urlscan.io logo urlscan.io
SecurityTrails logo

formulaire.upclaim.eu Open in urlscan Pro
2606:4700:3035::6815:4689  Public Scan

Go To Rescan Add Verdict Report
URL: https://formulaire.upclaim.eu/
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3035::6815:4689, located in United States and belongs to CLOUDFLARENET, US. The main domain is formulaire.upclaim.eu.
TLS certificate: Issued by R3 on July 13th 2022. Valid for: 3 months.
This is the only time formulaire.upclaim.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 138.199.37.226 60068 (CDN77 ^_^)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a04:4e42:400... 54113 (FASTLY)
12 6
2    2606:4700:3035::6815:4689 (United States)

ASN13335 (CLOUDFLARENET, US)
formulaire.upclaim.eu
2    2606:4700:3033::ac43:a43b (United States)

ASN13335 (CLOUDFLARENET, US)
embed.reform.app
forms.reform.app
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com
assets.reform.app
stingray.reform.app
1    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
Apex Domain
Subdomains		 Transfer
7 reform.app
embed.reform.app
forms.reform.app
assets.reform.app
stingray.reform.app
210 KB
2 upclaim.eu
formulaire.upclaim.eu
3 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 3265
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1636
416 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1393
5 KB
12 5
Domain Requested by
3 assets.reform.app forms.reform.app
assets.reform.app
2 stingray.reform.app forms.reform.app
2 formulaire.upclaim.eu static.cloudflareinsights.com
1 res.cloudinary.com forms.reform.app
1 polyfill.io forms.reform.app
1 forms.reform.app embed.reform.app
1 static.cloudflareinsights.com formulaire.upclaim.eu
1 embed.reform.app formulaire.upclaim.eu
12 8

This site contains no links.

Subject Issuer Validity Valid
formulaire.upclaim.eu
R3		 2022-07-13 -
2022-10-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-23 -
2023-02-23		 a year crt.sh
assets.reform.app
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
stingray.reform.app
R3		 2022-07-10 -
2022-10-08		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2022-05-30 -
2023-07-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://formulaire.upclaim.eu/
Frame ID: DF828AA7A8516CFF6DCA855EDD97C201
Requests: 4 HTTP requests in this frame

Frame: https://forms.reform.app/upclaim/claim/9uzuac
Frame ID: 4E88EBD06F9311AAED81A8ED599A8368
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Upclaim - Demande d'indemnisation

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

12
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

8
Subdomains

6
IPs

2
Countries

220 kB
Transfer

748 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
formulaire.upclaim.eu/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://formulaire.upclaim.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35a743ab4272e6be6a733b5db648b3643a2ee91eadb4a2376af42011ff2759a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72a5d1791b16bbb9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 13 Jul 2022 23:32:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFIouSU5RdqsFdzQas1gJU00jWS585S6HMrzsdiraVKuFyCKgoxDFc1oLT5h0p92Xv90RRTWYpYJR3eVl0v6BA3QsiRTHkmF4qobd%2BL0k2kfS4efeZbupr1L9fiIncko4yh5j60sjwcP2ZnkMDvRzgVAfVQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
embed.js
embed.reform.app/v1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.reform.app/v1/embed.js
Requested by
Host: formulaire.upclaim.eu
URL: https://formulaire.upclaim.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a43b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8799a782417998d9f08aaae5d2409ccd7949fe95d77bc7beec834681c9170a58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://formulaire.upclaim.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G7T3MZAEQDCP0Q0TDYCG9518
date
Wed, 13 Jul 2022 23:32:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2449
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"cd5b6d4cf03f6ba356a88b596859c116-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUWEm66aDM5P68I0W7Yz4Uq4R0Y9bergNfnCucmYqngpNUSW2R42TpmCVZX0dBt%2BweCYBRfYQSKGcZgmuWnbsnpuTXwRDoUhyNdJU0E1rimD7YiJPvsJbBP1SadbCPyMDjGtD%2BFNhETqH58NLrHp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
72a5d179fda1bbbb-FRA
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: formulaire.upclaim.eu
URL: https://formulaire.upclaim.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://formulaire.upclaim.eu/
Origin
https://formulaire.upclaim.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:30 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
72a5d179a9899a1d-FRA
9uzuac
forms.reform.app/upclaim/claim/ Frame 4E88 		32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.reform.app/upclaim/claim/9uzuac
Requested by
Host: embed.reform.app
URL: https://embed.reform.app/v1/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a43b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d4087266ff01ee0beae88e137ffd3f3baf621d3d3b6d54b83a9aa593d6eeea

