proofgov.formhero.cloud Open in urlscan Pro
65.9.190.37  Malicious Activity! Public Scan

Submitted URL: https://eccc-office.proofgov.com/
Effective URL: https://proofgov.formhero.cloud/
Submission: On October 29 via automatic, source certstream-suspicious

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 30 HTTP transactions. The main IP is 65.9.190.37, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is proofgov.formhero.cloud.
TLS certificate: Issued by Amazon on May 2nd 2020. Valid for: a year.
This is the only time proofgov.formhero.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canadian Government (Government)

Domain & IP information

Domain Requested by
14 services.formhero.cloud proofgov.formhero.cloud
7 proofgov.formhero.cloud proofgov.formhero.cloud
3 media.formhero.com proofgov.formhero.cloud
2 cdn-libraries.formhero.cloud proofgov.formhero.cloud
cdn-libraries.formhero.cloud
1 www.canada.ca proofgov.formhero.cloud
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com proofgov.formhero.cloud
1 fonts.googleapis.com proofgov.formhero.cloud
1 eccc-office.proofgov.com 1 redirects
30 9

This site contains links to these domains. Also see Links.

Domain
ca.thrive.health
ecollab.ncr.int.ec.gc.ca
www.canada.ca
formhero.io
Subject Issuer Validity Valid
*.formhero.cloud
Amazon
2020-05-02 -
2021-06-02
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.canada.ca
GeoTrust RSA CA 2018
2020-03-30 -
2021-04-29
a year crt.sh
media.formhero.com
Amazon
2020-01-13 -
2021-02-13
a year crt.sh

This page contains 2 frames:

Primary Page: https://proofgov.formhero.cloud/
Frame ID: C5A67E35AA47ABFC7DF76DBB00459FA6
Requests: 23 HTTP requests in this frame

Frame: https://proofgov.formhero.cloud/empty.html
Frame ID: DA16EF1A7266DCBC95D35066E797F6E2
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://eccc-office.proofgov.com/ HTTP 302
    https://proofgov.formhero.cloud/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

8
IPs

3
Countries

1016 kB
Transfer

3964 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eccc-office.proofgov.com/ HTTP 302
    https://proofgov.formhero.cloud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
proofgov.formhero.cloud/
Redirect Chain
  • https://eccc-office.proofgov.com/
  • https://proofgov.formhero.cloud/
6 KB
4 KB
Document
General
Full URL
https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
73861c6c5d56678404ffee7eab3f8f54d84ee22d1036525bdd6a0621cd5c57d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
proofgov.formhero.cloud
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
date
Thu, 29 Oct 2020 19:42:29 GMT
server
nginx
content-security-policy
frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
z1xXiK0Jq41jvq3BM9_Orz_4NuO-12xAZetCIlj74pUGNK6xayvbvQ==

