urlscan.io logo urlscan.io
SecurityTrails logo

gallays.typeform.com Open in urlscan Pro
2606:4700::6812:1b47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-eu.mimecast.com/s/ZRlsCyw99i38x0MtZYSjm?domain=endsars.discussionchatroom.com
Effective URL: https://gallays.typeform.com/to/kE0FKCw8
Submission: On October 13 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2606:4700::6812:1b47, located in United States and belongs to CLOUDFLARENET, US. The main domain is gallays.typeform.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 16th 2020. Valid for: a year.
This is the only time gallays.typeform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    195.130.217.187 (United Kingdom)

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com
protect-eu.mimecast.com
1    107.23.129.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-129-48.compute-1.amazonaws.com
endsars.discussionchatroom.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
urlzs.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebasehostingproxy.page.link
2    2606:4700::6812:1b47 (United States)

ASN13335 (CLOUDFLARENET, US)
gallays.typeform.com
2    2600:9000:2156:4c00:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.typeform.com
3    2600:9000:2156:6400:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
renderer-assets.typeform.com
1    99.86.244.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-244-81.vie50.r.cloudfront.net
cdn.segment.com
6    54.148.89.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-89-138.us-west-2.compute.amazonaws.com
api.segment.io
Domain Requested by
6 api.segment.io cdn.segment.com
3 renderer-assets.typeform.com gallays.typeform.com
renderer-assets.typeform.com
3 www.gstatic.com urlzs.com
www.gstatic.com
2 images.typeform.com gallays.typeform.com
2 gallays.typeform.com www.gstatic.com
renderer-assets.typeform.com
2 urlzs.com endsars.discussionchatroom.com
urlzs.com
2 protect-eu.mimecast.com 2 redirects
1 cdn.segment.com renderer-assets.typeform.com
1 firebasehostingproxy.page.link 1 redirects
1 ajax.googleapis.com endsars.discussionchatroom.com
1 endsars.discussionchatroom.com
22 11

This site contains links to these domains. Also see Links.

Domain
typeformsem.typeform.com
Subject Issuer Validity Valid
*.discussionchatroom.com
Let's Encrypt Authority X3		 2020-09-19 -
2020-12-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
webokit.com
GTS CA 1D2		 2020-10-05 -
2021-01-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
typeform.com
Cloudflare Inc ECC CA-3		 2020-09-16 -
2021-09-16		 a year crt.sh
*.typeform.com
Amazon		 2019-12-24 -
2021-01-24		 a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2020-06-12 -
2021-07-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gallays.typeform.com/to/kE0FKCw8
Frame ID: EB2FDE2F4B8AA99120991ED6D51038CE
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://protect-eu.mimecast.com/s/ZRlsCyw99i38x0MtZYSjm?domain=endsars.discussionchatroom.com HTTP 307
    https://protect-eu.mimecast.com/redirect/eNpNUctu2zAQ_BWBZ0leknrRpwS5Ni0QNDcDAkWuLTamKJCUgbTov2flBEVvy-HOYGb... HTTP 307
    https://endsars.discussionchatroom.com/ Page URL
  2. https://urlzs.com/a7akw Page URL
  3. https://firebasehostingproxy.page.link/358291188292/urlzs.com/a7akw?_imcp=1 HTTP 302
    https://gallays.typeform.com/to/kE0FKCw8 Page URL