Request headers

Referer
https://formulaire.upclaim.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
72a5d17b4f7ebbbb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 23:32:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 13 Jul 2022 23:32:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5XYpZ3WOTSoHc7GvzZiJiQprBPHzyPLL6RNDxGiMtEmEuZONJL2TuMNyMtUbPFS3h%2BJSKSEruvJy%2B0iiqIKN7%2FbGJvStewXhGU3uqapVUtXD269iVCcQt13QkUw0quO0VIWmUYx2he3ensoiUrv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
5671b30c-e6a4-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
app.css
assets.reform.app/57ce7cd/css/ Frame 4E88 		65 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.reform.app/57ce7cd/css/app.css?id=6b83e70b5dba9bab3e21ef41a77dc271
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/upclaim/claim/9uzuac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
e188fcfe829e05e12da58317e36631b2aaac8aaf8cf17d6b4b63309e0d42d81a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
832
x-amz-request-id
tx0000000000001201b432f-0062ced1c3-319bec8f-nyc3c
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
07/13/2022 14:08:03
cdn-pullzone
696880
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
server
BunnyCDN-DE-832
access-control-allow-origin
*
last-modified
Wed, 13 Jul 2022 14:00:16 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6b83e70b5dba9bab3e21ef41a77dc271"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cdn-cache
HIT
cdn-uid
887fd8d6-f02f-46a7-ba81-c9ba5d0264e1
x-rgw-object-type
Normal
cdn-requestid
3b18fc72b040887ce30ecdaafad954ed
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
polyfill.min.js
polyfill.io/v3/ Frame 4E88 		101 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=ResizeObserver
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/upclaim/claim/9uzuac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
content-encoding
br
last-modified
Wed, 13 Jul 2022 02:18:43 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/103.0.0
server-timing
cache-hhn4022, PASS, fastly;desc="Edge time";dur=12
accept-ranges
bytes
content-length
94
app.js
assets.reform.app/57ce7cd/js/ Frame 4E88 		321 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.reform.app/57ce7cd/js/app.js?id=2dff81aa40ac96f9d806a24ba6438324
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/upclaim/claim/9uzuac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
a59ddd25f3f71afd9239306b1d6abdca8dcbad9a9a6db62a3abf88778e72268b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
832
x-amz-request-id
tx000000000000120234233-0062ced1c3-319c06cb-nyc3c
cdn-cachedat
07/13/2022 14:08:03
cdn-pullzone
696880
cache-control
public, max-age=31536000
server
BunnyCDN-DE-832
last-modified
Wed, 13 Jul 2022 14:00:16 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"2dff81aa40ac96f9d806a24ba6438324"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cdn-cache
HIT
cdn-uid
887fd8d6-f02f-46a7-ba81-c9ba5d0264e1
x-rgw-object-type
Normal
cdn-requestid
5716abf36c466bd11ddbc2fa7c0986b0
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
script.js
stingray.reform.app/ Frame 4E88 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stingray.reform.app/script.js
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/upclaim/claim/9uzuac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
af33bce3fd9da66a3578c94ddee423435726a2d7c479eafaa0183f5655551d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
content-encoding
br
cdn-edgestorageid
832
x-amz-request-id
7GKTGB6HY7EZEG0K
cdn-cachedat
07/09/2022 17:14:23
cdn-pullzone
848539
x-amz-id-2
82DKsiUuUQ+0tKOlmJXs2m53iTG8hi1a4E4PGnNlKs4EUe/n09gXnN4lMLrWx6mu2gtzOBU0HKw=
server
BunnyCDN-DE-832
last-modified
Tue, 17 May 2022 16:39:11 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"312b40cf1baf0d676a11264130348dec"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control
public, max-age=0
cdn-requestid
d77eb675d230e73d93457cc8a9802410
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
692.js
assets.reform.app/57ce7cd/js/ Frame 4E88 		303 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.reform.app/57ce7cd/js/692.js?id=996513914c114d6f
Requested by
Host: assets.reform.app
URL: https://assets.reform.app/57ce7cd/js/app.js?id=2dff81aa40ac96f9d806a24ba6438324
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
a3f491b79e7ffd56dcf2904d4d314a391983dc3eff0401d033cac80c67084447
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
832
x-amz-request-id
tx0000000000001201b44b1-0062ced1c3-319bec8f-nyc3c
cdn-cachedat
07/13/2022 14:08:03
cdn-pullzone
696880
cache-control
public, max-age=31536000
server
BunnyCDN-DE-832
last-modified
Wed, 13 Jul 2022 14:00:16 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"e0a9a2fdddaa8cd8a377ff097a475a76"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cdn-cache
HIT
cdn-uid
887fd8d6-f02f-46a7-ba81-c9ba5d0264e1
x-rgw-object-type
Normal
cdn-requestid
63e2d499433b813298f6707e01676b28
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ql5xj7fhhl7pczcvkoqm.svg
res.cloudinary.com/reform-app/image/authenticated/s--TeU-vmi0--/v1657553539/uploads/370b1974-44dd-467e-9ac5-eb0bd0b260db/ Frame 4E88 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/reform-app/image/authenticated/s--TeU-vmi0--/v1657553539/uploads/370b1974-44dd-467e-9ac5-eb0bd0b260db/ql5xj7fhhl7pczcvkoqm.svg
Requested by
Host: forms.reform.app
URL: https://forms.reform.app/upclaim/claim/9uzuac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
408971acd5cebfb431673ef7bd1b73a8da134c98387f0cccd8b0778c0efa170e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-disposition
attachment; filename="ql5xj7fhhl7pczcvkoqm.svg"
server-timing
fastly;dur=2;cpu=1;start=2022-07-13T23:32:31.513Z;desc=hit,rtt;dur=5
content-length
1199
x-request-id
1e6c2319586d3ef969fbf06a511c2ffb
last-modified
Mon, 11 Jul 2022 15:33:09 GMT
server
Cloudinary
etag
W/"c40166860556d89621f4961ee789728b"
vary
Accept-Encoding
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
/
stingray.reform.app/ Frame 4E88 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stingray.reform.app/?h=https%3A%2F%2Fforms.reform.app&p=%2Fupclaim%2Fclaim%2F9uzuac&r=https%3A%2F%2Fformulaire.upclaim.eu%2F&sid=CACHMRRX&qs=%7B%7D&cid=36799917
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.reform.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
cdn-edgestorageid
832
x-vapor-base64-encode
True
cdn-cachedat
07/13/2022 23:32:31
cdn-pullzone
848539
content-length
43
server
BunnyCDN-DE-832
pragma
no-cache
cdn-proxyver
1.02
cdn-requestpullcode
200
tk
N
content-type
image/gif
cdn-cache
MISS
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control
public, max-age=0
cdn-requestid
c7fc906c3a4358761d26e4ca9d9febbe
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
rum
formulaire.upclaim.eu/cdn-cgi/ 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://formulaire.upclaim.eu/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://formulaire.upclaim.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 13 Jul 2022 23:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://formulaire.upclaim.eu
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
72a5d1814ccbbbb9-FRA
vary
Origin