Redirect headers

status
302
location
https://proofgov.formhero.cloud/#/demos/eccc-office-form
date
Thu, 29 Oct 2020 19:42:28 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
253
x-xss-protection
0
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bdd6c9be5f6c8df413940bb4336b6debb8bf4a5459bf10ba8fd1ba61a1c63115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Oct 2020 19:34:14 GMT
server
ESF
date
Thu, 29 Oct 2020 19:42:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Oct 2020 19:42:29 GMT
font-awesome.min.css
cdn-libraries.formhero.cloud/font-awesome/4.7.0/css/
30 KB
31 KB
Stylesheet
General
Full URL
https://cdn-libraries.formhero.cloud/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:fe00:d:b813:c700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 14:26:29 GMT
via
1.1 2646a167841368615f96564f373f8d21.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jun 2018 18:09:26 GMT
server
AmazonS3
age
18961
etag
"269550530cc127b6aa5a35925a7de6ce"
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
31000
x-amz-cf-id
SDUnmtqTnZw0zvzco2tveP3YQMPYZt3kOq-nQT5UvVPxam_uj8g5ZA==
formhero-app-d06fedec.css
proofgov.formhero.cloud/css/
605 KB
60 KB
Stylesheet
General
Full URL
https://proofgov.formhero.cloud/css/formhero-app-d06fedec.css
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
55650facaeba95b6e16c31dfd749428f757cc26ad98ed84b35bb65ff0ae314bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 16:11:46 GMT
server
nginx
x-amz-cf-pop
ZAG50-C1
etag
W/"5f9300c2-974bb"
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Miss from cloudfront
content-type
text/css
status
200
content-security-policy
frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
x-amz-cf-id
vddYJ8iebdM_tzrsb4Ssi0MkMl_TGfEw09X76UgjxqqGyTqS2OCgCQ==
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
rotate-phone.svg
proofgov.formhero.cloud/images/
3 KB
4 KB
Image
General
Full URL
https://proofgov.formhero.cloud/images/rotate-phone.svg
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
13802a17074766a8e07244bfc2bf48bb3d4930faa3bbcf0fafea10004a813b2f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 16:11:50 GMT
server
nginx
x-amz-cf-pop
ZAG50-C1
etag
"5f9300c6-b2d"
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Miss from cloudfront
content-type
image/svg+xml
status
200
date
Thu, 29 Oct 2020 19:42:29 GMT
accept-ranges
bytes
content-length
2861
x-amz-cf-id
bfuOqFEOhkYaqFgHOTwoL0uFc-G-XTwhLfrwetb7XojHuPE06-1SJg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 12:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25578
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Oct 2021 12:36:11 GMT
unsupported.js
proofgov.formhero.cloud/js/
59 KB
16 KB
Script
General
Full URL
https://proofgov.formhero.cloud/js/unsupported.js
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b44a4588a0ba8fde4f2301ac2e5bc82f79f2fc17d5d0db75ae980a93298761e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
ZAG50-C1
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
content-security-policy
frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
x-amz-cf-id
df8XmbqC-PP2tcqLhs-VQTGzcl0S8Kgty4Y6CZNjcRpGw5FjvXq-qg==
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
3rd-party.min-d62b6004.js
proofgov.formhero.cloud/js/
693 KB
211 KB
Script
General
Full URL
https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b78387847d12cf2680eaf694ee5179860fdd579dbb21e1f3862f6fb6fbd03414
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
ZAG50-C1
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
content-security-policy
frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
x-amz-cf-id
WOjDazoirDy26lZHsHgOKviBqGTyzeh6zGJItu7MxJWAFbTt3VCE_w==
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
formhero-app.min-bc5435db.js
proofgov.formhero.cloud/js/
2 MB
463 KB
Script
General
Full URL
https://proofgov.formhero.cloud/js/formhero-app.min-bc5435db.js