Page Statistics

22
Requests

95 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

515 kB
Transfer

1812 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-eu.mimecast.com/s/ZRlsCyw99i38x0MtZYSjm?domain=endsars.discussionchatroom.com HTTP 307
    https://protect-eu.mimecast.com/redirect/eNpNUctu2zAQ_BWBZ0leknrRpwS5Ni0QNDcDAkWuLTamKJCUgbTov2flBEVvy-HOYGb2D4tmzezIbrhg1vUNr3jTD9mfq0sM21qb4FnJrsGwIy9ZRINuzdl5pHcHoh0GpQYAoD-SESXD5CwNTQ8gVDuokmWfvwdLBAbQkJhbaWyg5tDXQ90OBPl02VmMxvVO57JkW7wSNOe8puPpcDrgYpOOqbYumS0lFxYz6xxD8LvL04HIuEe5jKbCcXsDPqphvFk1VO34JMSj4qMAARzohwvayBi9qMhVJZRqJCgudjdT2sOR81VTbPZJJVybXf5pRvP2-vKNALKRg8doPuP9W0xep5kArfsOO4BJGiktl1J2vWn6VshGTRPortHCTuc7ZbGRGKSHc3xwZ1d5tO63W2qS3ou_UF5aWGPIaHKFW-3pCkan_HWjtE2_aOHnhsnq97L4YXKYMBZUZbHHLjg_yq54fGb3kzyHbdkr_2rhHtv8F_fvBwumnoM HTTP 307
    https://endsars.discussionchatroom.com/ Page URL
  2. https://urlzs.com/a7akw Page URL
  3. https://firebasehostingproxy.page.link/358291188292/urlzs.com/a7akw?_imcp=1 HTTP 302
    https://gallays.typeform.com/to/kE0FKCw8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-eu.mimecast.com/s/ZRlsCyw99i38x0MtZYSjm?domain=endsars.discussionchatroom.com HTTP 307
  • https://protect-eu.mimecast.com/redirect/eNpNUctu2zAQ_BWBZ0leknrRpwS5Ni0QNDcDAkWuLTamKJCUgbTov2flBEVvy-HOYGb2D4tmzezIbrhg1vUNr3jTD9mfq0sM21qb4FnJrsGwIy9ZRINuzdl5pHcHoh0GpQYAoD-SESXD5CwNTQ8gVDuokmWfvwdLBAbQkJhbaWyg5tDXQ90OBPl02VmMxvVO57JkW7wSNOe8puPpcDrgYpOOqbYumS0lFxYz6xxD8LvL04HIuEe5jKbCcXsDPqphvFk1VO34JMSj4qMAARzohwvayBi9qMhVJZRqJCgudjdT2sOR81VTbPZJJVybXf5pRvP2-vKNALKRg8doPuP9W0xep5kArfsOO4BJGiktl1J2vWn6VshGTRPortHCTuc7ZbGRGKSHc3xwZ1d5tO63W2qS3ou_UF5aWGPIaHKFW-3pCkan_HWjtE2_aOHnhsnq97L4YXKYMBZUZbHHLjg_yq54fGb3kzyHbdkr_2rhHtv8F_fvBwumnoM HTTP 307
  • https://endsars.discussionchatroom.com/

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
endsars.discussionchatroom.com/
Redirect Chain
  • https://protect-eu.mimecast.com/s/ZRlsCyw99i38x0MtZYSjm?domain=endsars.discussionchatroom.com
  • https://protect-eu.mimecast.com/redirect/eNpNUctu2zAQ_BWBZ0leknrRpwS5Ni0QNDcDAkWuLTamKJCUgbTov2flBEVvy-HOYGb2D4tmzezIbrhg1vUNr3jTD9mfq0sM21qb4FnJrsGwIy9ZRINuzdl5pHcHoh0GpQYAoD-SESXD5CwNTQ8gVDuokmWf...
  • https://endsars.discussionchatroom.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://endsars.discussionchatroom.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
107.23.129.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-129-48.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Host
endsars.discussionchatroom.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By
Express
P3P
CP='NOI DSP COR NID CURa TAIi OUR BUS INT PRE'; policyref='https://endsars.discussionchatroom.com/w3c/p3p.xml';
Content-Type
text/html; charset=utf-8
ETag
W/"/fe1XOzNLvn9dyPQk+RtEw=="
Set-Cookie
wtchat=s%3A-BkUQbamYJGlzi3zln3GnXs3FbZ5tAcK.IbKoi387NuF0ZIdNLF4j4xHiH5w%2FsEEpcGupuPm%2Fds4; Path=/; HttpOnly; Secure; SameSite=None
Vary
Accept-Encoding
Content-Encoding
gzip
X-Response-Time
6.259ms
Date
Tue, 13 Oct 2020 14:25:44 GMT
Connection
keep-alive
Transfer-Encoding
chunked

Redirect headers

Location
https://endsars.discussionchatroom.com/
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-control
no-store
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Length
0
Date
Tue, 13 Oct 2020 15:25:43 +0100
Connection
Keep-Alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: endsars.discussionchatroom.com
URL: https://endsars.discussionchatroom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://endsars.discussionchatroom.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 10 Oct 2020 09:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276194
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Oct 2021 09:42:30 GMT
a7akw
urlzs.com/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlzs.com/a7akw
Requested by
Host: endsars.discussionchatroom.com
URL: https://endsars.discussionchatroom.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ESF /
Resource Hash
b233a7d692229bb010edbcbc722843aaa8e23e52b3cbadd479793f446a245a88
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JeTT3rMvpt7NAJsh/ZC8KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'nonce-JeTT3rMvpt7NAJsh/ZC8KQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
urlzs.com
:scheme
https
:path
/a7akw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://endsars.discussionchatroom.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://endsars.discussionchatroom.com/