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Reform object| __cfBeacon function| __defProp function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __async object| reform

2 Cookies

Domain/Path Name / Value
forms.reform.app/ Name: reform_session
Value: eyJpdiI6IjBHSGFtWDA3V0JUdmlQRDRzMFRSdUE9PSIsInZhbHVlIjoiU2NndnVjVmpQVDB3NUtGM0FoR1ppVTBZQkVOV2YwM0NINFhOTEVaRzB1UjlrNUhoTXorWVVscjlVdnB4ZVI2S3Y4bGdPRUFlQmNjOUUzbzljM2NtaGZjc0E5NWNsa2xmSzlQa0ROWVRrYldkT0hVbnBIY1E1N2VMS08xRkhPNFciLCJtYWMiOiIxZDMzMTM3ZGUzNjZiZjg3YTk1YWNkZGNiZDQ0NWIwOTcwOTM2NDcyY2Q3YjM0OWE0YTk2OTE3Zjc4YWExZjI1IiwidGFnIjoiIn0%3D
forms.reform.app/ Name: hI27XYF58bOOOGZXsHd4wTFE4ZrbjkaeoWlqzvPj
Value: eyJpdiI6IjdtWUlGWEVhVjBWemoxTjJaSEhtQlE9PSIsInZhbHVlIjoiSXFKWFZ2eVU2M05MT3REZXR1STNnMGttZzJJL3FreE9uNVY1U08zQWNoZUo4aEJLcWV1MmFMTlZFRnc1VVlneTA0TElBOHlCVVQ2SUI4ZVhVWFRZL0Q5Rmh2b1ErMmJqMWovY1F0eEk1NlpuZk1ySkQrNXFOclJLN2ZPaGI2WS9lUlNuODVTY21Yb1NqVm9hVTcyYTgvWC8wTGNyYmxkUTVMdzkxbG11VTlJc1pHbWM4RzJuUmxCd25Ea2xGdFV2M0hRNGdyU2taWlFjeUlqRGVucDZPeDY3b0x3NEF3ZkdiWTBiWEdqNjBBd2F1RzFZMUlyVUVtNENZVUZYaEl3S1JPMCt6c1VsdHVwQkVFWTZ3dmJEUklEUTFpOUtlNUpWQ25PNTdubGdRZ09YZTdsclRRU1ZKaFcyRC9Qc0VscFhraWNGN1FvTmM0ZWFCbVRYWmh3OWNCWFJJMmtLc2RPd2Q2WTBNdnlXMWZ1ZExoSi9oSXFDVDJhL1lUWkxSQTdUT1cvdjArSzhxTytURVllT1BITHpJUT09IiwibWFjIjoiMmEzOWU4NGYzZmQxMzNmM2YwMWNiOWYyNjliNTQyZmM2M2RhOTQ2YjllOTI3NjEwMGM2Mjk1Y2FlOTE5YTBjZiIsInRhZyI6IiJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff