URL: https://billgossmedia.com/
Submission: On April 08 via automatic, source certstream-suspicious — Scanned from GB

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 45 HTTP transactions. The main IP is 35.214.7.120, located in London, United Kingdom and belongs to GOOGLE, US. The main domain is billgossmedia.com.
TLS certificate: Issued by R3 on April 8th 2022. Valid for: 3 months.
This is the only time billgossmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 35.214.7.120 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:201... 16509 (AMAZON-02)
4 104.18.27.71 13335 (CLOUDFLAR...)
1 2600:9000:214... 16509 (AMAZON-02)
4 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 18.233.77.232 14618 (AMAZON-AES)
4 44.197.57.73 14618 (AMAZON-AES)
1 151.101.2.137 54113 (FASTLY)
1 162.247.242.19 23467 (NEWRELIC-...)
45 12
Apex Domain
Subdomains
Transfer
16 typeform.com
embed.typeform.com — Cisco Umbrella Rank: 29750
form.typeform.com — Cisco Umbrella Rank: 64402
images.typeform.com — Cisco Umbrella Rank: 49899
renderer-assets.typeform.com — Cisco Umbrella Rank: 43194
rudderstack-control-plane.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 44140
rudderstack.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 42772
1 MB
16 billgossmedia.com
billgossmedia.com
337 KB
9 gstatic.com
fonts.gstatic.com
201 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 644
322 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 380
10 KB
1 rudderlabs.com
cdn.rudderlabs.com — Cisco Umbrella Rank: 17012
110 KB
45 6
Domain Requested by
16 billgossmedia.com billgossmedia.com
9 fonts.gstatic.com billgossmedia.com
4 rudderstack.cdp.prod.data.typeform.com form.typeform.com
4 renderer-assets.typeform.com form.typeform.com
renderer-assets.typeform.com
4 form.typeform.com embed.typeform.com
form.typeform.com
renderer-assets.typeform.com
2 rudderstack-control-plane.cdp.prod.data.typeform.com form.typeform.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com form.typeform.com
1 cdn.rudderlabs.com renderer-assets.typeform.com
1 images.typeform.com form.typeform.com
1 embed.typeform.com billgossmedia.com
45 11

This site contains links to these domains. Also see Links.

Domain
calendly.com
admin.typeform.com
www.optimizepress.com
Subject Issuer Validity Valid
*.billgossmedia.com
R3
2022-04-08 -
2022-07-07
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-21 -
2022-06-13
3 months crt.sh
*.typeform.com
Amazon
2021-10-31 -
2022-11-28
a year crt.sh
typeform.com
Cloudflare Inc ECC CA-3
2022-03-03 -
2023-03-02
a year crt.sh
*.rudderlabs.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
cdp.prod.data.typeform.com
Amazon
2022-02-01 -
2023-03-02
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-10-06 -
2022-11-07
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh

This page contains 2 frames:

Primary Page: https://billgossmedia.com/
Frame ID: A21CC4EF03878156567C8F82C05988AD
Requests: 26 HTTP requests in this frame

Frame: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Frame ID: 27B3A7FBABDED78A813928B95A3CEB05
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

