode=block cf-bgj imgq:100,h2pri last-modified Wed, 13 Sep 2023 12:31:16 GMT server cloudflare etag "6501ab94-26a8" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz%2B90dFOt6OlFrPri5uO%2BouC9bclyez4O%2FAShfdrpwq7OaULUfHGIgvlIy9sAJEOXnPUcHfzxOEXhhb05BiQn0f48XiB3DdhTpXCmcG7XbzZk4jYw2FJvRZwr6I1d%2BcApNjRHNd65d44cw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp x-cloud-trace-context b34a0df57f50cf1b784323595a2a62f9 cache-control max-age=2678400 accept-ranges bytes cf-ray 80d1af5e8b454d8d-FRA
GET H2	200	icons.8e3e1.js my.forms.app/static/js/	308 KB 94 KB	60ms 60ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.forms.app/static/js/icons.8e3e1.js Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/altcointrading/bitmexwithdrawalform User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:10 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 18740 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 18 Sep 2023 12:08:52 GMT server cloudflare etag W/"65083dd4-4d1cc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3hUBwNZxUJy4pAgYJwzZ7wSHjKxTAvvTnSL4ROEWnhEB9jLVc2BVRFXlYjO6AtUcZblzBEWlg%2FQbiwc7NyhfD6RyiehyWVSfLCGb9WkHS%2FXqOi%2BLW5EFoK%2FzOFNddSXNeuBwG4gOiSP0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context b9ab4a7d9d5faf99e06bc846d0fd42e4 cache-control max-age=2678400 cf-ray 80d1af5e8b494d8d-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	303ms 84ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&;devanagari,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://my.forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 21 Sep 2023 18:16:19 GMT x-content-type-options nosniff age 475911 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Sep 2024 18:16:19 GMT
GET H2	200	/ googleads.g.doubleclick.net/pagead/viewthroughconversion/794725785/	3 KB 1 KB	235ms 55ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794725785/?random=1695796090686&cv=11&fst=1695796090686&bg=ffffff&guid=ON&async=1&gtm=45be39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&hn=www.googleadservices.com&frm=0&tiba=Contact%20Form%20%7C%20forms.app&auid=196227790.1695796091&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1339 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 252 B	184ms 46ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-740JKHV4FZ&gtm=45je39p0&_p=1824194601&cid=1222314430.1695796091&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1695796090&sct=1&seg=0&dl=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&dt=Contact%20Form%20%7C%20forms.app&en=page_view&_fv=1&_nsi=1&_ss=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-740JKHV4FZ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://my.forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	161ms 47ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-740JKHV4FZ&gtm=45je39p0&_p=1824194601&cid=1222314430.1695796091&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&sid=1695796090&sct=1&seg=0&dl=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&dt=Contact%20Form%20%7C%20forms.app&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-740JKHV4FZ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://my.forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://my.forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	e analytics.forms.app/ Frame	0 0	61ms 60ms	Preflight	2606:4700:20::681a:214 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.forms.app/e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:214 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://my.forms.app Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 43200 cf-cache-status DYNAMIC cf-ray 80d1af5e8d6e3809-FRA date Wed, 27 Sep 2023 06:28:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5NfcWbf3wBK%2BiUYH2VUpXOV88BtSquN6NUoFVRY9svy7hVUEOKk6T%2BPir6uzHSfyDzE4cYMmpY6VwZ3o7Q%2F7Wi%2BUl4ur5%2BoBtNCrVo9nXjspvTSZiB1DkkHzQ%2FYFQIYR%2BOx%2BjyY2RTjfuDO5WGt0PE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; preload vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	linkid.js www.google-analytics.com/plugins/ua/	2 KB 1 KB	44ms 44ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:14:57 GMT content-encoding br x-content-type-options nosniff age 793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 27 Sep 2023 07:14:57 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/587928374/	42 B 455 B	140ms 51ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/587928374/?random=1695796090575&cv=11&fst=1695794400000&bg=ffffff&guid=ON&async=1&gtm=45He39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&frm=0&tiba=Contact%20Form%20%7C%20forms.app&fmt=3&is_vtc=1&random=1783242122&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/587928374/	42 B 455 B	141ms 53ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/587928374/?random=1695796090575&cv=11&fst=1695794400000&bg=ffffff&guid=ON&async=1&gtm=45He39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&frm=0&tiba=Contact%20Form%20%7C%20forms.app&fmt=3&is_vtc=1&random=1783242122&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/794725785/	42 B 108 B	142ms 54ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/794725785/?random=1695796090686&cv=11&fst=1695794400000&bg=ffffff&guid=ON&async=1&gtm=45be39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&frm=0&tiba=Contact%20Form%20%7C%20forms.app&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=81407075&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/794725785/	42 B 108 B	141ms 53ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/794725785/?random=1695796090686&cv=11&fst=1695794400000&bg=ffffff&guid=ON&async=1&gtm=45be39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&frm=0&tiba=Contact%20Form%20%7C%20forms.app&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=81407075&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	137024713.js bat.bing.com/p/action/	0 118 B	67ms 67ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/137024713.js Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Wed, 27 Sep 2023 06:28:10 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 5E8F2AD17E884E468EBBA29EC5587B1D Ref B: FRA31EDGE0621 Ref C: 2023-09-27T06:28:10Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	101ms 101ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=137024713&tm=gtm002&Ver=2&mid=25e873c8-7669-4f7c-abe6-52d4860968ed&sid=07a2c5c05cff11ee9de9d16422d8f839&vid=07a2d3105cff11ee9f64bfb8f32b1344&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Contact%20Form%20%7C%20forms.app&kw=form,%20builder,%20formbuilder,%20free%20form%20builder&p=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&r=&lt=1023&pt=1695796089197,,,,,0,1,2,2,775,41,775,848,849,850,855,1022,1022,1022,1022,1023&pn=0,0&evt=pageLoad&sv=1&rn=843354 