urlscan.io logo urlscan.io
SecurityTrails logo

texlegends.formstack.com Open in urlscan Pro
18.154.63.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938...
Effective URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Submission: On January 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 26 HTTP transactions. The main IP is 18.154.63.79, located in United States and belongs to AMAZON-02, US. The main domain is texlegends.formstack.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 20th 2023. Valid for: a year.
This is the only time texlegends.formstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.248.159.25 16509 (AMAZON-02)
3 18.66.97.116 16509 (AMAZON-02)
14 18.154.63.79 16509 (AMAZON-02)
3 54.231.198.24 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 8
2    13.248.159.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9d0301dccf0c93d0.awsglobalaccelerator.com
www.cervistech.com
3    18.66.97.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-116.fra56.r.cloudfront.net
0cd4735ce248.22155050.us-east-2.token.awswaf.com
14    18.154.63.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-79.dus51.r.cloudfront.net
texlegends.formstack.com
static.formstack.com
3    54.231.198.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 formstack.com
texlegends.formstack.com
static.formstack.com — Cisco Umbrella Rank: 26510
255 KB
3 amazonaws.com
s3.amazonaws.com
901 KB
3 awswaf.com
0cd4735ce248.22155050.us-east-2.token.awswaf.com
286 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
7 KB
2 cervistech.com
www.cervistech.com — Cisco Umbrella Rank: 528236
2 KB
26 6
Domain Requested by
11 static.formstack.com texlegends.formstack.com
3 s3.amazonaws.com texlegends.formstack.com
3 texlegends.formstack.com www.cervistech.com
texlegends.formstack.com
static.formstack.com
3 0cd4735ce248.22155050.us-east-2.token.awswaf.com www.cervistech.com
0cd4735ce248.22155050.us-east-2.token.awswaf.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.cervistech.com 1 redirects
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com texlegends.formstack.com
26 8

This site contains links to these domains. Also see Links.

Domain
www.formstack.com
Subject Issuer Validity Valid
cervistech.com
Amazon RSA 2048 M03		 2023-11-19 -
2024-12-17		 a year crt.sh
*.22155050.us-east-2.token.awswaf.com
Amazon RSA 2048 M01		 2023-08-20 -
2024-09-18		 a year crt.sh
*.formstack.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-17		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Frame ID: 2BDCF41BAC2134F4D410E807E33F4849
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Salvation Army Night presented by 4Imprint - January 19 - Formstack

Page URL History Show full URLs

  1. https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_t... Page URL
  2. https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_t... HTTP 302
    https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

26
Requests

96 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1497 kB
Transfer

2818 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938ef3bd9ad75f9f8b&orig_url=https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924 Page URL
  2. https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938ef3bd9ad75f9f8b&orig_url=https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924 HTTP 302
    https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
safelink.php
www.cervistech.com/acts/module/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938ef3bd9ad75f9f8b&orig_url=https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.159.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9d0301dccf0c93d0.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash
d33d24b15c6ba252961d12588f4b2f2dab207309eb47715cb680f5296096632a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, max-age=0
content-length
1985
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 14:49:51 GMT
server
awselb/2.0
x-amzn-waf-action
challenge
challenge.js
0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/ 		1 MB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/challenge.js
Requested by
Host: www.cervistech.com
URL: https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938ef3bd9ad75f9f8b&orig_url=https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-116.fra56.r.cloudfront.net
Software
/
Resource Hash
17ea68134564267326bcaaa4c311cfbf04652bb67a0cd36685c2b1d650ba8347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cervistech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 14:49:51 GMT
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 14:49:51 +0000
x-amz-cf-pop
FRA56-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65aa8c0f-06149a15257d31a43ead340c
content-type
text/javascript
cache-control
private, max-age=86400
x-amz-cf-id
Q0U6xMZvwjdq9Op7nLZCsrer_VrZE1kXxt9bvQVZPgqTWInaz5H6_g==
expires
0
verify
0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/ 		316 B
734 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/verify
Requested by
Host: 0cd4735ce248.22155050.us-east-2.token.awswaf.com
URL: https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-116.fra56.r.cloudfront.net
Software
/
Resource Hash
09406a625e3048d2484ef5d448d277ee76d3eed722f321458fb749291f866da7

Request headers

Referer
https://www.cervistech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 14:49:52 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65aa8c10-5a624e075a983e2218ff4f80
cache-control
no-cache, no-store, must-revalidate
content-length
316
x-amz-cf-id
NU745NK4eqlCf6XY6oqPalpqikSAY0Pm6hxhJ8IJlZfuODA9O0pAGg==
expires
0
telemetry
0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/ 		880 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/telemetry
Requested by
Host: 0cd4735ce248.22155050.us-east-2.token.awswaf.com
URL: https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-116.fra56.r.cloudfront.net
Software
/
Resource Hash
32a31c77f482488ef34ba75552503310096426a5c29513b77c7a585cfca5076a

Request headers

Referer
https://www.cervistech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 14:49:53 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65aa8c11-1def608d762ee33a006188c5
cache-control
no-cache, no-store, must-revalidate
content-length
880
x-amz-cf-id
QfMcvzyZMb68gdGv91dEqBNb6jZN9uAYLLVsuIzYqKxVKsY8ercMEg==
expires
0
Primary Request the_salvation_army_night_4imprint_011924
texlegends.formstack.com/forms/
Redirect Chain
  • https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938ef3bd9ad75f9f8b&orig_url=https://texlegends.formstack.com/forms/the_salvat...
  • https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
66 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Requested by
Host: www.cervistech.com
URL: https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938ef3bd9ad75f9f8b&orig_url=https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
f87076bb817f2df61330b354194a8d606d7c22990ed4071c261b2382b6abdcd1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0146&tc=84410a39641f1f5&tc_tok=97fa0b3be6c675938ef3bd9ad75f9f8b&orig_url=https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=5 public
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 14:49:53 GMT
expires
Fri, 19 Jan 2024 14:49:58 GMT
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
CloudFront
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
x-amz-cf-id
x0WhH6knjrodR0I5XZaXIvj0bR_wHjmdQkUPnTV-3Ub4Np4PdP6acg==
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 14:49:53 GMT
location
https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
telemetry
0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/ 		0
0
reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ 		2 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:34 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:53:56 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65840
etag
W/"65a981d4-616"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
PyvlM_ac6AYjtBg7VPCscsa20DAZnG2P1zSTOmsDqBBMuWRikIhWwQ==
jquery-ui-1.13.2.min_164f2f8d51.css
static.formstack.com/forms/css/3/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/jquery-ui-1.13.2.min_164f2f8d51.css
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
53c97063f6ea5b3487fd85cb98b0c47b41f1269fca482b2799b9c7067f051865
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:35 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:53:56 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65839
etag
W/"65a981d4-7d52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
35F_g9e1-GogNq_GBFs9-OY7ZP5XRggqttpmiwy8SmxQPEKjQGuGPQ==
default-v4_29cde3be75.css
static.formstack.com/forms/css/3/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/3/default-v4_29cde3be75.css
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:34 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:56:13 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65840
etag
W/"65a9825d-8aef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
2W7ojKcF6FXQccU-tU41pOixFp6gDMIE_rjHT6NP6oOn_l3Xex5Dyg==
uil-static.css
static.formstack.com/common/css/ 		51 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/common/css/uil-static.css
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
65763fb39f393cdc1fe959c7f3d55a7ca65cedfce32f65d1d92315088bd4e7d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:34 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:47:18 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65840
etag
W/"65a98046-ccb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
x-amz-cf-id
t49mDzhlDpMDV3Jpv-ydIRdv3pfif3vwxGxO2s_3hTQplytj-5uW7Q==
dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ 		170 B
556 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:34 GMT
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:51:38 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65840
etag
"65a9814a-aa"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
170
x-amz-cf-id
Td17g57x4MwP65y20udkxybgPNIxlUnGTcnHxPGaXAbRQtaew-5j9Q==
754152_tmpl_head_644a95d848684.
s3.amazonaws.com/files.formstack.com/public/627941/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.formstack.com/public/627941/754152_tmpl_head_644a95d848684.
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.198.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ea470d4a6dca181aa866e0f6d7ff64a2a1eb9817381a96272553cd6702c45419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 14:49:55 GMT
x-amz-version-id
4koPS6nGrx_KcU9mTWaXtJCPeXFsTbNI
Last-Modified
Thu, 27 Apr 2023 15:33:45 GMT
Server
AmazonS3
x-amz-request-id
5EHACYT2K8PVQ4PX
ETag
"3fcb50e6865cb675078e7726fe3bfb43"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
261396
x-amz-id-2
5XizQ4IT92BKEXfyMzDMhVvBUPz/pVy/kjDDEFSy5S7tBk9POjFwvixkouZpbA5HBnYoZirEYWY=
image_legends_TLHeader.jpg
s3.amazonaws.com/files.formstack.com/public/627941/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.formstack.com/public/627941/image_legends_TLHeader.jpg
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.198.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d002ae4876ca8cc749fda6b4000e50e4d98fdfe5956e4e71eacb0244a4d4b622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 14:49:55 GMT
x-amz-version-id
Rt9l.73z_vabbemrjs3W.DIOE.j0yzqj
Last-Modified
Wed, 09 Jan 2019 15:23:24 GMT
Server
AmazonS3
x-amz-request-id
5EH32VAJ8XECGDEW
ETag
"29db4824568cb50302b6e8443a19b1d0"
Content-Type
image/jpeg
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
63650
x-amz-id-2