home - Bill Goss Media | Marketing and Branding

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

45 %
IPv6

6
Domains

11
Subdomains

12
IPs

4
Countries

1888 kB
Transfer

3922 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
billgossmedia.com/
178 KB
15 KB
Document
General
Full URL
https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
20de5ffada5dcd5addd78e0c9ccfd49e1e4068cb040fa5f6b7e17d77a4aab55f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 08 Apr 2022 18:33:16 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://billgossmedia.com/wp-json/>; rel="https://api.w.org/", <https://billgossmedia.com/wp-json/wp/v2/pages/27>; rel="alternate"; type="application/json", <https://billgossmedia.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-httpd
1
x-proxy-cache
HIT
frontend.min.css
billgossmedia.com/wp-content/plugins/op-urgency-3/assets/css/
9 KB
1 KB
Stylesheet
General
Full URL
https://billgossmedia.com/wp-content/plugins/op-urgency-3/assets/css/frontend.min.css?ver=5.9.3
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ebc93aa48860ace0b0b45bd0b930a1fa77750dc56d54fa0fa1789d254c7da76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 09:55:01 GMT
server
nginx
etag
W/"5f02f4f5-2347"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sat, 08 Apr 2023 18:33:16 GMT
op3-frontend-stylesheet.min.css
billgossmedia.com/wp-content/plugins/op-builder/public/assets/cache/
190 KB
16 KB
Stylesheet
General
Full URL
https://billgossmedia.com/wp-content/plugins/op-builder/public/assets/cache/op3-frontend-stylesheet.min.css?ver=d88eaede32308247054cad2acbfe9681
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
831128298d9dd128123761209f273b563e2561c3c946200ac3abedfbf178d4ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
last-modified
Thu, 07 Apr 2022 01:45:05 GMT
server
nginx
etag
W/"624e4221-2f92a"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sat, 08 Apr 2023 18:33:16 GMT
jquery.min.js
billgossmedia.com/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://billgossmedia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
last-modified
Sun, 25 Jul 2021 04:53:20 GMT
server
nginx
etag
W/"60fcee40-15db1"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sat, 08 Apr 2023 18:33:16 GMT
jquery-migrate.min.js
billgossmedia.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://billgossmedia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
last-modified
Fri, 11 Dec 2020 17:43:55 GMT
server
nginx
etag
W/"5fd3afdb-2bd8"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sat, 08 Apr 2023 18:33:16 GMT
frontend.min.js
billgossmedia.com/wp-content/plugins/op-urgency-3/assets/js/
3 KB
1 KB
Script
General
Full URL
https://billgossmedia.com/wp-content/plugins/op-urgency-3/assets/js/frontend.min.js
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9b9f2f51f7f542f38c230524f2c5aeb0cc2bbd800c0e983f2ac07a6d329a5494

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 09:55:01 GMT
server
nginx
etag
W/"5f02f4f5-c6a"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sat, 08 Apr 2023 18:33:16 GMT
blk-the-guardian-new-2018.png
billgossmedia.com/wp-content/uploads/2021/03/
2 KB
2 KB
Image
General
Full URL
https://billgossmedia.com/wp-content/uploads/2021/03/blk-the-guardian-new-2018.png
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c252dad3bc13487687d5ecddd154d5bf6890577776eaafe43e10c55bcbc7c7d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
last-modified
Mon, 22 Mar 2021 10:32:49 GMT
server
nginx
etag
"60587251-84e"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
2126
expires
Sat, 08 Apr 2023 18:33:16 GMT
blk-bloomberg-business.png
billgossmedia.com/wp-content/uploads/2021/03/
2 KB
2 KB
Image
General
Full URL
https://billgossmedia.com/wp-content/uploads/2021/03/blk-bloomberg-business.png
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6081dd327f5eb09ccf22061b3ec541d7c96f9eac76821a0bd7eca6fcbfbd9da7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
last-modified
Mon, 22 Mar 2021 10:32:49 GMT
server
nginx
etag
"60587251-8c0"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
2240
expires
Sat, 08 Apr 2023 18:33:16 GMT
blk-cnn-logo.png
billgossmedia.com/wp-content/uploads/2021/03/
2 KB
3 KB
Image
General
Full URL
https://billgossmedia.com/wp-content/uploads/2021/03/blk-cnn-logo.png
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
332a021c25466898158cf3ded8b0062d87c9a69bc6b04649daa5c5cde75dd0ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
last-modified
Mon, 22 Mar 2021 10:32:49 GMT
server
nginx
etag
"60587251-952"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
2386
expires
Sat, 08 Apr 2023 18:33:16 GMT
blk-huffpost.png
billgossmedia.com/wp-content/uploads/2021/03/
2 KB
2 KB
Image
General
Full URL
https://billgossmedia.com/wp-content/uploads/2021/03/blk-huffpost.png
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7551d3a0845d7712c56137869e8cb26df5bed118fb4ca06c3016587cfd36a214