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 27 Sep 2023 06:28:10 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 568912C5179E46608EFC88E32B94D1DE Ref B: FRA31EDGE0621 Ref C: 2023-09-27T06:28:10Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/j/	3 B 206 B	46ms 46ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1824194601&t=pageview&_s=1&dl=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&ul=en-us&de=UTF-8&dt=Contact%20Form%20%7C%20forms.app&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAACAAI~&jid=1640100538&gjid=1979681661&cid=1222314430.1695796091&tid=UA-123158574-1&_gid=1391304348.1695796091&_slc=1&gtm=45He39p0n81WPSL383&z=1113143696 Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://my.forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://my.forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect stats.g.doubleclick.net/j/	4 B 347 B	148ms 48ms	XHR text/plain	2a00:1450:400c:c07::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-123158574-1&cid=1222314430.1695796091&jid=1640100538&gjid=1979681661&_gid=1391304348.1695796091&_u=aCDAgEAjAAAAAGAAI~&z=1211573688 Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://my.forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 27 Sep 2023 06:28:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://my.forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	175163836725648 connect.facebook.net/signals/config/	136 KB 36 KB	41ms 40ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/175163836725648?v=2.9.129&r=stable&domain=my.forms.app Requested by Host: my.forms.app URL: https://my.forms.app/static/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Sep 2023 06:28:11 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 36579 x-xss-protection 0 pragma public x-fb-debug JpxUysoGdpBMxGGzwY0oJOjWMLb09dcgK00MnwC1xBdGmPz2luReF73114EoSKvFp1Ns4IsfQyGDzhrJ4vliDQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	131ms 40ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=175163836725648&ev=PageView&dl=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&rl=&if=false&ts=1695796091089&sw=1600&sh=1200&v=2.9.129&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1695796091087.1722500036&it=1695796091017&coo=false&tm=1&exp=a1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 27 Sep 2023 06:28:11 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 31 B	131ms 41ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=175163836725648&ev=Microdata&dl=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&rl=&if=false&ts=1695796091091&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Contact%20Form%20%7C%20forms.app%22%2C%22meta%3Adescription%22%3A%22It%20is%20the%20best%20way%20to%20create%20contact%20forms%2C%20forms.app.%20Start%20creating%20a%20contact%20form%20for%20your%20website.%22%2C%22meta%3Akeywords%22%3A%22form%2C%20builder%2C%20formbuilder%2C%20free%20form%20builder%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Contact%20Form%20%7C%20forms.app%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fforms.app%2Fstatic%2Fmanifest%2F700x350.png%3Fv%3D1%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fforms.app%2Fstatic%2Fmanifest%2F700x350.png%3Fv%3D1%22%2C%22og%3Aimage%3Awidth%22%3A%22700%22%2C%22og%3Aimage%3Aheight%22%3A%22350%22%2C%22og%3Aimage%3Aalt%22%3A%22forms%20logo%22%2C%22og%3Adescription%22%3A%22It%20is%20the%20best%20way%20to%20create%20contact%20forms%2C%20forms.app.%20Start%20creating%20a%20contact%20form%20for%20your%20website.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fforms.app%2F%22%2C%22og%3Asite_name%22%3A%22forms.app%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22url%22%3A%22https%3A%2F%2Fforms.app%2Fstatic%2Fmanifest%2F700x350.png%3Fv%3D1%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FImageObject%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.129&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1695796091087.1722500036&it=1695796091017&coo=false&es=automatic&tm=3&exp=a3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 27 Sep 2023 06:28:11 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	52ms 51ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123158574-1&cid=1222314430.1695796091&jid=1640100538&_u=aCDAgEAjAAAAAGAAI~&z=1332253157 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	53ms 53ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-123158574-1&cid=1222314430.1695796091&jid=1640100538&_u=aCDAgEAjAAAAAGAAI~&z=1332253157 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://my.forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST		collect region1.google-analytics.com/g/	0 0
POST		0 bat.bing.com/actionp/	0 0
POST		rum my.forms.app/cdn-cgi/	0 0
GET H2	200	entry.1ba6df96.js Show response forms.app/_nuxt/	3 MB 608 KB	62ms 60ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/entry.1ba6df96.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a00d7ceb2324cfe110e43c6dedaa5c7716b888f6e991976b2c1e36637e452f2a Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 163465 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"2d8401-QByZa2SvbjVZgIgkpoBXPKwZpQE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc7Sf7evEVQW6v3kTQ%2F01xAGt0bMjymclbSParHjep%2FEutNWoXwn6Kc5b%2F%2FpFSei48vSf1gz%2FxkhAs%2BU2eh4bS0plKFgULfpLSFdvhLc%2BSkFWlKm1IZQFxv3XRAukvNZcqrnQWKoHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 3871d7629abf37b751fd271755429289 cache-control public, max-age=31536000, immutable cf-ray 80d1af648fc84d8d-FRA
GET H2	200	entry.4355243a.css forms.app/_nuxt/	23 KB 6 KB	49ms 47ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/entry.4355243a.css Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4355243ac8a74b24c091a9805bc2389f6673cc9bee3b2b94e4206f5c85d3ba58 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 768881 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:09:40 GMT server cloudflare etag W/"5d76-OIjabHYYfSPWxXBrcyaAn9vfn4E" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Zq0WC%2F0Kq5EG19kY%2B%2B1nC%2BCFkBboUgTklln7S2SG%2BvWmbT6%2FmPxqYm1mzzaDMub0%2Bvob7tyzEhTMldgJNbJOd6H5ECr3D107t%2FmlZrZ%2FATSjkM%2BwS2BlyXxorYA%2FDWyzI9K5%2Fd6Cw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 x-cloud-trace-context cb6422b6ed4b98e7836fa8f2c299525a cache-control public, max-age=31536000, immutable cf-ray 80d1af648fcb4d8d-FRA
