www.xcloud.sh Open in urlscan Pro
2a05:d014:275:cb01:1f85:932b:b797:22f9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.xcloud.sh/	643 B 831 B	404ms 157ms	Document text/html	2a05:d014:275:cb01:1f85:932b:b797:22f9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.xcloud.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d014:275:cb01:1f85:932b:b797:22f9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 18ef192df586debfc44cb0ddda889ce729b4112b5bd160c265cee2c3dcef14f4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 cache-control public, max-age=0, must-revalidate content-length 643 content-type text/html; charset=UTF-8 date Wed, 19 Oct 2022 18:59:50 GMT etag "7ed8ed26114e11231222e6318a8e20be-ssl" server Netlify strict-transport-security max-age=31536000 x-nf-request-id 01GFRSVF647QFTA4P8JFG9CZKA
GET H2	200	embed.js Show response embed.typeform.com/next/	42 KB 11 KB	165ms 40ms	Script application/x-javascript	2600:9000:214f:a600:2:c605:29c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed.typeform.com/next/embed.js Requested by Host: www.xcloud.sh URL: https://www.xcloud.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:a600:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c78ff01ebefe34be0d731961df424b59d118548fb1b7bfa8ad0fec2972b54fee Request headers accept-language de-DE,de;q=0.9 Referer https://www.xcloud.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id gwVFRXGRj.gzC.u.8Z1ubzCobIxG1J5d content-encoding gzip via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) date Wed, 19 Oct 2022 18:55:51 GMT last-modified Mon, 10 Oct 2022 14:45:39 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 240 etag W/"3814032b052d02cb65fef574806bfb01" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript alt-svc h3=":443"; ma=86400 x-amz-cf-id I9raFxo6GNC_lEY2BCZmYUsYDOUh4gdgfeh8A_1h_lABkSCkPZ-7NQ==
GET H2	200	widget.css embed.typeform.com/next/css/	977 B 1 KB	52ms 52ms	Stylesheet text/css	2600:9000:214f:a600:2:c605:29c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed.typeform.com/next/css/widget.css Requested by Host: embed.typeform.com URL: https://embed.typeform.com/next/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:a600:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8285dd392dcedd54465398dca90de208fc8f9bffbc3854a93a6b4b7a34d62ef0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.xcloud.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id btCRrV.OU.P1fcX_WjiTTk8L8CpFIfbW date Wed, 19 Oct 2022 18:58:11 GMT via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) last-modified Mon, 10 Oct 2022 14:45:39 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 123 etag "cd32c7ab0380852fc216740a524f2524" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 977 x-amz-cf-id iOVqXGU06M060W0vpAR9BJXuoGhG939FfzJAYMsjYmNSjfecEtDcig==
GET H2	200	ZUVcqP3e Show response form.typeform.com/to/ Frame 6946	115 KB 39 KB	501ms 403ms	Document text/html	104.18.41.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next Requested by Host: embed.typeform.com URL: https://embed.typeform.com/next/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / 7302-6.19.8 Resource Hash a2ff1f16a645e38e928e85a6da2cef412cce962668bb8b12c2a13794523bf955 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.xcloud.sh/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers X-Typeform-Key, Content-Type, Authorization, Typeform-Version access-control-allow-methods GET, OPTIONS, POST, PUT, PATCH, DELETE access-control-expose-headers Location, X-Request-Id age 0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 75cbc0d0baca92ba-FRA content-encoding gzip content-security-policy-report-only report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https: content-type text/html; charset=utf-8 date Wed, 19 Oct 2022 18:59:50 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph8LJASySRtnd4J7uB0eh8aHFFqLfJEwyXIQq4aJZP0tKkWXOnRhZtEF31kJaqqRp3NNItynTPUjEM3HF6B1t5TUkmxIJwgz8vtiLKHtiemeZ2yIQ5RG2ONloz7nWKkN%2FH9g"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-cache MISS x-cache-lookup HIT x-envoy-upstream-service-time 131 x-powered-by 7302-6.19.8 x-varnish 57160926
GET H2	200	index.css font.typeform.com/dist/google/karla/ Frame 6946	1 KB 769 B	219ms 45ms	Stylesheet text/css	2600:9000:2304:f400:9:b3c8:b180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://font.typeform.com/dist/google/karla/index.css Requested by Host: form.typeform.com URL: https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:f400:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3b7159665d46932ea05eeb92e0973a5b629050e6b896f7535c5048e46ce7cf5f Request headers accept-language de-DE,de;q=0.9 Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id 4FZVvbPlgSG5PUEOWewtwaAnyNCVPDma content-encoding gzip via 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront) date Mon, 17 Oct 2022 20:23:57 GMT x-amz-cf-pop VIE50-P1 age 167755 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Fri, 08 Jul 2022 07:39:50 GMT server AmazonS3 etag W/"04f4e733e7bee3187fbea23840392dee" vary Accept-Encoding content-type text/css cache-control max-age=432000 x-amz-cf-id JzNPBBlysAM6QRgdQtdwNgO_-Nwht4K92FRRbCaL3R12U62tiHk8MA==
GET H2	200	default images.typeform.com/images/kHjcawEHTb5d/image/ Frame 6946	52 KB 52 KB	881ms 718ms	Image image/jpeg	2600:9000:214f:e000:8:2495:5540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.typeform.com/images/kHjcawEHTb5d/image/default Requested by Host: form.typeform.com URL: https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:e000:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4c576346c7d300d7c13987d9a3912b542734ae233290294947f82ae1ab5c45fd Security Headers Name Value Content-Security-Policy script-src 'self' Request headers accept-language de-DE,de;q=0.9 Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 18:59:51 GMT content-security-policy script-src 'self' via 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront), 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2, FRA53-C1 x-amzn-requestid 187121ab-7e1b-4dac-8f9f-6f847d97b71c x-amzn-trace-id Root=1-63504927-2bf599316ff1d9ff4b487094;Sampled=0 x-cache Miss from cloudfront content-type image/jpeg access-control-allow-origin * cache-control max-age=1296000 x-amz-apigw-id aRBeLHTuIAMFxqw= content-length 52877 x-amz-cf-id KomNDHDxf2X54Dx_r7qbUeqLpyltMHlD8h_VQ0BUY9Kzeg9BxQ18-g==
GET H2	200	modern-renderer.eb232d7b43819e28bedf.js Show response renderer-assets.typeform.com/ Frame 6946	730 KB 211 KB	178ms 43ms	Script application/x-javascript	2600:9000:214f:ea00:4:f6ce:61c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://renderer-assets.typeform.com/modern-renderer.eb232d7b43819e28bedf.js Requested by Host: form.typeform.com URL: https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:ea00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c0a94d8e1cc520948c21f119dd4ace36194ff5ca1bd3f85de977846a76f5336e Request headers Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next Origin https://form.typeform.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 09:56:44 GMT x-amz-version-id whWHenQHcdnTOH2lS4RJDQbh4XbgDe1d content-encoding gzip via 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 32587 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 19 Oct 2022 08:47:17 GMT server AmazonS3 etag W/"93e6d7f20af4dc39ccb9e12d09daa2b7" access-control-max-age 3000 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method cache-control max-age=2419200 x-amz-cf-id zczqYqNG3fdiRLtzmOMmEU9Eqtl5w7MX91dGI5jiOZLMOJIpP199TA==
GET H3	200	invisible.js Show response form.typeform.com/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame AB84	40 KB 17 KB	100ms 57ms	Script application/javascript	104.18.41.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.typeform.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=75cbc0d0baca92ba Requested by Host: www.xcloud.sh URL: https://www.xcloud.sh/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26f46ef2b1bee32ef0593f401b84d261758f06468120a0db800276347315b2f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 18:59:51 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqShFaT2EcZ98yZiyzHAQcQz%2F9jcXt%2B4Sg57jOrcT9LWU42nbl4gKVsd9cQYLE6JIIqQLN725EOx0s%2BgGjwqtiZey05KG%2FvZEHdk2kdXBK2%2Bao3Uz%2BW6AAlvlAijpCWmvB60"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 75cbc0d55aa59be6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pica.js form.typeform.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame AB84	20 KB 9 KB	51ms 50ms	Other application/javascript	104.18.41.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.typeform.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js Requested by Host: form.typeform.com URL: https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95d241a71f5b879e6cc3b9f8158cd797d9bf97b590bb0c074965f6018ac39592 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 18:59:51 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tFNN58GrcvvBsnkMV0hBN3rdGjuX6si2%2FWRUl6fyw1S0Tv2YUDE0Kip8YWR4DHmHce%2FRCRgfYIBeZPjmxvR7j%2BaQRCC5z%2F6V4ktXdd5XJaLdZFRo2L2al6Xjcsc90AN7pP5"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 75cbc0d61c0f9be6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.4af84cc3a887409f368b.renderer.js Show response renderer-assets.typeform.com/ Frame 6946	107 KB 28 KB	82ms 40ms	Script application/x-javascript	2600:9000:214f:ea00:4:f6ce:61c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://renderer-assets.typeform.com/vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.4af84cc3a887409f368b.renderer.js Requested by Host: renderer-assets.typeform.com URL: https://renderer-assets.typeform.com/modern-renderer.eb232d7b43819e28bedf.