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
last-modified
Mon, 22 Mar 2021 10:32:50 GMT
server
nginx
etag
"60587252-818"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
2072
expires
Sat, 08 Apr 2023 18:33:16 GMT
blk-bbc-2.png
billgossmedia.com/wp-content/uploads/2021/03/
1012 B
1 KB
Image
General
Full URL
https://billgossmedia.com/wp-content/uploads/2021/03/blk-bbc-2.png
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d11da9396697f7532403c0c58c013699b0f0e4ef83c29e89b887a5618aa8775b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
last-modified
Mon, 22 Mar 2021 10:32:50 GMT
server
nginx
etag
"60587252-3f4"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1012
expires
Sat, 08 Apr 2023 18:33:16 GMT
op3-frontend-scripts.min.js
billgossmedia.com/wp-content/uploads/siteground-optimizer-assets/
39 KB
11 KB
Script
General
Full URL
https://billgossmedia.com/wp-content/uploads/siteground-optimizer-assets/op3-frontend-scripts.min.js
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
64f7367a4fc8be1fca6720e56a8c7cdfb16d347998412f4618242fb2ed0f3c5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
last-modified
Thu, 07 Apr 2022 01:45:05 GMT
server
nginx
etag
W/"624e4221-9a38"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sat, 08 Apr 2023 18:33:16 GMT
op3badge.svg
billgossmedia.com/wp-content/plugins/op-builder/public/assets/img/
12 KB
5 KB
Image
General
Full URL
https://billgossmedia.com/wp-content/plugins/op-builder/public/assets/img/op3badge.svg
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7bc0cd12f9adecd06dc878cfcd84324fc064ff1cbea7ce7094e0dfc79c0b7ac2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
last-modified
Sat, 15 May 2021 15:07:59 GMT
server
nginx
etag
W/"609fe3cf-31ae"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
image/svg+xml
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sat, 08 Apr 2023 18:33:16 GMT
sarah-laptop.jpg
billgossmedia.com/wp-content/uploads/2020/07/
38 KB
38 KB
Image
General
Full URL
https://billgossmedia.com/wp-content/uploads/2020/07/sarah-laptop.jpg
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/wp-content/plugins/op-builder/public/assets/cache/op3-frontend-stylesheet.min.css?ver=d88eaede32308247054cad2acbfe9681
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b8bcf31190b4fa2ad5bc41acc1cb291d30d0e3dd9175baf0178885f4d057a32

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/wp-content/plugins/op-builder/public/assets/cache/op3-frontend-stylesheet.min.css?ver=d88eaede32308247054cad2acbfe9681
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
last-modified
Mon, 06 Jul 2020 10:54:12 GMT
server
nginx
etag
"5f0302d4-9646"
x-proxy-cache-info
DT:1
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
38470
expires
Sat, 08 Apr 2023 18:33:16 GMT
op3-icons.woff2
billgossmedia.com/wp-content/plugins/op-builder/public/assets/fonts/
203 KB
204 KB
Font
General
Full URL
https://billgossmedia.com/wp-content/plugins/op-builder/public/assets/fonts/op3-icons.woff2?ver=1620142323
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/wp-content/plugins/op-builder/public/assets/cache/op3-frontend-stylesheet.min.css?ver=d88eaede32308247054cad2acbfe9681
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e2445c30ce65c23039646fa20c3e3c14746828d72f93235a9bf835197536e3c