GET H2	200	Default.3562edd2.js Show response forms.app/_nuxt/	28 KB 6 KB	67ms 65ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/Default.3562edd2.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac993491d166414c6edea5c413c507016a2027b166a1c696e0361a35e3d7cd79 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 34122 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"6fbe-HKysGwcq5/rZJweAHcxEmCTD2qU" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZ0cO1BHtxc8IDN%2BD2Mocj4JfrB2YW2MX9ukuqB3vh%2Fet8deI8bfFx36Hdh2O0Suxdy8x6nDGvk9LApf88StrUc2GEISlcGTr1t5TBmDyiihsj7N1Ecl9kw9nF%2FSk07r99IKhwvRTw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context d52adfee100da4782562f6d6c1334bfd cache-control public, max-age=31536000, immutable cf-ray 80d1af648fcd4d8d-FRA
GET H2	200	fetch.199f8c85.js Show response forms.app/_nuxt/	11 KB 5 KB	50ms 49ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/fetch.199f8c85.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe40686810a3b837ca35b100064ff714ec39414ad820905e52739a03710bd286 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 163465 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"2d50-x20it7ckSUzxpA3XSiU3MALWnJc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEJvxSPHG5B7wSjt6xP9tQrMFjZ2fNFmRxgvdZYTIdhOfF8Au4kYQXLsL9uj8Y36T63Y3weVaCEiCWS55gjU1f6G0LNxtfiFrbks%2FTxe5O2kaSlwSnEx9bHtAfFIN8%2BR%2BkWAL91u3Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context d6358368b8f2e7f28fbb7ca026fae9fe cache-control public, max-age=31536000, immutable cf-ray 80d1af648fce4d8d-FRA
GET H2	200	auth.e9648b40.js Show response forms.app/_nuxt/	10 KB 4 KB	54ms 53ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/auth.e9648b40.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f48a50755695a18f34a6bbd8ed2a580df22920ad9cb5e2e69c202e4002409274 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 768880 content-encoding br x-xss-protection 1; mode=block last-modified Fri, 08 Sep 2023 15:27:53 GMT server cloudflare etag W/"28ab-rO7+MBQAQiu1kveoOqr8esFB3v8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTR%2FGeTNjtRwh4evGLFhSn3VVyLc6f58s7%2FF7hULSA3JwMl%2BHCO2wjDDSskDR6KZ2Ku%2Fws10va32JKaRMQzX3sSws8rze%2BKpAOe%2Bbf9aVQAZn3lfW2JvUzNoJEsA1Kz0jy1xMUefLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context fbe28154d78baf092af5b655a08ccdb4 cache-control public, max-age=31536000, immutable cf-ray 80d1af648fcf4d8d-FRA
GET H2	200	form-builder-blank.5c0b8d0a.js Show response forms.app/_nuxt/	121 B 572 B	50ms 48ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/form-builder-blank.5c0b8d0a.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66c061164eac41ac2a578236829359cf94ef4f3b1d08258b02ac6627bc0e07d0 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 11272 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"79-9M7caCaKGcoYRICAw9M3N/HS9dw" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4CrdN1UDmTy8LLCTNr4lANbITKk1JX6Nyu6Xj10cGO7jVk4MVmZywHag2cgz6TvtYk5MQA0v6EOPHSieuJA6toyNkt6jfXtKrC1DfHo%2BWnExGJGc6o3pPohOMLZgrs3GODDokMw5g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 05a81184123eda7efa26f05cddddb281 cache-control public, max-age=31536000, immutable cf-ray 80d1af648fd04d8d-FRA
GET H2	200	templates-resources.d7b8aead.js Show response forms.app/_nuxt/	196 B 548 B	51ms 49ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/templates-resources.d7b8aead.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 616471335e81ae019ddf5115970583cc6217411f2914aff34076098f986ec773 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 34122 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"c4-Mt7cnw/vfv4MtpRmevwkgPEqzZg" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvBxNWMf5yQL9MdCEnx31JdEExlr5kSCve9Y6urTZuJBQnhE6y5LI434BouyfVj2hsfXN21ndIt1PsVHmY1v6n%2BKcGIu5YtH2zZd4w6kvNcnvDF%2BafxCNX6e1AErJJTeD80uRGJtQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context bd1a5f5aaff1c82accf3a85ef4f1b182 cache-control public, max-age=31536000, immutable cf-ray 80d1af648fd14d8d-FRA
GET H2	200	phishing.2910ab98.js Show response forms.app/_nuxt/	1 KB 1 KB	83ms 82ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/phishing.2910ab98.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f3439d5426a924d2e56eb440433454bdee11bcf75bc59897080e40b11c05448 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 11272 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"5b9-HK796q7DdGx0EIV8j9kc6JijM6s" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu1RU%2BfmmhszH4JNZ4LZPs3CjHR6GZzATkpmGOOZiP%2BcojTsyA0RLddn2qASFfxtzmThDKE9STRkPrQGltERLRD5vOTMMr6GTATW9nUyUn2wPdneTY9xFeElaWBGusyNYymELaK2RQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context d2484e9546aeefd0fae0362f527f6dbc cache-control public, max-age=31536000, immutable cf-ray 80d1af64bff84d8d-FRA
GET H2	200	PageMetaData.c48ab71a.js Show response forms.app/_nuxt/	2 KB 1 KB	84ms 83ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/PageMetaData.c48ab71a.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb06e2bcfcd1270c8f5c70065c0cdc2038de1dd7fc4f04ae9be7ddc0a46bb2c6 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 163465 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"99d-8UyoNvqwfWa7Tu08i0dXd/kQQFM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmupHYGYMfJSsvrmU6R6K8S8nZT6WlsbuNCZcREEX8J09m3Sa44ExLH%2BMZY2OYJAtWMSpWvglHtqzHkeYxk0B0SyQJK71JkN4U8ShjJeMFjEa2Kf%2BqXmeM%2FbP37qCKkndx4c6XR8lg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 72d5588cc5d24d7b4f917549fcf2ee88 cache-control public, max-age=31536000, immutable cf-ray 80d1af64bff94d8d-FRA
GET H2	200	formsapp-logo-white.svg forms.app/assets/img/	8 KB 3 KB	54ms 54ms	Image image/svg+xml	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/formsapp-logo-white.svg Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b3858e374ec0e11e4d72b8642a9a741dadf92ab15b4428d3d91ffbabe843e91 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 768881 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag W/"20d5-DWnfcqMTpDbpGkW3iqxwY08JxY4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0I46izQI%2Br%2FkzVM5fV5zk2s4I4FamiUDBmrCkEPpPP8CA%2FFsAw3raEQHKreNI5GZBmSsbJ6mGDKlmwXj3VmiKz4%2F6IoO6vZpzR4aHAE%2BG%2FQViqiCEbl9uer2AHAQdedMpHuKTx%2FdDg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-cloud-trace-context 0810de5f56410fc9adfc7d3fa8255995 cache-control max-age=2678400 cf-ray 80d1af64d8094d8d-FRA
GET H2	200	logo-home.svg forms.app/assets/img/	9 KB 4 KB	54ms 53ms	Image image/svg+xml	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/logo-home.svg Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f9f779f54bb91916bccbe4a7978e17bd41ecb3780f52a5048e711079ce5c95e Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 768880 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag W/"23c3-+nXu6BzK+vPrQvacO41lZ+KaQyk" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crSkAexVcl5Z0e%2FzzZjvfIQyR4uSqdO6PqrE0r0XYOwgH4AGA8djSOZNzbWRFh4%2FGGpb4pSh2rwG85X17UB2OY5qb2JQ0IOY%2Br0Q9cma33yDileBFde%2FWs5tLssWPmbipXxoUsDh1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-cloud-trace-context 743594c2131fa5e054fe693ad155e505 cache-control max-age=2678400 cf-ray 80d1af64d8114d8d-FRA