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:214f:ea00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6098a67494897d4f4ba399b4b5fa6aca0bdc2c07de27e50c134ffa1d1609824e Request headers accept-language de-DE,de;q=0.9 Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id 2S94IRKeDagHiidGpClbmMqYa0jCU6cT content-encoding gzip via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) date Wed, 19 Oct 2022 02:13:44 GMT age 60400 x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Mon, 17 Oct 2022 12:26:55 GMT server AmazonS3 etag W/"1fbe947b50778cdfe013a9a20a4bcba1" access-control-max-age 3000 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control max-age=2419200 vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id SJv0BwzxdrvMvy5VjTYyWjMRfbMh5Vq_08A0xH3bma7ywge_uRPvBA==
GET H3	200	vendors~form~attachment.975c6b5003f448ee5e73.renderer.js Show response renderer-assets.typeform.com/ Frame 6946	11 KB 5 KB	82ms 40ms	Script application/x-javascript	2600:9000:214f:ea00:4:f6ce:61c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://renderer-assets.typeform.com/vendors~form~attachment.975c6b5003f448ee5e73.renderer.js Requested by Host: renderer-assets.typeform.com URL: https://renderer-assets.typeform.com/modern-renderer.eb232d7b43819e28bedf.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:214f:ea00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8cf00495faea58c57fa203f8bdee57a026d9273870ac043177f90173cf573622 Request headers accept-language de-DE,de;q=0.9 Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id dmETRn77Q1rN5Kq4qOMfhAyfE58qIdiX content-encoding gzip via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) date Wed, 19 Oct 2022 00:56:06 GMT age 65066 x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Fri, 14 Oct 2022 10:51:41 GMT server AmazonS3 etag W/"e5dc27584f3657afa32048fec8513444" access-control-max-age 3000 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control max-age=2419200 vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id T0WkbkqQ0w-FQWW6iCoYhEGZiBm6lWPJ2i1xBgvVesGlqgMDcluozw==
GET H3	200	vendors~form.7c17dbcb908ecdec702d.renderer.js renderer-assets.typeform.com/ Frame 6946	108 KB 0	88ms 46ms	Script application/x-javascript	2600:9000:214f:ea00:4:f6ce:61c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://renderer-assets.typeform.com/vendors~form.7c17dbcb908ecdec702d.renderer.js Requested by Host: renderer-assets.typeform.com URL: https://renderer-assets.typeform.com/modern-renderer.eb232d7b43819e28bedf.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:214f:ea00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 06:42:35 GMT x-amz-version-id 27u_sodSZMXBI0dvobv2eXM4YpD_tVOA content-encoding gzip via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) age 44237 x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 18 Oct 2022 16:41:48 GMT server AmazonS3 etag W/"ed1a249d20f566d6c7ee501e926026bc" access-control-max-age 3000 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control max-age=2419200 vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id 6GhwTeJh0ZYRS01rM_f6buVuAycy2EtLZy2j4fUtaULi2UueCVGdzQ==
GET H3	200	form.e7fcd81d054afd2af66c.renderer.js renderer-assets.typeform.com/ Frame 6946	132 KB 0	87ms 45ms	Script application/x-javascript	2600:9000:214f:ea00:4:f6ce:61c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://renderer-assets.typeform.com/form.e7fcd81d054afd2af66c.renderer.js Requested by Host: renderer-assets.typeform.com URL: https://renderer-assets.typeform.com/modern-renderer.eb232d7b43819e28bedf.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:214f:ea00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id LsanOIbzRvFgwC8iz.NvAATu6HIia2rq content-encoding gzip via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) date Wed, 19 Oct 2022 07:46:15 GMT age 40417 x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Fri, 14 Oct 2022 10:51:41 GMT server AmazonS3 etag W/"1688a6fb1aa9a2942a3c1967ba3c2f00" access-control-max-age 3000 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control max-age=2419200 vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id 3bd52UskKD1TKVNRG4cmo5vZOtWeZ39fsQja_W7r8-bEqtAGCbMQAA==
GET		default-firstframe.png images.typeform.com/images/kHjcawEHTb5d/image/ Frame 6946	0 0