Request headers

Referer
https://billgossmedia.com/wp-content/plugins/op-builder/public/assets/cache/op3-frontend-stylesheet.min.css?ver=d88eaede32308247054cad2acbfe9681
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
last-modified
Sat, 15 May 2021 15:07:59 GMT
server
nginx
etag
"609fe3cf-32d24"
x-proxy-cache-info
DT:1
content-type
font/woff2
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
208164
expires
Sat, 08 Apr 2023 18:33:16 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFscQ.ttf
fonts.gstatic.com/s/ibmplexsans/v13/
50 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFscQ.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20a65e21c175720750063563d3a24cfb89163fa17763748c10fc415d109dd96f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 22:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25393
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Apr 2023 22:59:07 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/
31 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aX8.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5fbfba65b9d9a703abd0652fad870384872ebc73b17fc3a5792218a79421e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 20:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16422
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Apr 2023 20:49:00 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/
31 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a61ffb707f72b8e87e07f8a4b5b02db104d2159887152da3c5a0839d42f0d1d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 08:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16259
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Apr 2023 08:23:14 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
052100850031cdb3f57d4b55c928e365affbbb35b08ad2fc58a32103187d6e64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:49:41 GMT
x-content-type-options
nosniff
age
265415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31428
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 16:49:41 GMT
embed.js
embed.typeform.com/
166 KB
54 KB
Script
General
Full URL
https://embed.typeform.com/embed.js
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:400:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://billgossmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:32:28 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 12:13:14 GMT
server
AmazonS3
age
49
etag
W/"33702e05c8b925fd7fdba3817fd31af9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
FN4XPO1S7-25hYcvLeeqdNX0-ojznqGM9-NgUFq8j_Kno9GL-G6N_A==
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFscQ.ttf
fonts.gstatic.com/s/ibmplexsans/v13/
50 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFscQ.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a02f7daa8a7246db3dec0e30f10ce56aa2da4b32e93955be89eb43e551e4efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 00:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25031
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Apr 2023 00:15:25 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/
31 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2e48f0e886d558b5e21a188827c75647a19ecf348a72bfcf24b792d0e104e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 16:49:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16517
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 16:49:42 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeEA.ttf
fonts.gstatic.com/s/ibmplexsans/v13/
50 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYXgKVElMYYaJe8bpLHnCwDKhdHeEA.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
317a6ecd3d961d4ec11e8936372bae66818b3ef4366caea2bd1cb3c0123b9385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 23:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23846
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 23:46:37 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFscQ.ttf
fonts.gstatic.com/s/ibmplexsans/v13/
50 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFscQ.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64ec42937e25f64567c1e3e3e23977544cad36552ec7638d6ab49b1dcd93adb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 00:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24149
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:00:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Apr 2023 00:16:59 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFscQ.ttf
fonts.gstatic.com/s/ibmplexsans/v13/
51 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFscQ.ttf
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2164a4fedd3e78739032a2919f0750dedb23bf630e165979b226077d026f0b44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://billgossmedia.com/
Origin
https://billgossmedia.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 00:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25476
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Apr 2023 00:17:59 GMT
/
billgossmedia.com/
50 B
233 B
XHR
General
Full URL
https://billgossmedia.com/?action=load_alerts
Requested by
Host: billgossmedia.com
URL: https://billgossmedia.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.7.120 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
120.7.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8efa3b9662c31ac36840ecd5fcae7e45a5325dbea1009072323402e2cd2c69e4

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://billgossmedia.com/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:16 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/json; charset=UTF-8
x-proxy-cache
HIT
Es6CKL
form.typeform.com/to/ Frame 27B3
121 KB
43 KB
Document
General
Full URL
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Requested by
Host: embed.typeform.com
URL: https://embed.typeform.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 6420-3.339.0
Resource Hash
84e527c77c0e20e502566bafd046413d580ab3609017dc81ec0fac1b9566303a
Security Headers
Name Value
Content-Security-Policy report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors http://localhost:* capacitor: ionic: https:;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://billgossmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers
Location, X-Request-Id
age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6f8d172aa89676ef-LHR
content-encoding
gzip
content-security-policy
report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors http://localhost:* capacitor: ionic: https:;
content-type
text/html; charset=utf-8
date
Fri, 08 Apr 2022 18:33:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cK8kYHUsTPVThQYORmx8F%2FhYDqHhYbvygUDszCeY6H5zYObWQsuYKsgmj7McIPuv9VixYASlwaV13oxoMAMM2i2ToRdOQm9YcYuAJVkfDdu7IWTdaYFN3p00jNlyL6CgYZ4a"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
MISS
x-cache-lookup
HIT
x-envoy-upstream-service-time
156
x-newp
Yes
x-powered-by
6420-3.339.0
x-varnish
68528245
default
images.typeform.com/images/g4H5TR3m9ZDR/image/ Frame 27B3
738 KB
739 KB
Image
General
Full URL
https://images.typeform.com/images/g4H5TR3m9ZDR/image/default
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1a00:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d30b8fdad1544aa040669411b871965ad386cf67f824ddc587c3ca9eb7b8cc8a
Security Headers
Name Value
Content-Security-Policy script-src 'self'