GET H2	200	f-white-logo.svg forms.app/assets/img/	14 KB 7 KB	57ms 50ms	Image image/svg+xml	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/f-white-logo.svg Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c120944eb4d248ae040b8481a945f304df7fb8efd207881551d6cb4c24af4cb Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 56520 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag W/"39c3-6GRX+LGeqhoyKG8SrACk+jdRvG8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3incqzG%2FpudfiEMb4Q%2FNIORk7uRFu7Fe10kVTfMw0EX7EQFxrA1XowzXdxm0ZZ%2BHDJmLwXmWDELtuWEDzNkWTIeO6FWp59kASAEO2%2FFU8ZLzl81ETr4HwGRhKpJcpmvRibt0VYkA9g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-cloud-trace-context b759fc6387b526c2ebb4730726782f30 cache-control max-age=2678400 cf-ray 80d1af6518444d8d-FRA
GET H2	200	form-builder-blank.png forms.app/assets/img/	70 B 543 B	53ms 52ms	Image image/webp	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/form-builder-blank.png Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 674936 cf-polished origFmt=png, origSize=149 content-disposition inline; filename="form-builder-blank.webp" content-length 70 x-xss-protection 1; mode=block cf-bgj imgq:100,h2pri last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag "95-nqTqrFIVQQ052t2npi6LKHl1Uho" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjYaTYFZOQ73XFsT5T4Qz9GKQOsCCULDH5DnFGyGfKYokdzXfzuX%2FUBoveMS62gmQUPubTp%2FwMQ3Y3p%2BIhS6jMdriJ2qZdwjZRnDaQBWWAxv8DA2SG8EHVk382x6DIPdG7Cv2%2FnDoA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp x-cloud-trace-context 2064760d388ea9e725a12551b97f04b7 cache-control max-age=2678400 accept-ranges bytes cf-ray 80d1af64d8124d8d-FRA
GET H2	200	blog-resources.svg forms.app/assets/img/	769 B 650 B	55ms 48ms	Image image/svg+xml	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/blog-resources.svg Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f1ac8f52d95e6d222abfc0adccc5edd6aedff4dbd0a67bef1ab618d271a241f Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 41882 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag W/"301-iyNp4AIexL5qTBsOQkJK+KhKqXo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5RTrESXdcLxHTopq9jtzoGLc2jHEHvsPyIhUqQk0WS70sECcqnqYopDKcJLljtv7JVBD8I1ytUzvTGLgPUKEV9HCZ7y5GYHyp10O3t%2F4I7b0olG6cLxNnkl1Amvtv9lePMAfbCD1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-cloud-trace-context 0489e901718f575439fbaaa9bc67ff36 cache-control max-age=2678400 cf-ray 80d1af6518454d8d-FRA
GET H2	200	templates-resources.svg forms.app/assets/img/	782 B 806 B	49ms 48ms	Image image/svg+xml	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/templates-resources.svg Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fbe92dfb021aa520d72d86092d1dec738eaad5fc902fb85cab6c6d3170ee1e3 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 768880 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:11 GMT server cloudflare etag W/"30e-CckOrbxMcEUqVEWeA66ZbZRF/m8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpMFvG1kbGTL9U3IpEQQBUsBC5XG6Fv968sex8Nw%2FxvlTQ1cNBTh2S5qK6zHdkc4uosBqfrG8NwwsPjBpiLRmk38pVTSA0vdh6m144s2u7j3cCo3V93%2B5p0NBdcxwxRrNneD6HJANw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-cloud-trace-context 7df68b49e96dc29fd492455cc4aac20e cache-control max-age=2678400 cf-ray 80d1af65385b4d8d-FRA
GET H2	200	help-resources.svg forms.app/assets/img/	865 B 762 B	50ms 49ms	Image image/svg+xml	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/help-resources.svg Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b46d56c87d39d62bbe6888f9d2a60ae651142d78212eeb72f87cea54550122a6 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 56520 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag W/"361-J/QiGUT3S0F97oxYfMXgv6lhRJw" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRgBE3WoWXqsftf0KXTJmUNUyZnj2QjoT0kp3s21FfbOy4oRBT9MofXCJTYIJwlDuXDDtzt2sLRzMFAk6gmvriqoz7eFQt62wUnvkLmlyGzgRNP4%2FB30lRYzVM11U%2BfaR4wt3vQujg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml x-cloud-trace-context cf197e3c6103c55fe17e04a9137c373c cache-control max-age=2678400 cf-ray 80d1af65385d4d8d-FRA
GET H2	200	shield-halved.png forms.app/assets/img/	616 B 1 KB	52ms 51ms	Image image/webp	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/shield-halved.png Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd18ae9ec05339cf7af594d92607b5a5b1f972ae250e06a9a172651d36165d88 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 11272 cf-polished origFmt=png, origSize=1529 content-disposition inline; filename="shield-halved.webp" content-length 616 x-xss-protection 1; mode=block cf-bgj imgq:100,h2pri last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag "5f9-u+3t8jTMPwXMtiSoVdvp6sxotYI" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hf%2BySLUztpEk5EkeNSe%2FSxk4PZOpabylbwYmNc%2FU0Sow%2FpCY81av6oQMZc8BiEKU0jlxs7vlg2Ub6GqhXkQZfieLJ1elQwh%2BACtMban3mcYEZuNBpBomKpxEvFjDAZNt07xcUqyRQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp x-cloud-trace-context 08d4c18ae860e35bebcfe5a54f2f58f6 cache-control max-age=2678400 accept-ranges bytes cf-ray 80d1af65385e4d8d-FRA
GET H2	200	rocket-loader.min.js Show response forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	42ms 41ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff last-modified Mon, 25 Sep 2023 16:02:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding gzip etag W/"6511af19-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FVTURUBnDbT9252lGGCSDbH3YKINnng73PdZrO%2BXkEMOtZjDW%2FCtuiuXH%2BDIqOhMWoF4RyYIzQiwNJLGd9INxBJ3lsDZtmp4giKFihkvspEjYxEPTJdz3RHqgp%2B9ka%2FMxJ4ddzAqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 80d1af65385f4d8d-FRA expires Fri, 29 Sep 2023 06:28:11 GMT
GET H2	200	v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	74ms 73ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391 Request headers Referer https://forms.app/ Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT content-encoding gzip last-modified Thu, 20 Jul 2023 18:10:27 GMT server cloudflare etag W/"2023.7.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 80d1af649fe14d8d-FRA
GET H2	200	error-component.ff51c8bb.css forms.app/_nuxt/	0 744 B	48ms 48ms	Other text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/error-component.ff51c8bb.css Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 768391 content-encoding br x-xss-protection 1; mode=block last-modified Tue, 08 Aug 2023 13:05:19 GMT server cloudflare etag W/"2cc-Na+Usyn/iHyxKtrhqZTxKnWioXM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8J7Qne3TYB%2BBZnKhJLEXHTUfSW3KszOglSUbXqyq3hEf5UXkorWj%2F6xdLnRpMmPm8n3Wk4dg0ZXxvuQLGQEwVz6EVXmSiTHD2FNBajs96FoeD1JV21w%2Fm6d%2F%2BuqznB0qU1YJ6xUXlw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 x-cloud-trace-context b8c75a669d7719b870bcd1f04a0dd8f7 cache-control public, max-age=31536000, immutable cf-ray 80d1af6568794d8d-FRA