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b9832c361870ace2692eba6b30c7f7b52c77af67074870c6f965b78e8c4e503a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
ZAG50-C1
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
content-security-policy
frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
x-amz-cf-id
Xz_XjqZ-5gckUKCnXRwQCWAaWxCoYjTJs0tzIzLKm8B0zM-t1SyK5A==
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
css
services.formhero.cloud/styles/proofgov/demos/eccc-office-form/
159 KB
22 KB
XHR
General
Full URL
https://services.formhero.cloud/styles/proofgov/demos/eccc-office-form/css?combined=true
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
41a9b7df7979c8dfa883da9442694e47841ae3907758b8c7c7c76ce889314207
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
access-control-max-age
600
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJlYzY5MWM2ZS1mN2Y1LTQ1MzUtOTM0Ny02MDIzNzZmMDYzNTIiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImlhdCI6MTYwNDAwMDU1MSwiZXhwIjoxNjA0MDA3NzUxfQ.YLZNJj6V3XH2gnzPUiCzpvAFIPsx5cj_WFzqSVtqhgs
server
nginx
x-frame-options
DENY
etag
W/"27db4-7esVwboKJDsmokIijycm/CaYOkM"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
access-control-expose-headers
X-FormHero-Token,x-formhero-token
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
gYnDKttSCw0QXVhHfI3erZzZFNWtUUcJucXguxRBsjYR7kmCMBKb2w==
fontawesome-webfont.woff2
cdn-libraries.formhero.cloud/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdn-libraries.formhero.cloud/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn-libraries.formhero.cloud
URL: https://cdn-libraries.formhero.cloud/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:fe00:d:b813:c700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://proofgov.formhero.cloud
Referer
https://cdn-libraries.formhero.cloud/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 00:31:46 GMT
via
1.1 a65cc3f0f56427b7099c895c026d63f0.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jun 2018 17:58:22 GMT
server
AmazonS3
age
69045
etag
"af7ae505a9eed503f8b8e6982036873e"
status
200
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
77160
x-amz-cf-id
QoDRbvqHTZ8ce8PkdWfChFYN7p27qPBF8M4-vpAtp-V9kTPY7S4OeA==
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://proofgov.formhero.cloud
Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 23:34:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
158885
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 27 Oct 2021 23:34:25 GMT
eccc-office-form
services.formhero.cloud/library/formflow/proofgov/demos/
23 KB
10 KB
XHR
General
Full URL
https://services.formhero.cloud/library/formflow/proofgov/demos/eccc-office-form
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
1a9aef4cdc3ed2459b3f021eb22ad6212b672ef296e9027d48e4c5ca3ce468a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
access-control-max-age
600
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwiaWF0IjoxNjA0MDAwNTUxLCJleHAiOjE2MDQwMDc3NTF9.YntOhQetXZgvOmE8io4eLT-bnJMgOLmWOLW-iTRWTYw
server
nginx
x-frame-options
DENY
etag
W/"5bca-WwcK8J/PV2lW+4MdyfcXbIfVGes"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
access-control-expose-headers
X-FormHero-Token,x-formhero-token
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
7c7aV1u9te2wlKCFsuCkicyDh0BkD7McIGYys1kujFWx09AQeu6MFA==
empty.html
proofgov.formhero.cloud/ Frame DA16
75 B
2 KB
Document
General
Full URL
https://proofgov.formhero.cloud/empty.html
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/formhero-app.min-bc5435db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fb7850f00022d72ada7edccef035e97deb2a290707fbcba4f49734e294686df7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
proofgov.formhero.cloud
:scheme
https
:path
/empty.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://proofgov.formhero.cloud/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://proofgov.formhero.cloud/

Response headers

status
200
content-type
text/html; charset=utf-8
date
Thu, 29 Oct 2020 19:42:31 GMT
server
nginx
content-security-policy
frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 996a6dcadb486dbb9da5040a9ab13af3.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
snOx3gVk80eCRTeXfToVsGco1G1UzGNzMahSVwUoeLqofW5C6XlSgQ==
current
services.formhero.cloud/auth/session/ Frame
0
0
Other
General
Full URL
https://services.formhero.cloud/auth/session/current
Protocol
H2
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-formhero-token
Origin
https://proofgov.formhero.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 29 Oct 2020 19:42:31 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
access-control-allow-headers
DNT,X-FormHero-Token,,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-expose-headers
X-FormHero-Token,x-formhero-token
x-frame-options
DENY
x-content-type-options
nosniff
x-cache
Miss from cloudfront
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
DzPT_-flF_f88b9PrIBeklX8vymBYmN5iWI1asV0qE4nNhGOPOnL0w==
current
services.formhero.cloud/auth/session/
875 B
3 KB
XHR
General
Full URL
https://services.formhero.cloud/auth/session/current
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
b1971a13c5f3f2d96749de1e702657c29abe5e03592907194ae4f340fbd4106c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
X-Formhero-Token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwiaWF0IjoxNjA0MDAwNTUxLCJleHAiOjE2MDQwMDc3NTF9.YntOhQetXZgvOmE8io4eLT-bnJMgOLmWOLW-iTRWTYw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:31 GMT
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
875
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTEsImV4cCI6MTYwNDAwNzc1MX0.LUEtKT6zwH4ikw-SKDDmjXwB3yCW7jqznMPlvHRJ9Hs
server
nginx
x-frame-options
DENY
etag
W/"36b-VxcxlxcibxbRIKRIlgfuotrVbIk"
access-control-max-age
600
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-expose-headers
X-FormHero-Token,x-formhero-token
cache-control
no-cache
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
u3Efg5LIQiBMVLUkLEcrG_LLjL-pbEVDZO6R5KNroiU82zZZqZDUQA==
user-path
services.formhero.cloud/submissions/ Frame
0
0
Other
General
Full URL
https://services.formhero.cloud/submissions/user-path
Protocol
H2
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-formhero-token
Origin
https://proofgov.formhero.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 29 Oct 2020 19:42:32 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
access-control-allow-headers
DNT,X-FormHero-Token,,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-expose-headers
X-FormHero-Token,x-formhero-token
x-frame-options
DENY
x-content-type-options
nosniff
x-cache
Miss from cloudfront
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
G39lqf6n818HzECIdmAQtIqreukVnKTj4vT3IbUScrbiRKC_hcZJFg==
user-path
services.formhero.cloud/submissions/
49 B
2 KB
XHR
General
Full URL
https://services.formhero.cloud/submissions/user-path
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
4c5e81ca084c1411f3040030b197826428b7dbd56ecd5e2a34617fe300961a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
X-Formhero-Token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTEsImV4cCI6MTYwNDAwNzc1MX0.LUEtKT6zwH4ikw-SKDDmjXwB3yCW7jqznMPlvHRJ9Hs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 29 Oct 2020 19:42:33 GMT
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
49
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTMsImV4cCI6MTYwNDAwNzc1M30.fARRIx7DpXHgj29Vfa1tB2BoZquL1OMkBtOrEWvKhNo
server
nginx
x-frame-options
DENY
etag
W/"31-lMisaGQJCUhp6rFhwZDMF0+am/U"
access-control-max-age
600
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-expose-headers
X-FormHero-Token,x-formhero-token
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9DyTNVdhLY3ZRdc_EidXrQb01LXnUwlt13bAxY1UHKkUv79dGihEFw==
wmms-blk.svg
www.canada.ca/etc/designs/canada/wet-boew/assets/
5 KB
2 KB
Image
General
Full URL
https://www.canada.ca/etc/designs/canada/wet-boew/assets/wmms-blk.svg
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1:29b::fe9 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Thu, 29 Oct 2020 19:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
publish
status
200
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1765
last-modified
Tue, 30 Apr 2019 16:21:55 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
"129d-587c1cc9f8ec0-gzip"
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
limits
services.formhero.cloud/submissions/session-artifact/ Frame
0
0
Other
General
Full URL
https://services.formhero.cloud/submissions/session-artifact/limits
Protocol
H2
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-formhero-token
Origin
https://proofgov.formhero.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 29 Oct 2020 19:42:32 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
access-control-allow-headers
DNT,X-FormHero-Token,,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-expose-headers
X-FormHero-Token,x-formhero-token
x-frame-options
DENY
x-content-type-options
nosniff
x-cache
Miss from cloudfront
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
x42qMqxShJr4IoqbAk8bHAjyZLLCTg5kfxnTNvDBoVX3CykQ7ha2_A==
eccc:-tiered-(prov-greaterbldg-greaterbranch-greateremail)-v16
services.formhero.cloud/library/pickList/proofgov/demos/ Frame
0
0
Other
General
Full URL
https://services.formhero.cloud/library/pickList/proofgov/demos/eccc:-tiered-(prov-greaterbldg-greaterbranch-greateremail)-v16
Protocol
H2
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-formhero-token
Origin
https://proofgov.formhero.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 29 Oct 2020 19:42:32 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
access-control-allow-headers
DNT,X-FormHero-Token,,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-expose-headers
X-FormHero-Token,x-formhero-token
x-frame-options
DENY
x-content-type-options
nosniff
x-cache
Miss from cloudfront
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
ycV01y00WEG3eIPlSConI5k7b224ujLJ8k-YHU0pSWYF5ga_382t5A==
access-time-(7am-4pm)
services.formhero.cloud/library/pickList/proofgov/demos/ Frame
0
0
Other
General
Full URL
https://services.formhero.cloud/library/pickList/proofgov/demos/access-time-(7am-4pm)
Protocol
H2
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-formhero-token
Origin
https://proofgov.formhero.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 29 Oct 2020 19:42:32 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
access-control-allow-headers
DNT,X-FormHero-Token,,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-expose-headers
X-FormHero-Token,x-formhero-token
x-frame-options
DENY
x-content-type-options
nosniff
x-cache
Miss from cloudfront
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
wzeslARnvhwCdkPcdYAklJ7Ylbb_AQGuPnVx77Ig7WbokbMdbyvtYw==
limits
services.formhero.cloud/submissions/session-artifact/
103 B
2 KB
XHR
General
Full URL
https://services.formhero.cloud/submissions/session-artifact/limits
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
d74ffab5b05671b41d2ac4f60ba10b62201b619228b042dd939746bdb2aee788
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
X-Formhero-Token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTEsImV4cCI6MTYwNDAwNzc1MX0.LUEtKT6zwH4ikw-SKDDmjXwB3yCW7jqznMPlvHRJ9Hs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:33 GMT
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
103
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTMsImV4cCI6MTYwNDAwNzc1M30.fARRIx7DpXHgj29Vfa1tB2BoZquL1OMkBtOrEWvKhNo
server
nginx
x-frame-options
DENY
etag
W/"67-Dbmvna5Eaz3u/Hg4r3k3Q8RBdlI"
access-control-max-age
600
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-expose-headers
X-FormHero-Token,x-formhero-token
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
YQ_K1MtNsceC3uIszOs2HS9L1eoL3J5B_u-lFF9HhUjL-w5IxrhHTQ==
eccc:-tiered-(prov-greaterbldg-greaterbranch-greateremail)-v16
services.formhero.cloud/library/pickList/proofgov/demos/
211 KB
11 KB
XHR
General
Full URL
https://services.formhero.cloud/library/pickList/proofgov/demos/eccc:-tiered-(prov-greaterbldg-greaterbranch-greateremail)-v16
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
321cf2424c81c90db22cc24f735021ee0789be30cebdacbbb53a9c8b2e131fd9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
X-Formhero-Token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTEsImV4cCI6MTYwNDAwNzc1MX0.LUEtKT6zwH4ikw-SKDDmjXwB3yCW7jqznMPlvHRJ9Hs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
access-control-max-age
600
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTMsImV4cCI6MTYwNDAwNzc1M30.fARRIx7DpXHgj29Vfa1tB2BoZquL1OMkBtOrEWvKhNo
server
nginx
x-frame-options
DENY
etag
W/"34d1c-L+w3mz1dUOqEWBOcbAa8a6g1nj8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
access-control-expose-headers
X-FormHero-Token,x-formhero-token
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fyeHHTXeZKCUbifcXI57cTwkk0qKLupaF_Mh1ITNlimwm7sE6cUaiw==
access-time-(7am-4pm)
services.formhero.cloud/library/pickList/proofgov/demos/
600 B
2 KB
XHR
General
Full URL
https://services.formhero.cloud/library/pickList/proofgov/demos/access-time-(7am-4pm)
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
957e0a305a6697d530962c4093b0257951e76fde274b8636bf6f9aa0496558d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
X-Formhero-Token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTEsImV4cCI6MTYwNDAwNzc1MX0.LUEtKT6zwH4ikw-SKDDmjXwB3yCW7jqznMPlvHRJ9Hs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:42:33 GMT
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
600
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTMsImV4cCI6MTYwNDAwNzc1M30.fARRIx7DpXHgj29Vfa1tB2BoZquL1OMkBtOrEWvKhNo
server
nginx
x-frame-options
DENY
etag
W/"258-qBIlIRPwUJaw2N/8f1bt/Rh7Jj4"
access-control-max-age
600
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-expose-headers
X-FormHero-Token,x-formhero-token
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
98sRHz075vq_eWdK6LJtzTanFARuv1z_grDMIAKyDm4LdhX3LUVtfg==
IBMPlexSans-Medium-Latin1.woff2
media.formhero.com/font/sunlife/woff2/
17 KB
17 KB
Font
General
Full URL
https://media.formhero.com/font/sunlife/woff2/IBMPlexSans-Medium-Latin1.woff2
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0c8ebe383ce65c702e6a6032212b97205d58393e6e53db89cc3eb3670e8e684

Request headers

Origin
https://proofgov.formhero.cloud
Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 21:01:07 GMT
via
1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
81686
x-cache
Hit from cloudfront
status
200
content-length
17204
last-modified
Mon, 06 May 2019 15:15:05 GMT
server
AmazonS3
etag
"2e6cb42d1bba7ca92248677bc5835040"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
Avm9Ia_cJ2xJX5Vv8ghmR7Fux5vbh2EQ
access-control-allow-origin
*
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
vcG-MqDnsN91wRiZh4dgs-8mjg1O1LD9oq9nAD7616f0wUSPy9rajA==
IBMPlexSans-SemiBold-Latin1.woff2
media.formhero.com/font/sunlife/woff2/
17 KB
18 KB
Font
General
Full URL
https://media.formhero.com/font/sunlife/woff2/IBMPlexSans-SemiBold-Latin1.woff2
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d27a59267cd148520cc33d44b03e4da766767ad855bed77e800925b91cf7736a

Request headers

Origin
https://proofgov.formhero.cloud
Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 21:01:07 GMT
via
1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
81686
x-cache
Hit from cloudfront
status
200
content-length
17536
last-modified
Mon, 06 May 2019 15:15:05 GMT
server
AmazonS3
etag
"7c1cf7333abb8dded19c9e67b0c28eed"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
tRmTlP2UpEVg8ZCAVjd3dkW6.W7HrGB4
access-control-allow-origin
*
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
PSuY2BA01jvsAgDxe0gGF_cX98li0MmsZ6KncRanzGKcjH27fIRq8w==
IBMPlexSans-Text-Latin1.woff2
media.formhero.com/font/sunlife/woff2/
17 KB
17 KB
Font
General
Full URL
https://media.formhero.com/font/sunlife/woff2/IBMPlexSans-Text-Latin1.woff2
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66fc390e4e4dccd3f187ded473e678ee6cc4a92c1443dfd217aae3233144f0b1

Request headers

Origin
https://proofgov.formhero.cloud
Referer
https://proofgov.formhero.cloud/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 21:01:07 GMT
via
1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
81686
x-cache
Hit from cloudfront
status
200
content-length
17204
last-modified
Mon, 06 May 2019 15:15:05 GMT
server
AmazonS3
etag
"56d8e6bbd712c31c85f00fb1d5aea3c8"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
.oAfSg6JWeMpEWsroaZkNdMt1e4qIyj3
access-control-allow-origin
*
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
6EtMfweyuXJsbUgsbCzru8Yt1WHf8ymzVK_uyTLDn6TOcU1dmte3-Q==
user-path
services.formhero.cloud/submissions/ Frame
0
0
Other
General
Full URL
https://services.formhero.cloud/submissions/user-path
Protocol
H2
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-formhero-token
Origin
https://proofgov.formhero.cloud
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 29 Oct 2020 19:42:37 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
access-control-allow-headers
DNT,X-FormHero-Token,,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-expose-headers
X-FormHero-Token,x-formhero-token
x-frame-options
DENY
x-content-type-options
nosniff
x-cache
Miss from cloudfront
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
kqVdovsujHzJqFw5AzKKY-dWAZmO03JkKfZvthHErL-GMF60D3CKCA==
user-path
services.formhero.cloud/submissions/
49 B
2 KB
XHR
General
Full URL
https://services.formhero.cloud/submissions/user-path
Requested by
Host: proofgov.formhero.cloud
URL: https://proofgov.formhero.cloud/js/3rd-party.min-d62b6004.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
9ec2cc9ab2c38a8cd9a23a5f7cd00eecb23b2a3aab57450ca0ef52d9a5b2210d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://proofgov.formhero.cloud/
X-Formhero-Token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTMsImV4cCI6MTYwNDAwNzc1M30.fARRIx7DpXHgj29Vfa1tB2BoZquL1OMkBtOrEWvKhNo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 29 Oct 2020 19:42:38 GMT
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
ZAG50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
49
x-formhero-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmNjE2NTQ0Ni00MGU5LTQyYWUtOTExMi1jOTkxOWEwYmM1YjAiLCJnZW9JcCI6eyJpcEFkZHJlc3MiOiIxOTQuOTkuMTA1Ljk5IiwiY29udGluZW50Q29kZSI6IkVVIiwiY29udGluZW50TmFtZSI6IkV1cm9wZSIsImNvdW50cnlDb2RlIjoiUEwiLCJjb3VudHJ5TmFtZSI6IlBvbGFuZCIsImlzRXVNZW1iZXIiOnRydWUsImN1cnJlbmN5Q29kZSI6IlBMTiIsImN1cnJlbmN5TmFtZSI6Ilpsb3R5IiwicGhvbmVQcmVmaXgiOiI0OCIsImxhbmd1YWdlcyI6WyJwbCJdLCJzdGF0ZVByb3ZDb2RlIjoiMTQiLCJzdGF0ZVByb3YiOiJNYXpvdmlhIiwiZGlzdHJpY3QiOiJXYXJzemF3YSIsImNpdHkiOiJXYXJzYXciLCJnZW9uYW1lSWQiOjc1NjEzNSwibGF0aXR1ZGUiOjUyLjE1NTksImxvbmdpdHVkZSI6MjEuMDExNiwiZ210T2Zmc2V0IjoxLCJ0aW1lWm9uZSI6IkV1cm9wZS9XYXJzYXciLCJ3ZWF0aGVyQ29kZSI6IlBMWFgwMDI4IiwiYXNOdW1iZXIiOjkwMDksImFzTmFtZSI6Ik0yNDciLCJpc3AiOiJNMjQ3IEx0ZCIsInVzYWdlVHlwZSI6Imhvc3RpbmciLCJvcmdhbml6YXRpb24iOiJNMjQ3IEx0ZCIsImlzQ3Jhd2xlciI6ZmFsc2UsImlzUHJveHkiOnRydWUsInByb3h5VHlwZSI6InZwbiIsInRocmVhdExldmVsIjoibWVkaXVtIiwidGhyZWF0RGV0YWlscyI6WyJhbm9ueW1vdXMtcHJveHkiXX0sImN1cnJlbnRGb3JtIjp7Im9yZyI6InByb29mZ292IiwidGVhbSI6ImRlbW9zIiwic2x1ZyI6ImVjY2Mtb2ZmaWNlLWZvcm0ifSwibG9jYWxlIjoiZW4iLCJpYXQiOjE2MDQwMDA1NTgsImV4cCI6MTYwNDAwNzc1OH0.k5DUuqr5bCmF9i9AGXu9_dpWwQVIwmLrZ3CMXh4IFIM
server
nginx
x-frame-options
DENY
etag
W/"31-iqHhwt7iULW6YNAdhm08qozo8SA"
access-control-max-age
600
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,HEAD,PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://proofgov.formhero.cloud
access-control-expose-headers
X-FormHero-Token,x-formhero-token
access-control-allow-headers
DNT,X-FormHero-Token,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xtCou93SblaBRfZvHt-OG1dvcGRX08G_RM0narZDJ71_MtFfVYxrOg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canadian Government (Government)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery boolean| isIE11 object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| angular function| moment object| angular-file-upload object| loggingEnhancer function| i18n function| i18nConfig function| i18nGroup object| intlTelInputGlobals object| intlTelInputUtils function| fh string| lastEvent