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JeTT3rMvpt7NAJsh/ZC8KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'nonce-JeTT3rMvpt7NAJsh/ZC8KQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-type
text/html; charset=utf-8
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0
accept-ranges
bytes bytes
date
Tue, 13 Oct 2020 14:25:44 GMT
x-served-by
cache-cph20644-CPH
x-cache
MISS
x-cache-hits
0
x-timer
S1602599144.310591,VS0,VE313
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
cspreport
urlzs.com/_/DurableDeepLinkUi/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://urlzs.com/_/DurableDeepLinkUi/cspreport
Requested by
Host: urlzs.com
URL: https://urlzs.com/a7akw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vdxMa7Pgd/bIeTooQL8eZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'nonce-vdxMa7Pgd/bIeTooQL8eZQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlzs.com/a7akw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
script-src 'report-sample' 'nonce-vdxMa7Pgd/bIeTooQL8eZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'nonce-vdxMa7Pgd/bIeTooQL8eZQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS
status
405
x-cache-hits
0
x-xss-protection
0
x-served-by
cache-cph20644-CPH
pragma
no-cache
allow
HEAD, GET
server
ESF
x-timer
S1602599145.659910,VS0,VE351
date
Tue, 13 Oct 2020 14:25:45 GMT
vary
x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/am=BBA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP5FFCCIOComu0EBsw8YBfsIVUy54A/ 		142 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/am=BBA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP5FFCCIOComu0EBsw8YBfsIVUy54A/m=_b,_tp
Requested by
Host: urlzs.com
URL: https://urlzs.com/a7akw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42e20669bec890ea2d2e5fb0844d3ed7d7f14cb6ee16e51b67890d06aa706d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlzs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 17:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594002
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51321
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 01:34:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 17:25:42 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/ck=boq-devplatform.DurableDeepLinkUi.Ec_H6myJ_7k.L.B1.O/am=BBA/d=1/exm=_b,_tp/excm=_b,_tp,view... 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/ck=boq-devplatform.DurableDeepLinkUi.Ec_H6myJ_7k.L.B1.O/am=BBA/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP5Mnsf4rdPOCPGuaP4UJPxzybKTvg/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/am=BBA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP5FFCCIOComu0EBsw8YBfsIVUy54A/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlzs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 18:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589249
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12888
x-xss-protection
0
last-modified
Mon, 05 Oct 2020 17:39:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 18:44:55 GMT
m=KjEEgd
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/ck=boq-devplatform.DurableDeepLinkUi.Ec_H6myJ_7k.L.B1.O/am=BBA/d=1/exm=LEikZe,_b,_tp,byfTOb,ls... 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/ck=boq-devplatform.DurableDeepLinkUi.Ec_H6myJ_7k.L.B1.O/am=BBA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP5Mnsf4rdPOCPGuaP4UJPxzybKTvg/m=KjEEgd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/am=BBA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP5FFCCIOComu0EBsw8YBfsIVUy54A/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlzs.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 18:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589249
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5901
x-xss-protection
0
last-modified
Mon, 05 Oct 2020 17:39:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 18:44:55 GMT
Primary Request kE0FKCw8
gallays.typeform.com/to/
Redirect Chain
  • https://firebasehostingproxy.page.link/358291188292/urlzs.com/a7akw?_imcp=1
  • https://gallays.typeform.com/to/kE0FKCw8
138 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gallays.typeform.com/to/kE0FKCw8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/am=BBA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP5FFCCIOComu0EBsw8YBfsIVUy54A/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 1.500.0-3.121.1
Resource Hash
3c1bc559d39a2dd7e0f6e949b7833da0b00ace7ce8445d94ec4d6cdcb6e9f284
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

:method
GET
:authority
gallays.typeform.com
:scheme
https
:path
/to/kE0FKCw8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://urlzs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://urlzs.com/a7akw