GET H2	200	error-component.3732eb79.js forms.app/_nuxt/	0 1 KB	48ms 48ms	Other application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/error-component.3732eb79.js Requested by Host: forms.app URL: https://forms.app/phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://forms.app/phishing Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 11272 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 25 Sep 2023 08:12:57 GMT server cloudflare etag W/"511-Ohcb+S1AV88jlA+R7frNYU8ThgA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BxluY8Jqh4bAl3BqJCrB9eFeJK%2BVGPV7%2FXZPu9FBDG0JqklLdcRnCXJhOkoAFsWbKvZvQNIeUNhELdWs1XYUsHvPunlvh3lRocuZzj9XbDMK0PoF5sSl%2B%2F6mwJPOMZjsXcEW91yFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context 74d8a328556b38ae8a00d42474ba8a41 cache-control public, max-age=31536000, immutable cf-ray 80d1af65687b4d8d-FRA
GET H2	200	lazysizes.min.js Show response forms.app/assets/js/	7 KB 4 KB	47ms 47ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/assets/js/lazysizes.min.js Requested by Host: forms.app URL: https://forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd5ebf9285bffb5f9a9019fce68e1faaf2219fcafefe6a5c8c1cb90cc082669f Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 768880 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:09:40 GMT server cloudflare etag W/"1dbe-rz9OQsWyvvsb4YxpSLfo84VjBZA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaLI7qlWLvubJ5h5eTRW%2FpBirpsXmp1GZYx6s5dOqE%2F8kqZZdFDeRFCV40ikNeZERKbqhd7nURj4acKc7mCgeApFfq9DWvSz%2B5ZkDIRrKPbQuJYtYLzw3ZtwT2w52cdM3SXCjnvJ1g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context cdcc30689b369340d29508d11f906b26 cache-control max-age=2678400 cf-ray 80d1af65888c4d8d-FRA
GET H2	200	newrelic.js Show response forms.app/assets/js/	30 KB 11 KB	60ms 59ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/assets/js/newrelic.js Requested by Host: forms.app URL: https://forms.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3851df1f48832ef7e906267f0224abf9b72e96461ac3dae3c89c280cd37541a4 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 11272 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:11 GMT server cloudflare etag W/"77bf-q16Dg7tIJlP8GAAyF2YIzDXr43M" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EByz4I%2FOv0uzlaBe36cnCF0%2FrxJSyy5a4JbFw2taK3KVDXQ5trPHuBdmme8q%2FsMLhPgM4aSd9CcegCpULo5vIBE%2FJe%2BSQKY1yq%2FvYBPvc073JsYpWUJY2nAshfOPKPiLMhUekdM%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context e3e8b6d34bd1a79614b9aa01787bee64 cache-control max-age=2678400 cf-ray 80d1af65888d4d8d-FRA
GET H2	200	css2 fonts.googleapis.com/	17 KB 1 KB	54ms 54ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ebf9e2e9fc7fc6cf5827a72b1841c462b9af3247adbcfc795e5991ed231aed43 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 27 Sep 2023 06:28:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 27 Sep 2023 06:13:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 27 Sep 2023 06:28:11 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	12 KB 4 KB	184ms 49ms	Script application/x-javascript	2a02:26f0:780::210:a423 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: my.forms.app URL: https://my.forms.app/altcointrading/bitmexwithdrawalform Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a423 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 Sep 2023 13:41:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=86312 accept-ranges bytes content-length 3822
GET H2	200	phishing.d15b8574.css forms.app/_nuxt/	1 KB 804 B	49ms 48ms	Stylesheet text/css	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/_nuxt/phishing.d15b8574.css Requested by Host: forms.app URL: https://forms.app/_nuxt/entry.1ba6df96.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d15b857423484e7893f5b1e4a2a4f3c1da92265b19bddc07415ba7888bf0ca7d Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 291830 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:11 GMT server cloudflare etag W/"5f9-ghiGxul0CZlG1y1WT9mxnLUnjZg" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGEoymnNeGS2%2BSnRaGmYdlIDtrNctaYvxmaFrBSU7SAeuJ0RH4lqEK8yBiOMiFFHrFpx6DzU9awLng327pszYVwLxjDDQwszaHLmN4xFzentNOyiaQFnQCBd%2BxHQwFOgoXgW5lgoYg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 x-cloud-trace-context de4c630c5ed126a5cb849718b002f05f cache-control public, max-age=31536000, immutable cf-ray 80d1af65e8bf4d8d-FRA
POST H2	204	rum Show response forms.app/cdn-cgi/	0 155 B	41ms 41ms	XHR text/plain	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://forms.app/phishing accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 content-type application/json Response headers date Wed, 27 Sep 2023 06:28:11 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://forms.app x-frame-options DENY access-control-allow-credentials true cf-ray 80d1af65f8c64d8d-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	41ms 40ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 21 Sep 2023 18:16:19 GMT x-content-type-options nosniff age 475912 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Sep 2024 18:16:19 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	63ms 63ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 21 Sep 2023 18:16:19 GMT x-content-type-options nosniff age 475912 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Sep 2024 18:16:19 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	50ms 49ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://forms.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 21 Sep 2023 18:16:19 GMT x-content-type-options nosniff age 475912 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Sep 2024 18:16:19 GMT
GET H2	200	phishing.png forms.app/assets/img/	5 KB 6 KB	55ms 54ms	Image image/webp	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.app/assets/img/phishing.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13cbd9356bccfd1e91054818c417a05a937a14965dd3ca6a18f4ad9699cd0470 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:11 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 11272 cf-polished origFmt=png, origSize=16006 content-disposition inline; filename="phishing.webp" content-length 5380 x-xss-protection 1; mode=block cf-bgj imgq:100,h2pri last-modified Thu, 15 Jun 2023 10:58:12 GMT server cloudflare etag "3e86-5WlyiAFRPzF38sku3fDyJXj2h2A" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkxnHNmO0dvJ18qLu7sEUayMl%2FqVqIxLGDCHELd%2F%2B8rTTahZZh7kYuk1R9RXoBi%2BDWlzHHE0crWMqGcW74CGvwFT3TSBDcofKi5ksfpF2tkoEUgpIMrEHucM8BOdoRwqczLPFZebFw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp x-cloud-trace-context 64e2ab53bbc42975da480f309599addf;o=1 cache-control max-age=2678400 accept-ranges bytes cf-ray 80d1af6638fc4d8d-FRA