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:18 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront), 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7, FRA53-C1
x-amzn-requestid
7a675c5b-1f09-4b8b-9695-c3aeb72b1e87
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-62507fed-4eca7f28652697141123788f;Sampled=0
content-security-policy
script-src 'self'
x-amz-apigw-id
QRjtMGtpoAMFa7Q=
content-length
755436
x-amz-cf-id
KOnE8lRI6EBuxrThAppDtXu5EVvpdRgc7LQwLBpUKfsqMY429BwuTw==
api.js
form.typeform.com/cdn-cgi/bm/cv/669835187/ Frame 27B3
35 KB
9 KB
Script
General
Full URL
https://form.typeform.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbJN6ICLU2GxRlbJVziQ5ca5s59KQ29BXWIGgI7Z767Z%2FN44C5SSzTaJZjbGx5L3C3y4lIDqoPNMslptYa5wyYjXTx5qqR6IQZyMPqMU7eJBqqW%2FuWDf1HeNZPqqL4sbqLJH"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6f8d172c9c0d76ef-LHR
modern-renderer.d4e4e0178945129b4171.js
renderer-assets.typeform.com/ Frame 27B3
571 KB
165 KB
Script
General
Full URL
https://renderer-assets.typeform.com/modern-renderer.d4e4e0178945129b4171.js
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75be5c49aaa713d09c875dd0a674825c273c952f9102e61ba5bd426267b7dc6f

Request headers

Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Origin
https://form.typeform.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 11:16:28 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
26210
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 08 Apr 2022 10:48:42 GMT
server
AmazonS3
etag
W/"2b3d4fbd95ddd470d0111dcf19d62021"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 92c0d9b5836e0d9ff27ca3c2fe1b14e2.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
QKQzwGzCBb1y-2-fIeYjonRLOOYnK5D0f6jUsIRKOXeSw_WfFsXXHQ==
result
form.typeform.com/cdn-cgi/bm/cv/ Frame 27B3
0
515 B
XHR
General
Full URL
https://form.typeform.com/cdn-cgi/bm/cv/result?req_id=6f8d172aa89676ef
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Apr 2022 18:33:17 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfXIx9jr8Xd4LosomhYIDeCaqAXMPkq4xhAGjJ8OyHD7irOnW3N5O7BBbKv2E%2FLv%2BzglNyrBOilDxqc2SHgI%2BVv%2FVmZLrCci751GR9yf0o6F5IbpSyghOapgOS%2BpgNACUqBL"}],"group":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6f8d172d4d8776ef-LHR
modern-vendors~attachment~form.8be5da056a1a181e85c5.js
renderer-assets.typeform.com/ Frame 27B3
11 KB
5 KB
Script
General
Full URL
https://renderer-assets.typeform.com/modern-vendors~attachment~form.8be5da056a1a181e85c5.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.d4e4e0178945129b4171.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1cf65b7fcb5be49bbe74fa453f91c87a13f4705f38c364615ad3283b950922f

Request headers

Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Origin
https://form.typeform.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 11:16:29 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
26209
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 08 Apr 2022 10:48:42 GMT
server
AmazonS3
etag
W/"e6c9877cf62f1b4e7c6699cf586fa02d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 92c0d9b5836e0d9ff27ca3c2fe1b14e2.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
LbxKUiGCuy74QBS4XYUQfAUDNNbyZ1_fCiygM-WnTNnK70uyNgA7eQ==
modern-vendors~form.dea5297d643f425b386c.js
renderer-assets.typeform.com/ Frame 27B3
414 KB
120 KB
Script
General
Full URL
https://renderer-assets.typeform.com/modern-vendors~form.dea5297d643f425b386c.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.d4e4e0178945129b4171.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8e2a94249017ee84644fb11da3354120f89e8819f4210e7c3fbfe09b0e996d7