Response headers

status
200
date
Tue, 13 Oct 2020 14:25:45 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dafa2fe95ec254a01a183e0ec6af2a3d81602599145; expires=Thu, 12-Nov-20 14:25:45 GMT; path=/; domain=.typeform.com; HttpOnly; SameSite=Lax; Secure
age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-security-policy-report-only
report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors https: ;
pragma
no-cache
vary
Accept-Encoding
x-cache
MISS
x-cache-lookup
HIT
x-envoy-upstream-service-time
191
x-powered-by
1.500.0-3.121.1
x-varnish
30183536
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers
Location, X-Request-Id
strict-transport-security
max-age=63072000; includeSubDomains
x-newp
Yes
cf-cache-status
DYNAMIC
cf-request-id
05c3f3669100009ac8ba07a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e19bb50e9859ac8-FRA
content-encoding
gzip

Redirect headers

status
302
content-type
application/binary
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 13 Oct 2020 14:25:45 GMT
location
https://gallays.typeform.com/to/kE0FKCw8
content-security-policy
script-src 'report-sample' 'nonce-01BwujhN2rN9pPxEwNqqmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-01BwujhN2rN9pPxEwNqqmg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
large
images.typeform.com/images/dWFSEY2JTsDQ/background/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.typeform.com/images/dWFSEY2JTsDQ/background/large
Requested by
Host: gallays.typeform.com
URL: https://gallays.typeform.com/to/kE0FKCw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
58838b1b52a00a705c7c6b8405fdca14085bb3e0914c6748ec9fc9ca8bafb845
Security Headers
Name Value
Content-Security-Policy script-src 'self'

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 11:57:25 GMT
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront), 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age
181700
x-amzn-requestid
ad26712a-e091-4a87-a77b-f7ce1c9cb5ee
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-5f82f325-6de189fe6d9218ef6ff06ea6;Sampled=0
content-security-policy
script-src 'self'
x-amz-cf-pop
FRA53-C1, FRA50-C1
x-amz-apigw-id
UPrt3GHkIAMFTrA=
content-length
2449
x-amz-cf-id
3vHIl1VAcEUG9KlsJ_E9dh4Kb2pDQifQNJsHYA-zBgATrlbX7fQK_w==
default
images.typeform.com/images/9JuA34b5rves/image/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.typeform.com/images/9JuA34b5rves/image/default
Requested by
Host: gallays.typeform.com
URL: https://gallays.typeform.com/to/kE0FKCw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1b26135d872df078ff4bded7b334b22f6e9656dda3ba2bf75e69a6150832e95f
Security Headers
Name Value
Content-Security-Policy script-src 'self'

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 12:14:34 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront), 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age
7871
x-amzn-requestid
dee1331d-1140-4161-8929-d3d11b5d7167
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-5f859a2a-6f58352c47abc3a210cd3a97;Sampled=0
content-security-policy
script-src 'self'
x-amz-cf-pop
DUS51-C1, FRA50-C1
x-amz-apigw-id
UWUGqGGAoAMF4CQ=
content-length
7347
x-amz-cf-id
A3zYURr6dl4ZY6H37nMxtfQh_1BEC6LZ5uy7Wor5XEFwtaYbbi5hWw==
modern-renderer.3fbea232f95760560008.js
renderer-assets.typeform.com/ 		412 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-renderer.3fbea232f95760560008.js
Requested by
Host: gallays.typeform.com
URL: https://gallays.typeform.com/to/kE0FKCw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d306924280beb2958bb6b28615926b683f09c10f6ddcdb871e111aa1af1a68e

Request headers

Origin
https://gallays.typeform.com
Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 08:46:13 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
20373
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 09 Oct 2020 08:34:06 GMT
server
AmazonS3
etag
W/"c7ba21b45742d7c76aa96618abd66ed2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KhHE4ZSs5gw3Ww0QASEBr_g6-TTIWn0X6y4c0dttjmK24AdN8V09Cw==
modern-vendors~form.0473d6c828861713a103.js
renderer-assets.typeform.com/ 		413 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-vendors~form.0473d6c828861713a103.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.3fbea232f95760560008.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b5d4d70d3a460661c0bc4606645816b5f6e6146d40c2b7f1ef68494328b6cb

Request headers

Origin
https://gallays.typeform.com
Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 08:46:15 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
20372
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 09 Oct 2020 08:34:06 GMT
server
AmazonS3
etag
W/"8bd8020f628513845d059c1b5bd78af2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OtK2BsqrShY12UWFqpqXSR_jNclyZfUIZsSsvP4nol-SzlVxLiKRTA==
modern-form.ea52017a72e3a141b7dc.js
renderer-assets.typeform.com/ 		168 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renderer-assets.typeform.com/modern-form.ea52017a72e3a141b7dc.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.3fbea232f95760560008.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d24eaeae00b552ce86fd2be565a3c9bec0f88936ac5a3d4da50d92f6e2abb0