cE0SqwVwID2ACjWbt0uqNwF4XSt4q6OHXTCn5Ko8djI+Qv8ca75aBaV0HX711HQj8sV2aYqygAw=
jquery-3.5.1.min_dc5e7f18c8.js
static.formstack.com/forms/js/3/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:34 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:56:13 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65840
etag
W/"65a9825d-15d84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
CMHAGFt8cMm9BBS7qT63s_nZpMSi1UtWy_yLS-hVN_Zxcv9F7ROL-w==
jquery-ui-1.13.2.min_1e20479789.js
static.formstack.com/forms/js/3/ 		249 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/jquery-ui-1.13.2.min_1e20479789.js
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:35 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:51:38 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65839
etag
W/"65a9814a-3e46c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
26Opj_Lc5Sw9eE6cAKhx_V1Sjs4G8pYn0HYZabPmTu4cLJjhoxU73w==
scripts_6122297722.js
static.formstack.com/forms/js/3/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/scripts_6122297722.js
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
4c594e56f27ea1c9a5ad7026528de7715d228eb5662d72d438ac6f68ddc0bc13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:35 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:53:56 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65839
etag
W/"65a981d4-13c77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
4Zi6YJLaWssbxVY5iFWwzTZDt1KMOoe7PoLOv_wZACeiZ0AxducV8Q==
analytics_7d49daa365.js
static.formstack.com/forms/js/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:35 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:51:38 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65839
etag
W/"65a9814a-839"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
TYuTbWsfZFWDIXQ_TetCWxqeN8Trl5ZKmFnEI0XA2g4uKRIicy1Ejg==
libphonenumber-min_febdd85580.js
static.formstack.com/forms/js/3/ 		165 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/libphonenumber-min_febdd85580.js
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
c3b555f2f07b8bb2039c2e041e2cf7482cc3a0a6976b8aa76fbf6dda33a645d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:35 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:51:38 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65839
etag
W/"65a9814a-294c7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
Qkn1BmSzDMrn6ymKORYQFGCSjktrIcojb101xOX1WWEGgVgVre-FSw==
modernizr_60a2d5aeb5.js
static.formstack.com/forms/js/3/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:32:35 GMT
content-encoding
br
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 18 Jan 2024 19:53:56 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
age
65839
etag
W/"65a981d4-33bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, s-maxage=86400
x-amz-cf-id
pmFH7qhgmr_BhY3oMphpvaLePHNNUCu2s4LXAbLY5XMeAMbEvbUKsQ==
formstack_icon.png
texlegends.formstack.com/forms/images/3/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://texlegends.formstack.com/forms/images/3/formstack_icon.png
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
e66e84dc3a4ac1d2d7cb7246637243cbd71c58d6b576c428330cc0699ea3c1e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:49:54 GMT
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 19 Jan 2024 13:58:55 GMT
server
CloudFront
x-amz-cf-pop
DUS51-P4
etag
"65aa801f-1948"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, s-maxage=86400
accept-ranges
bytes
content-length
6472
x-amz-cf-id
Idh8qadMnCR4edTPsNdnz4MZo6jlaCYUl6l6cPS3t-2-_OsxJDDccQ==
754152_tmpl_foot_644a9a6349c89.
s3.amazonaws.com/files.formstack.com/public/627941/ 		582 KB
582 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/files.formstack.com/public/627941/754152_tmpl_foot_644a9a6349c89.
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.198.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9c37bc57318ea52f80495fcac47a7ae979cf5fde2500eb50a5eb4b9f0da26cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 14:49:55 GMT
x-amz-version-id
Ot1D3ulD_OfgqeVzLsJkwFF6ZGpRUn8.
Last-Modified
Thu, 27 Apr 2023 15:53:08 GMT
Server
AmazonS3
x-amz-request-id
5EHCYY606XFKY2DK
ETag
"d71e7ed61348143e53e3b6d7052a8f55"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
595848
x-amz-id-2
uDetbaL9yxtMFBPTBm+RWPaO6ryDSrkQwdDMyAVCA54vSCKilLA5mGlygDifcv01zxP1d4aLpDU=
truncated
/ 		474 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6cc5818242bb6dcdf4bce143f3cd00a070e620e5984d44b5e1d69d2d1bae28f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: texlegends.formstack.com
URL: https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 16:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 16:00:28 GMT
css
fonts.googleapis.com/ 		1 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 14:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 13:09:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 14:49:54 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://texlegends.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 15:36:20 GMT
x-content-type-options
nosniff
age
342814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Jan 2025 15:36:20 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://texlegends.formstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:29:48 GMT
x-content-type-options
nosniff
age
217206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:29:48 GMT
analytics.php
texlegends.formstack.com/forms/ 		0
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://texlegends.formstack.com/forms/analytics.php?f=5488798&a=fv&m=hosted
Requested by
Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-79.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://texlegends.formstack.com/forms/the_salvation_army_night_4imprint_011924
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:49:55 GMT
via
1.1 6bc756891d4e5936d9d654c8c717a704.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
server
nginx
x-amz-cf-pop
DUS51-P4
x-frame-options
sameorigin
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public
x-amz-cf-id
8F7Y_v0cLcxn_Vi9d2fgegbK7FZNiIOyHttKaMwULlmyNC8tE3dIow==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
0cd4735ce248.22155050.us-east-2.token.awswaf.com
URL
https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/telemetry