GET H3	200	gtm.js Show response www.googletagmanager.com/	268 KB 90 KB	48ms 48ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WPSL383 Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2fc8afd368aa4fb61a8b3796bcc5e8d42ab7eef3a1cfe0fa34502b4c2db672fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 92197 x-xss-protection 0 last-modified Wed, 27 Sep 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Sep 2023 06:28:12 GMT
GET H2	200	analytics.js Show response analytics.forms.app/static/	5 KB 2 KB	49ms 49ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics.forms.app/static/analytics.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3a33d8bbb382d1ee7fa68e08cf3171a854b91ac6400652c539631d9bb828185f Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:12 GMT strict-transport-security max-age=15552000; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 19095 cf-polished origSize=6045 x-powered-by Express cf-bgj minify last-modified Thu, 21 Sep 2023 20:45:29 GMT x-krakend Version 2.4.3 server cloudflare etag W/"179d-18ab97d9228" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHBm2WBc1C76DKxR6SjSCsjZiJk01B%2FXwbuX9o9cqeiA35ajOskHZYt6d5YBR8OFIgjRT2H9S7mhDpxMiTJm2aktHbjFWrWcbFI1qMB0DjSO1mvleAY9bFkNhICfPvpZb9%2FgAze7nuQ%2FrADbcXWQlD8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=2678400 x-krakend-completed false cf-ray 80d1af67b9f04d8d-FRA
GET H2	200	client Show response accounts.google.com/gsi/	198 KB 78 KB	899ms 98ms	Script application/javascript	2a00:1450:4001:82f::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d00276de1404560fe93a967935d1dee75b7dbc8dad99a781e220c931e1c7ea42 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Pft6cL9Zrkq58LjjYmEwlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:12 GMT content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Pft6cL9Zrkq58LjjYmEwlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Wed, 27 Sep 2023 06:28:12 GMT
GET H2	200	5594.js Show response tracking.g2crowd.com/attribution_tracking/conversions/	16 B 1 KB	911ms 150ms	Script text/javascript	2606:4700:4400::6812:2b1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.g2crowd.com/attribution_tracking/conversions/5594.js?p=https://forms.app/phishing&e= Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862 Security Headers Name Value Content-Security-Policy default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:13 GMT strict-transport-security max-age=604800 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-permitted-cross-domain-policies none content-security-policy default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com x-xss-protection 1; mode=block x-request-id fda68693-8916-4ff4-b043-6cdcf3f9f0e6 x-runtime 0.003169 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"3dae93a05edd9dcfc1864b87178a31e0" x-download-options noopen x-frame-options SAMEORIGIN vary Origin content-type text/javascript; charset=utf-8 cache-control max-age=600, public cf-ray 80d1af6cceab1c7f-FRA
GET H2	200	newrelic.js Show response forms.app/assets/js/	30 KB 11 KB	55ms 53ms	Script application/javascript	2606:4700:20::681a:314 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.app/assets/js/newrelic.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3851df1f48832ef7e906267f0224abf9b72e96461ac3dae3c89c280cd37541a4 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:12 GMT via 1.1 google, 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload age 11273 content-encoding br x-xss-protection 1; mode=block last-modified Thu, 15 Jun 2023 10:58:11 GMT server cloudflare etag W/"77bf-q16Dg7tIJlP8GAAyF2YIzDXr43M" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBuQolU4GWDH4jNG6y4EerUIHXqiW8nEs3NpUb2rOZbMmBCpYvEilHhHgd2PU9BkAQfJ3DmTcNDvOLudCUYZAu5z3bJGMp0GG5NKEjgVYbwk%2BSKqwbS7I9E0Uwp6O91Ab4p11vElnw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-cloud-trace-context e3e8b6d34bd1a79614b9aa01787bee64 cache-control max-age=2678400 cf-ray 80d1af682a574d8d-FRA
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	50ms 49ms	Script application/x-javascript	2a02:26f0:780::210:a423 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a423 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 28 Aug 2023 12:14:15 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=32332 accept-ranges bytes content-length 4862
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/3845852/domain/forms.app/	36 B 375 B	155ms 41ms	XHR application/json	2600:9000:26db:2400:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/3845852/domain/forms.app/token Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:2400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:05:12 GMT content-encoding gzip via 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 1381 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id Cv4v5psOnFrrRAV1vJpIHLgMfL1iicoOGiy0oqoC7Qrvi-5x8vvc6Q==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3845852%26time%3D1695796092904%26url%3Dhttps%253A%252F%252Fforms.app%252Fphishing... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true&liSync=true&e_ipv6=AQKLub63hQcKigAAAYrVUuLuj3UOJqzFRfB--ZchVPy...	0 481 B	288ms 192ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true&liSync=true&e_ipv6=AQKLub63hQcKigAAAYrVUuLuj3UOJqzFRfB--ZchVPy3eIq6km40dLRB9pTgflZad5pv9sz0 Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:13 GMT nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 283B9DC44C0D4A29ADE7AAE1DC4DE11A Ref B: FRAEDGE1212 Ref C: 2023-09-27T06:28:13Z linkedin-action 1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} content-type application/javascript x-li-fabric prod-ltx1 x-cache CONFIG_NOCACHE x-li-proto http/2 content-length 0 x-li-uuid AAYGUUvKsNKKi6syywfGfw== Redirect headers date Wed, 27 Sep 2023 06:28:13 GMT nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 7B3EF43F0ED94A949706B471229FC686 Ref B: FRAEDGE2020 Ref C: 2023-09-27T06:28:13Z linkedin-action 1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3845852&time=1695796092904&url=https%3A%2F%2Fforms.app%2Fphishing&cookiesTest=true&liSync=true&e_ipv6=AQKLub63hQcKigAAAYrVUuLuj3UOJqzFRfB--ZchVPy3eIq6km40dLRB9pTgflZad5pv9sz0 x-cache CONFIG_NOCACHE x-li-proto http/2 content-length 0 x-li-uuid AAYGUUvGV7NTjzmpIQZoGQ==