Request headers

Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Origin
https://form.typeform.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 11:16:29 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
26209
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 08 Apr 2022 10:48:42 GMT
server
AmazonS3
etag
W/"57da08dd8d4cf2dd95456f40df7f722c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 92c0d9b5836e0d9ff27ca3c2fe1b14e2.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
2wJvsCZfLhQfKo-mqak4add8dfaw59hutFsudszxyl96SG_jqrJF_Q==
modern-form.ad67c19810f5ccc52cfe.js
renderer-assets.typeform.com/ Frame 27B3
317 KB
93 KB
Script
General
Full URL
https://renderer-assets.typeform.com/modern-form.ad67c19810f5ccc52cfe.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.d4e4e0178945129b4171.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8795df964207f1270956b7c33c953bfd0d34efa5123cfbb0ca598bd9086e23aa

Request headers

Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Origin
https://form.typeform.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 11:16:29 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
26209
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 08 Apr 2022 10:48:42 GMT
server
AmazonS3
etag
W/"8b2f0e6036c95c879c36e28c58b6520d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/x-javascript
via
1.1 92c0d9b5836e0d9ff27ca3c2fe1b14e2.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
xtyYzdJh-VHX5yzhMuWkcYZYy0KZPbmqoPJOFgs-FZXYZNYDmY_eaw==
default-firstframe.png
images.typeform.com/images/g4H5TR3m9ZDR/image/ Frame 27B3
0
0

truncated
/ Frame 27B3
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view-form-open
form.typeform.com/forms/Es6CKL/insights/events/ Frame 27B3
2 B
844 B
Fetch
General
Full URL
https://form.typeform.com/forms/Es6CKL/insights/events/view-form-open
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.dea5297d643f425b386c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 08 Apr 2022 18:33:18 GMT
access-control-allow-methods
GET, OPTIONS, POST, PUT, PATCH, DELETE
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-release
2090556427
x-envoy-upstream-service-time
13
content-length
2
x-build-date
2022-04-04T14:34:15+0000
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq3Fykn%2FTBJ8Iea5K6rKkhj67fYC%2B5jcZvLKXZcyo4e9jtqmGrryGMcWpDVZrI1HuLV%2B8qNMnna34ow8qjDAM6k5YZ7hQ5ZA%2B4oGyAJfTBjwkF%2BORhNCTt6KiLIGAeMTNDfr"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://form.typeform.com
x-newp
Yes
access-control-expose-headers
Location, X-Request-Id
x-service
insights-2.0
x-commit-sha
12cf4625866c88da068049af416170109400c26b
cf-ray
6f8d17304c4b76ef-LHR
access-control-allow-headers
X-Typeform-Key, Content-Type, Authorization, Typeform-Version
rudder-analytics.min.js
cdn.rudderlabs.com/v1/ Frame 27B3
371 KB
110 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by
Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.dea5297d643f425b386c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fe00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
662c9fb10c8d179e0b651c040341ea597a2fb9fdb4059a003364f7993be99dd2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:33:19 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 13:37:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"f51a96fb237f0bee77ff1b7e4fc072bb"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-id
F4nOToAFT5e0xKUlEY8KYsWM2nce7V_6mFxHmA6gASnxfSYs0fBCKg==
/
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame
0
0
Preflight
General
Full URL
https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=web&v=1.5.6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.77.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-77-232.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://form.typeform.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://form.typeform.com
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 08 Apr 2022 18:33:19 GMT
server
uvicorn
vary
Origin
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame
0
0
Preflight
General
Full URL
https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.57.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-57-73.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymousid,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://form.typeform.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Anonymousid, Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://form.typeform.com
access-control-max-age
900
content-length
0
date
Fri, 08 Apr 2022 18:33:19 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 27B3
610 B
744 B
XHR
General
Full URL
https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=web&v=1.5.6
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.77.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-77-232.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028

Request headers

Authorization
Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 08 Apr 2022 18:33:19 GMT
access-control-allow-credentials
true
server
uvicorn
content-length
610
content-type
application/json
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 27B3
2 B
157 B
XHR
General
Full URL
https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.57.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-57-73.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
accept-language
en-GB,en;q=0.9
Authorization
Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
AnonymousId
MDJlYWU4ODUtOWYyYi00OGNmLTk5MTYtYzA3NDVhZmFhN2Qy
Content-Type
application/json

Response headers

access-control-allow-origin
https://form.typeform.com
date
Fri, 08 Apr 2022 18:33:19 GMT
access-control-allow-credentials
true
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8
nr-1123.min.js
js-agent.newrelic.com/ Frame 27B3
24 KB
10 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1123.min.js
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"7ffb242072196e9db5f4f1bfbfa2ed7d"
fastly-original-body-size
0
x-amz-request-id
NBRYG16GV52ZHEQ8
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9288
x-amz-id-2
GOAwDE4sphd+4k3KU6u6LAlqKg/25Bi2Ep6aGHBAyfWRSGOF0Qww539SN0P/kdDYc4E6yAOd3Gk=
x-served-by
cache-lcy19277-LCY
last-modified
Fri, 22 Mar 2019 14:06:15 GMT
server
AmazonS3
x-timer
S1649442799.245203,VS0,VE0
date
Fri, 08 Apr 2022 18:33:19 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
188
aa6e0ec721
bam.nr-data.net/1/ Frame 27B3
57 B
322 B
Script
General
Full URL
https://bam.nr-data.net/1/aa6e0ec721?a=14390211&sa=1&v=1123.df1c7f8&t=Unnamed%20Transaction&rst=2173&ref=https://form.typeform.com/to/Es6CKL&be=428&fe=2069&dc=441&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1649442797096,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:33,%22c%22:33,%22s%22:68,%22ce%22:108,%22rq%22:108,%22rp%22:407,%22rpe%22:415,%22dl%22:410,%22di%22:441,%22ds%22:441,%22de%22:441,%22dc%22:2069,%22l%22:2069,%22le%22:2069%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22formUid%22:%22Es6CKL%22,%22accountLimitName%22:%22undefined%22,%22rendererVersion%22:%223.339.0%22,%22isTouch%22:%22false%22,%22sessionId%22:%22jazkujvpy7V8%22,%22planName%22:%22basic%22,%22embeddingMode%22:%22standard%22%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1123.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 27B3
2 B
157 B
XHR
General
Full URL
https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by
Host: form.typeform.com
URL: https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.57.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-57-73.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer
https://form.typeform.com/to/Es6CKL?typeform-embed=embed-widget&typeform-source=billgossmedia.com&typeform-medium=embed-sdk&typeform-embed-id=m39s4
accept-language
en-GB,en;q=0.9
Authorization
Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
AnonymousId
MDJlYWU4ODUtOWYyYi00OGNmLTk5MTYtYzA3NDVhZmFhN2Qy
Content-Type
application/json

Response headers

access-control-allow-origin
https://form.typeform.com
date
Fri, 08 Apr 2022 18:33:21 GMT
access-control-allow-credentials
true
content-length
2
vary
Origin
content-type
text/plain; charset=utf-8
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame
0
0
Preflight
General
Full URL
https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.57.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-57-73.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymousid,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://form.typeform.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Anonymousid, Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://form.typeform.com
access-control-max-age
900
content-length
0
date
Fri, 08 Apr 2022 18:33:21 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
images.typeform.com
URL
https://images.typeform.com/images/g4H5TR3m9ZDR/image/default-firstframe.png

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails undefined| $ function| jQuery object| op_urgency_tr object| optimizecart object| OP3 function| op3GrecaptchaInit number| EXITINTENT_OFFSET function| onYouTubeIframeAPIReady function| onVideoBackgroundPlayerReady function| onVideoBackgroundPlayerStateChange object| regeneratorRuntime boolean| typeformEmbedIsloaded object| typeformEmbed