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FS_FIELD_DATA_5488798 undefined| $ function| jQuery object| Formstack object| libphonenumber object| html5 object| Modernizr function| yepnope function| loadFormstack object| WebFontConfig object| WebFont object| form5488798

2 Cookies

Domain/Path Name / Value
texlegends.formstack.com/forms/ Name: PHPSESSID
Value: 2824iqfhefunomh458c78l7c7k
.www.cervistech.com/ Name: aws-waf-token
Value: feab5939-a528-4c32-a551-69bda0ac2c8c:EgoAtnZnuKwxAAAA:CTAQ7o+mp5jcCfGu7Dr5wLfR2mge7kq8jSEEHrFes38OXbzaXQVBqgFcb7pZY46LMVmmSYmnkykasjg0gHpbcVq8XuJXUX/38eV/vDpdWI6LiOfl+G/NtFZbXF+LCFbekGbVtmNmn5R5kpgqH7HqltVv+dZ3v/oIPcqgEv3b8IYpEB4pTyTtr0aSHHRjosdBmdhx3Imjadrepku2h+R0OzRDv2tFn4EhrFVVrPJ0/0vvCX5e9e+6+MLyuTfCBk1VbeotTOX7pL6Hnv4oJ3SRQ5hHKWBI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cd4735ce248.22155050.us-east-2.token.awswaf.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
static.formstack.com
texlegends.formstack.com
www.cervistech.com
0cd4735ce248.22155050.us-east-2.token.awswaf.com
13.248.159.25
18.154.63.79
18.66.97.116
2a00:1450:4001:806::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
54.231.198.24
09406a625e3048d2484ef5d448d277ee76d3eed722f321458fb749291f866da7
17ea68134564267326bcaaa4c311cfbf04652bb67a0cd36685c2b1d650ba8347
32a31c77f482488ef34ba75552503310096426a5c29513b77c7a585cfca5076a
4c594e56f27ea1c9a5ad7026528de7715d228eb5662d72d438ac6f68ddc0bc13
53c97063f6ea5b3487fd85cb98b0c47b41f1269fca482b2799b9c7067f051865
65763fb39f393cdc1fe959c7f3d55a7ca65cedfce32f65d1d92315088bd4e7d7
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9c37bc57318ea52f80495fcac47a7ae979cf5fde2500eb50a5eb4b9f0da26cb6
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a6cc5818242bb6dcdf4bce143f3cd00a070e620e5984d44b5e1d69d2d1bae28f
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
c3b555f2f07b8bb2039c2e041e2cf7482cc3a0a6976b8aa76fbf6dda33a645d9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d002ae4876ca8cc749fda6b4000e50e4d98fdfe5956e4e71eacb0244a4d4b622
d33d24b15c6ba252961d12588f4b2f2dab207309eb47715cb680f5296096632a
e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66e84dc3a4ac1d2d7cb7246637243cbd71c58d6b576c428330cc0699ea3c1e7
ea470d4a6dca181aa866e0f6d7ff64a2a1eb9817381a96272553cd6702c45419
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87076bb817f2df61330b354194a8d606d7c22990ed4071c261b2382b6abdcd1