GET H2	200	optimize.js Show response www.googleoptimize.com/	132 KB 51 KB	153ms 57ms	Script application/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-TDXMQC4 Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c0964871a8e77f5fdad01501a4cc547ada5aa9b77104ed4c8d6917584d5b8190 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 51855 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 27 Sep 2023 06:28:13 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 27 Sep 2023 05:49:43 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2309 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 27 Sep 2023 07:49:43 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/587928374/	3 KB 2 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/587928374/?random=1695796092916&cv=11&fst=1695796092916&bg=ffffff&guid=ON&async=1&gtm=45He39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fforms.app%2Fphishing&ref=https%3A%2F%2Fmy.forms.app%2F&hn=www.googleadservices.com&frm=0&tiba=Harmful%20Form%20Detected&auid=196227790.1695796091&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 935a933542345d5714388449a54df49551525e21015421b603df36d08d6227af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:12 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1310 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	44 KB 13 KB	66ms 64ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Wed, 27 Sep 2023 06:28:11 GMT last-modified Wed, 06 Sep 2023 22:41:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: ABFC2E7B55B24B71B16FE2B9F3857A70 Ref B: FRA31EDGE0621 Ref C: 2023-09-27T06:28:12Z etag "09cc4613e1d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12981
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	12 KB 4 KB	50ms 48ms	Script application/x-javascript	2a02:26f0:780::210:a423 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a423 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 Sep 2023 13:41:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=86311 accept-ranges bytes content-length 3822
GET H2	200	hotjar-3418101.js Show response static.hotjar.com/c/	10 KB 4 KB	146ms 53ms	Script application/javascript	18.66.192.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3418101.js?sv=7 Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-39.muc50.r.cloudfront.net Software / Resource Hash b5e7538f032780e08bb54b0bf477bbc66a5ae996ea46af97c28f709c0c1a144d Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Wed, 27 Sep 2023 06:28:13 GMT via 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 41 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/223d4fae41acf75b8aa1d870ebeb8867 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id vsBeWGfPLh7lqd6dOf-BHXL9vHGz5isnjQ4GO9ufqqMroNZ07ofmLg==
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	197 KB 52 KB	40ms 39ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c8d993ec25ba5115247b7767e396d0ee59f0f3a14bec3355da68caf596767f02 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Sep 2023 06:28:12 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53229 x-xss-protection 0 pragma public x-fb-debug mYBtZU/CX29IUOOfwqfgtbNI1rBjM3TyUwHn0IaUMEbBdNV0Tv0BDw57ax13xO6GUDzid5CZ3MwjWfxwUYaUPA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	258 KB 88 KB	56ms 55ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-740JKHV4FZ&l=dataLayer&cx=c Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6070e95cead84a7e8e82572eb925992f40e27162b32c09286fcd9586bbeb48b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:12 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89602 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 27 Sep 2023 06:28:12 GMT
POST H2	200	794725785 google.com/pagead/form-data/	0 0	47ms 47ms	Ping text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google.com/pagead/form-data/794725785?em=tv.1&gtm=45He39p0&auid=196227790.1695796091 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPSL383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers
POST H2	204	794725785 google.com/ccm/form-data/	0 68 B	46ms 46ms	Ping text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google.com/ccm/form-data/794725785?em=tv.1&gtm=45He39p0&auid=196227790.1695796091 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPSL383 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:12 GMT server Golfe2 content-type text/plain access-control-allow-origin https://forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 722 B	40ms 39ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:14:57 GMT content-encoding br x-content-type-options nosniff age 795 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 27 Sep 2023 07:14:57 GMT
GET H2	200	insight.old.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	50ms 48ms	Script application/x-javascript	2a02:26f0:780::210:a423 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.old.min.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a423 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:13 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 28 Aug 2023 12:14:15 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=32331 accept-ranges bytes content-length 4862
GET H3	200	/ www.google.com/pagead/1p-user-list/587928374/	42 B 64 B	54ms 53ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/587928374/?random=1695796092916&cv=11&fst=1695794400000&bg=ffffff&guid=ON&async=1&gtm=45He39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fforms.app%2Fphishing&ref=https%3A%2F%2Fmy.forms.app%2F&frm=0&tiba=Harmful%20Form%20Detected&fmt=3&is_vtc=1&random=3979742292&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:13 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/587928374/	42 B 64 B	53ms 52ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/587928374/?random=1695796092916&cv=11&fst=1695794400000&bg=ffffff&guid=ON&async=1&gtm=45He39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fforms.app%2Fphishing&ref=https%3A%2F%2Fmy.forms.app%2F&frm=0&tiba=Harmful%20Form%20Detected&fmt=3&is_vtc=1&random=3979742292&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:13 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	137024713.js Show response bat.bing.com/p/action/	0 118 B	65ms 65ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/137024713.