Request headers

Origin
https://gallays.typeform.com
Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 08:46:15 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
20372
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 09 Oct 2020 08:34:06 GMT
server
AmazonS3
etag
W/"7ca0373ac2b68cb427f0f4735db4588c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qoatlAzaCMES6zDCjOPJOV5kzRvQS25X2EgWDEeZJgjjax1WjdS4eg==
default-firstframe.png
images.typeform.com/images/9JuA34b5rves/image/ 		0
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
analytics.min.js
cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/ 		353 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.0473d6c828861713a103.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.244.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-244-81.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e610e94280f669aae7b86836640bd0db2298b70f88197fe7e037e93dbe3e2a9b

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
LljxdbTLaQ9tLIBTnTz_ASF3COqodhMf
content-encoding
gzip
etag
"e7f8fb07bca50844171728bd9a7f48df"
age
181
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
65505
access-control-allow-origin
*
last-modified
Fri, 09 Oct 2020 19:12:22 GMT
server
AmazonS3
date
Tue, 13 Oct 2020 14:22:45 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 ccc2e147947b6e1dcaa206a56faa4bb5.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
62NF2d8_1TaJYX7STW2s7QMDk_TKWN8tUaCMt_dexKN-QTT1bJ4alQ==
view-form-open
gallays.typeform.com/forms/kE0FKCw8/insights/events/ 		2 B
158 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gallays.typeform.com/forms/kE0FKCw8/insights/events/view-form-open
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.0473d6c828861713a103.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Oct 2020 14:25:46 GMT
cf-cache-status
DYNAMIC
status
200
x-envoy-upstream-service-time
9
content-length
2
cf-request-id
05c3f36c2a00009ac8ba0c3200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gallays.typeform.com
x-newp
Yes
access-control-expose-headers
Location, X-Request-Id
cf-ray
5e19bb59dfe59ac8-FRA
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
i
api.segment.io/v1/ 		21 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.89.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-89-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Tue, 13 Oct 2020 14:25:47 GMT
access-control-allow-origin
https://gallays.typeform.com
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.89.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-89-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Tue, 13 Oct 2020 14:25:47 GMT
access-control-allow-origin
https://gallays.typeform.com
content-length
21
vary
Origin
content-type
application/json
i
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.89.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-89-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Tue, 13 Oct 2020 14:25:49 GMT
access-control-allow-origin
https://gallays.typeform.com
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.89.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-89-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Tue, 13 Oct 2020 14:25:49 GMT
access-control-allow-origin
https://gallays.typeform.com
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.89.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-89-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Tue, 13 Oct 2020 14:25:49 GMT
access-control-allow-origin
https://gallays.typeform.com
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.89.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-89-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://gallays.typeform.com/to/kE0FKCw8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Tue, 13 Oct 2020 14:25:49 GMT
access-control-allow-origin
https://gallays.typeform.com
content-length
21
vary
Origin
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
images.typeform.com
URL
https://images.typeform.com/images/9JuA34b5rves/image/default-firstframe.png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| __webpack_public_path__ string| rendererAssets object| rendererData object| rendererTheme object| regeneratorRuntime object| webpackJsonp_name_ string| rendererVersion object| renderer function| scrollToWithAnimation object| analytics function| normalize

4 Cookies

Domain/Path Name / Value
.typeform.com/ Name: ajs_anonymous_id
Value: %229756fb0c-e2fe-4497-b6e9-fdf8e74a6a57%22
.typeform.com/ Name: ajs_user_id
Value: 17001743
.typeform.com/ Name: attribution_user_id
Value: 91d53d4e-e3fe-4244-8189-9fb95c2d0b0b
.typeform.com/ Name: __cfduid
Value: dafa2fe95ec254a01a183e0ec6af2a3d81602599145

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/am=BBA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP5FFCCIOComu0EBsw8YBfsIVUy54A/m=_b,_tp(Line 408)
Message:
%c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.6X-N07mhfD4.es5.O/am=BBA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP5FFCCIOComu0EBsw8YBfsIVUy54A/m=_b,_tp(Line 408)
Message:
%c%s font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.