GET H3	200	karla-latin-400-normal.woff2 font.typeform.com/dist/google/karla/files/ Frame 6946	11 KB 11 KB	95ms 46ms	Font binary/octet-stream	2600:9000:2304:f400:9:b3c8:b180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://font.typeform.com/dist/google/karla/files/karla-latin-400-normal.woff2 Requested by Host: font.typeform.com URL: https://font.typeform.com/dist/google/karla/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2304:f400:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308 Request headers Referer https://font.typeform.com/dist/google/karla/index.css Origin https://form.typeform.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id 0TEvOA8358ypfCT4suG5GHWdgbxtAir_ date Sat, 15 Oct 2022 20:41:25 GMT via 1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront) age 339765 x-amz-cf-pop VIE50-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 11164 last-modified Fri, 08 Jul 2022 07:39:50 GMT server AmazonS3 etag "a39d02de7fc9a51de5f84315371879cb" access-control-max-age 0 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=432000 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id -XbVtN-R9Z_fsm7C0H3OwuuMybWZ48eHlVGw1Ms3DjhfSJ6SlhvMFw==
GET H3	200	karla-latin-700-normal.woff2 font.typeform.com/dist/google/karla/files/ Frame 6946	11 KB 11 KB	96ms 47ms	Font binary/octet-stream	2600:9000:2304:f400:9:b3c8:b180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://font.typeform.com/dist/google/karla/files/karla-latin-700-normal.woff2 Requested by Host: font.typeform.com URL: https://font.typeform.com/dist/google/karla/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2304:f400:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1c55552edfd589deb62fb821b4c32d8c5c636ed6332f5e8e54731b8822386275 Request headers Referer https://font.typeform.com/dist/google/karla/index.css Origin https://form.typeform.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id MVjliOk9XEZE7lcUKkDto68CxFNjFEkP date Mon, 17 Oct 2022 00:11:24 GMT via 1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront) age 240508 x-amz-cf-pop VIE50-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 11292 last-modified Fri, 08 Jul 2022 07:39:50 GMT server AmazonS3 etag "da7197b1bec19430237ff948b99bdafa" access-control-max-age 0 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=432000 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id nKxqyc0qTEA7DdwNyumxPQYXRO5345CZB0Q1V4lyFOxP8rB2d_N0Hg==
GET		large images.typeform.com/images/kHjcawEHTb5d/background/ Frame 6946	0 0
GET DATA	200 OK	truncated / Frame 6946	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/png
GET H2	200	large images.typeform.com/images/kHjcawEHTb5d/background/ Frame 6946	52 KB 52 KB	360ms 360ms	Image image/jpeg	2600:9000:214f:e000:8:2495:5540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.typeform.com/images/kHjcawEHTb5d/background/large Requested by Host: form.typeform.com URL: https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:e000:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4c576346c7d300d7c13987d9a3912b542734ae233290294947f82ae1ab5c45fd Security Headers Name Value Content-Security-Policy script-src 'self' Request headers accept-language de-DE,de;q=0.9 Referer https://form.typeform.com/to/ZUVcqP3e?typeform-embed-id=6561267128165085&typeform-embed=embed-widget&typeform-source=xcloud.sh&typeform-medium=snippet&typeform-medium-version=next User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 19 Oct 2022 18:59:51 GMT content-security-policy script-src 'self' via 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront), 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7, FRA53-C1 x-amzn-requestid dc7dad64-7005-4f73-815d-7541ecef5a17 x-amzn-trace-id Root=1-63504927-0bf76fdb57acd1446439f098;Sampled=0 x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin * cache-control max-age=1296000 x-amz-apigw-id aRBeOEuZoAMFgXw= content-length 52877 x-amz-cf-id FoWFPy_6v2HdOJ_r-J7JgJsZSTSxasFypRuC_HKOq4Xv3ptjiEFFDA==
POST H3	200	75cbc0d0baca92ba Show response form.typeform.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame AB84	2 B 731 B	64ms 64ms	XHR text/plain	104.18.41.163 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://form.typeform.com/cdn-cgi/challenge-platform/h/b/cv/result/75cbc0d0baca92ba Requested by Host: form.typeform.com URL: https://form.typeform.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=75cbc0d0baca92ba Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.41.163 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type application/json Response headers date Wed, 19 Oct 2022 18:59:51 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNqXIEnWIApE2cE94NtuTA%2Fd8Uf1djHnr2hIiNrfOl4E528lQYimAlo2tY9WKUA%2FJhJ2x9pZvtFCv7QoVNDi0%2BnRqR%2BOPhR9SQbQbpThL70kjo8%2ByhVO%2BYFP1s5jdznxLqac"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 75cbc0d95b309be6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