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Wed, 27 Sep 2023 06:28:12 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A6B327BD41864C0E987036470ECA6FE6 Ref B: FRA31EDGE0621 Ref C: 2023-09-27T06:28:13Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 121 B	135ms 133ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=137024713&tm=gtm002&Ver=2&mid=a3060799-f0aa-445a-a02a-1616cec014a9&sid=07a2c5c05cff11ee9de9d16422d8f839&vid=07a2d3105cff11ee9f64bfb8f32b1344&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Harmful%20Form%20Detected&kw=form,%20builder,%20formbuilder,%20free%20form%20builder,%20survey&p=https%3A%2F%2Fforms.app%2Fphishing&r=https%3A%2F%2Fmy.forms.app%2F&lt=1129&pt=1695796090626,,,,,243,243,243,243,243,,249,953,954,959,979,1119,1119,1126,1126,1129&pn=0,0&evt=pageLoad&sv=1&rn=942298 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 27 Sep 2023 06:28:12 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6B485DFC53784F12A849294AC85B4A88 Ref B: FRA31EDGE0621 Ref C: 2023-09-27T06:28:13Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	51ms 50ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-740JKHV4FZ&gtm=45je39p0&_p=1270463617&cid=1222314430.1695796091&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1695796090&sct=1&seg=1&dl=https%3A%2F%2Fforms.app%2Fphishing&dr=https%3A%2F%2Fmy.forms.app%2F&dt=Harmful%20Form%20Detected&_s=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-740JKHV4FZ&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:13 GMT server Golfe2 content-type text/plain access-control-allow-origin https://forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	175163836725648 Show response connect.facebook.net/signals/config/	136 KB 36 KB	43ms 43ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/175163836725648?v=2.9.129&r=stable&domain=forms.app Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 45daa5a315f312d84551ce811b79536d5fe5670df88c2a7278d28a0dc9e70a0a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 27 Sep 2023 06:28:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 36580 x-xss-protection 0 pragma public x-fb-debug ZE462kqHIs19fTtBVUyWCHJeimbWw9xY4znpU8BKzitVu+c4rZBmFvwSlw0UgajYDHxwGeaIx37Ta7t9x8DiFw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/3845852/domain/forms.app/	36 B 367 B	41ms 40ms	XHR application/json	2600:9000:26db:2400:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/3845852/domain/forms.app/token Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:2400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:05:12 GMT content-encoding gzip via 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 1381 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id bn8DpDrXDNsR15wuAFpaoUuehDVPhHJAD8yjgMO-ZXxBtfqggRqRVQ==
GET H2	200	modules.1956b15997d8094c7874.js Show response script.hotjar.com/	227 KB 56 KB	156ms 60ms	Script application/javascript	52.222.236.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.1956b15997d8094c7874.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.43 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-43.fra56.r.cloudfront.net Software / Resource Hash b7acb48a5c679d1aca393df0a4110f101888088f2d8a1de7c8dc0b78928771b3 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 26 Sep 2023 15:01:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 55627 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56347 last-modified Tue, 26 Sep 2023 15:00:47 GMT etag "5366171b72d22f28d7f24fb0d6d0eb8c" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id -wGH8jS-2n6DIJ-p2MVN_XBrVj7EWPZFC6TMrDpT6HvXyMSvfnN6Jw==
GET H2	200	/ www.facebook.com/tr/	0 54 B	40ms 39ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=175163836725648&ev=PageView&dl=https%3A%2F%2Fforms.app%2Fphishing&rl=https%3A%2F%2Fmy.forms.app%2F&if=false&ts=1695796093106&sw=1600&sh=1200&v=2.9.129&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1695796091087.1722500036&it=1695796093050&coo=false&tm=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 27 Sep 2023 06:28:13 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H3	200	collect Show response www.google-analytics.com/j/	3 B 23 B	47ms 46ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1270463617&t=pageview&_s=1&dl=https%3A%2F%2Fforms.app%2Fphishing&dr=https%3A%2F%2Fmy.forms.app%2F&ul=en-us&de=UTF-8&dt=Harmful%20Form%20Detected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCAgEAjQAAAACAAI~&jid=&gjid=&cid=1222314430.1695796091&tid=UA-123158574-1&_gid=1391304348.1695796091&_slc=1&gtm=45He39p0n81WPSL383&z=1845025037 Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://forms.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Sep 2023 06:28:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://forms.app cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	a www.googletagmanager.com/	0 11 B	75ms 74ms	Image text/html	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=OPT-TDXMQC4&cv=25&t=ol&p=gtmo&l=1045&q=1328&f=212&e=13&i=35&d=1395&c=1491&hc=0&sr=0.050000&ps=0.014694096668486534&cb=1994656315 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 27 Sep 2023 06:28:13 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	browser-perf.c1da22870fa5ce83083f.js Show response script.hotjar.com/	6 KB 2 KB	39ms 39ms	Script application/javascript	52.222.236.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.c1da22870fa5ce83083f.js Requested by Host: forms.app URL: https://forms.app/assets/js/newrelic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.43 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-43.fra56.r.cloudfront.net Software / Resource Hash f0039eb207cb6c336b9813fc9b1a3ad69e1d534090c9c61e2d2cc2c04c755ddf Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forms.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 13:45:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 1183386 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 2016 last-modified Wed, 13 Sep 2023 13:44:22 GMT etag "227a6992e3df42fd9197482ecf6d4fb0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 2424ucF2LXhw8xlefgyJ0ZDdDPnOZXw0_pfV8viF9amc_cQqyXnhKg==
POST H3	200	/ Show response www.facebook.com/tr/ Frame 861A	0 18 B	40ms 39ms	Document text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://forms.app Referer https://forms.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://forms.app alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Wed, 27 Sep 2023 06:28:13 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

analytics.forms.app

URL

https://analytics.forms.app/e

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-740JKHV4FZ&gtm=45je39p0&_p=1824194601&cid=1222314430.1695796091&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=3&sid=1695796090&sct=1&seg=0&dl=https%3A%2F%2Fmy.forms.app%2Faltcointrading%2Fbitmexwithdrawalform&dt=Contact%20Form%20%7C%20forms.app&en=scroll&epn.percent_scrolled=90&_et=9

Domain

bat.bing.com

URL

https://bat.bing.com/actionp/0?ti=137024713&tm=gtm002&Ver=2&mid=25e873c8-7669-4f7c-abe6-52d4860968ed&sid=07a2c5c05cff11ee9de9d16422d8f839&vid=07a2d3105cff11ee9f64bfb8f32b1344&vids=1&msclkid=N&evt=pageHide

Domain

my.forms.app

URL

https://my.forms.app/cdn-cgi/rum?