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://formhero.com https://*.formhero.com https://*.formhero.cloud http://*.formhero.cloud http://formhero.cloud https://formhero.cloud https://governmentevolved.com https://*.governmentevolved.com http://governmentevolved.com http://*.governmentevolved.com https://go-evo.com https://*.go-evo.com http://go-evo.com http://*.go-evo.com http://*.proofgov.com https://*.proofgov.com https://proofgov.com https://*.getmaple.ca https://*.app.getmaple.ca https://getmaple.ca https://*.blankit.ca https://blankit.ca https://quizsoft.com http://quizsoft.com https://*.quizsoft.com http://*.quizsoft.com http://*.citco.com:* http://*.citco.com https://*.citco.com http://*.oztrekk.com https://*.oztrekk.com http://*.purple-agency.net https://*.purple-agency.net http://alliedworld.io.s3-website-ap-southeast-1.amazonaws.com https://alliedworldinsurance.io https://d23jdktb7gdkl8.cloudfront.net https://d3cymfebtacqxt.cloudfront.net http://eventpl-suntec.alliedworldinsurance.io https://eventpl-suntec.alliedworldinsurance.io https://professional-indemnity-uat.alliedworld.io https://reno360.alliedworldinsurance.io https://manulife.ca https://*.manulife.ca https://johnhancock.com https://*.johnhancock.com http://manulife.ca http://*.manulife.ca http://johnhancock.com http://*.johnhancock.com https://covid-assessment.ca https://covid19-assessment.ca https://*.oneeleven.com https://oneeleven.com https://*.local:* https://manulife.com https://*.manulife.com https://d3974369baxyjc.cloudfront.net https://gpa-uat.alliedworld.io https://*.alliedworldinsurance.io https://lcl.formhero.cloud/sk/ https://office-access-crpdev.dev.cbsa-asfc.cloud-nuage.canada.ca/ https://office-access-acces-bureau.cbsa-asfc.cloud-nuage.canada.ca/
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-libraries.formhero.cloud
eccc-office.proofgov.com
fonts.googleapis.com
fonts.gstatic.com
media.formhero.com
proofgov.formhero.cloud
services.formhero.cloud
www.canada.ca
2600:9000:20d7:fe00:d:b813:c700:93a1
2a00:1450:4001:815::2013
2a00:1450:4001:818::2003
2a00:1450:4001:818::200a
2a00:1450:4001:81f::200a
2a02:26f0:f1:29b::fe9
65.9.190.31
65.9.190.37
65.9.190.60
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
13802a17074766a8e07244bfc2bf48bb3d4930faa3bbcf0fafea10004a813b2f
1a9aef4cdc3ed2459b3f021eb22ad6212b672ef296e9027d48e4c5ca3ce468a7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
321cf2424c81c90db22cc24f735021ee0789be30cebdacbbb53a9c8b2e131fd9
41a9b7df7979c8dfa883da9442694e47841ae3907758b8c7c7c76ce889314207
4c5e81ca084c1411f3040030b197826428b7dbd56ecd5e2a34617fe300961a22
55650facaeba95b6e16c31dfd749428f757cc26ad98ed84b35bb65ff0ae314bc
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
66fc390e4e4dccd3f187ded473e678ee6cc4a92c1443dfd217aae3233144f0b1
73861c6c5d56678404ffee7eab3f8f54d84ee22d1036525bdd6a0621cd5c57d5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
957e0a305a6697d530962c4093b0257951e76fde274b8636bf6f9aa0496558d9
9ec2cc9ab2c38a8cd9a23a5f7cd00eecb23b2a3aab57450ca0ef52d9a5b2210d
b1971a13c5f3f2d96749de1e702657c29abe5e03592907194ae4f340fbd4106c
b44a4588a0ba8fde4f2301ac2e5bc82f79f2fc17d5d0db75ae980a93298761e8
b78387847d12cf2680eaf694ee5179860fdd579dbb21e1f3862f6fb6fbd03414
b9832c361870ace2692eba6b30c7f7b52c77af67074870c6f965b78e8c4e503a
bdd6c9be5f6c8df413940bb4336b6debb8bf4a5459bf10ba8fd1ba61a1c63115
d27a59267cd148520cc33d44b03e4da766767ad855bed77e800925b91cf7736a
d74ffab5b05671b41d2ac4f60ba10b62201b619228b042dd939746bdb2aee788
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
e0c8ebe383ce65c702e6a6032212b97205d58393e6e53db89cc3eb3670e8e684
fb7850f00022d72ada7edccef035e97deb2a290707fbcba4f49734e294686df7