images.typeform.com

URL

https://images.typeform.com/images/kHjcawEHTb5d/image/default-firstframe.png

Domain

images.typeform.com

URL

https://images.typeform.com/images/kHjcawEHTb5d/background/large

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| tf

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			form.typeform.com/	1970-01-20 07:00:10	Name: AWSALBTGCORS Value: NT3Z35f9HvndW/XdXtW/UfBtXtU7ALVQzJj6M5lgXLf9/mffExVA70LEB2YNbfuN6yWAt0hH5v78xmhQ6yKRNslsWOG1+8VN9C8SNEhpZxQZy7/hSek3OgCJKGZtVeprOoC5qmiIv7YXgI8HPNHL+D29Cjw+WSfX+TRK4o965kn4
			.typeform.com/	1970-01-20 06:50:07	Name: __cf_bm Value: 0EEqJDecZmyPCZcNojnkpfKpz2qkwUhWmW2B5YuE3xM-1666205991-0-AS4gvXE9LabpBjfGol0V5B61qR7ECItQeNl8CcoCm8xwXVrY6DTBvGx7ouf+05sdhC7likMoj1plJuwOKk1pncvD5yICT+baM9e1W0t3aeECQ5+5qLXPd8jz+CtT7XEGZieB40+ZEilBkm83xsqQ53hOs/2z9+u9sWhUojtFvhYJ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

embed.typeform.com
font.typeform.com
form.typeform.com
images.typeform.com
renderer-assets.typeform.com
www.xcloud.sh
images.typeform.com
104.18.41.163
2600:9000:214f:a600:2:c605:29c0:93a1
2600:9000:214f:e000:8:2495:5540:93a1
2600:9000:214f:ea00:4:f6ce:61c0:93a1
2600:9000:2304:f400:9:b3c8:b180:93a1
2a05:d014:275:cb01:1f85:932b:b797:22f9
18ef192df586debfc44cb0ddda889ce729b4112b5bd160c265cee2c3dcef14f4
1c55552edfd589deb62fb821b4c32d8c5c636ed6332f5e8e54731b8822386275
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26f46ef2b1bee32ef0593f401b84d261758f06468120a0db800276347315b2f3
3b7159665d46932ea05eeb92e0973a5b629050e6b896f7535c5048e46ce7cf5f
4c576346c7d300d7c13987d9a3912b542734ae233290294947f82ae1ab5c45fd
6098a67494897d4f4ba399b4b5fa6aca0bdc2c07de27e50c134ffa1d1609824e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
8285dd392dcedd54465398dca90de208fc8f9bffbc3854a93a6b4b7a34d62ef0
8cf00495faea58c57fa203f8bdee57a026d9273870ac043177f90173cf573622
95d241a71f5b879e6cc3b9f8158cd797d9bf97b590bb0c074965f6018ac39592
a2ff1f16a645e38e928e85a6da2cef412cce962668bb8b12c2a13794523bf955
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308
c0a94d8e1cc520948c21f119dd4ace36194ff5ca1bd3f85de977846a76f5336e
c78ff01ebefe34be0d731961df424b59d118548fb1b7bfa8ad0fec2972b54fee