4 Cookies

Domain/Path Name / Value
.typeform.com/ Name: __cf_bm
Value: x7Bir2jf_SkJssnUgPgD1rs96f9ybPbyIfFM0YM0m2g-1649442797-0-AZEMHdyj5jF6QzR+oVlK3jUS2qkiRufoPmZXU0Al+wikrh11HL3UzCZjkOv42FnoW4LqG2AnKnhHjCEMHM8JA2OHq01ZsC/SQ81a4kY4j22eTzh7V6rSIVMJ9j4c4gyFGVRvJ8wvelDyjUdP9R4QKM18jPx9n1n701iYd4Ghzab6
.typeform.com/ Name: attribution_user_id
Value: 147402c5-755c-4a53-8b5b-8b802283beeb
form.typeform.com/ Name: AWSALBTGCORS
Value: UmWCvXXBozOMBf2vlC9aHf2M1v0mx1Ikz69CPrKp7QkK88Tx3gDKHPr6ytMCIqBplH7eOIt4zZZ1fwyuExQdRwq1AfofgHASVKtHCywkeB4oeSA8JJ3iVN4H/ie3Lq+g8FQSWCMl3REdqo0Kah3EEwYqfeD8rdNyqYdyDQbrtTd1
.nr-data.net/ Name: JSESSIONID
Value: a78bf94feef9d6fe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
billgossmedia.com
cdn.rudderlabs.com
embed.typeform.com
fonts.gstatic.com
form.typeform.com
images.typeform.com
js-agent.newrelic.com
renderer-assets.typeform.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
images.typeform.com
104.18.27.71
151.101.2.137
162.247.242.19
18.233.77.232
2600:9000:2016:400:2:c605:29c0:93a1
2600:9000:214f:1a00:8:2495:5540:93a1
2600:9000:2156:fe00:16:a497:9700:93a1
2600:9000:225a:8800:4:f6ce:61c0:93a1
2a00:1450:4001:828::2003
35.214.7.120
44.197.57.73
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
052100850031cdb3f57d4b55c928e365affbbb35b08ad2fc58a32103187d6e64
0a02f7daa8a7246db3dec0e30f10ce56aa2da4b32e93955be89eb43e551e4efe
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1b8bcf31190b4fa2ad5bc41acc1cb291d30d0e3dd9175baf0178885f4d057a32
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
20a65e21c175720750063563d3a24cfb89163fa17763748c10fc415d109dd96f
20de5ffada5dcd5addd78e0c9ccfd49e1e4068cb040fa5f6b7e17d77a4aab55f
2164a4fedd3e78739032a2919f0750dedb23bf630e165979b226077d026f0b44
317a6ecd3d961d4ec11e8936372bae66818b3ef4366caea2bd1cb3c0123b9385
332a021c25466898158cf3ded8b0062d87c9a69bc6b04649daa5c5cde75dd0ef
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e2445c30ce65c23039646fa20c3e3c14746828d72f93235a9bf835197536e3c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6081dd327f5eb09ccf22061b3ec541d7c96f9eac76821a0bd7eca6fcbfbd9da7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64ec42937e25f64567c1e3e3e23977544cad36552ec7638d6ab49b1dcd93adb9
64f7367a4fc8be1fca6720e56a8c7cdfb16d347998412f4618242fb2ed0f3c5b
662c9fb10c8d179e0b651c040341ea597a2fb9fdb4059a003364f7993be99dd2
6c252dad3bc13487687d5ecddd154d5bf6890577776eaafe43e10c55bcbc7c7d
7551d3a0845d7712c56137869e8cb26df5bed118fb4ca06c3016587cfd36a214
75be5c49aaa713d09c875dd0a674825c273c952f9102e61ba5bd426267b7dc6f
7bc0cd12f9adecd06dc878cfcd84324fc064ff1cbea7ce7094e0dfc79c0b7ac2
7ebc93aa48860ace0b0b45bd0b930a1fa77750dc56d54fa0fa1789d254c7da76
831128298d9dd128123761209f273b563e2561c3c946200ac3abedfbf178d4ea
84e527c77c0e20e502566bafd046413d580ab3609017dc81ec0fac1b9566303a
8795df964207f1270956b7c33c953bfd0d34efa5123cfbb0ca598bd9086e23aa
8efa3b9662c31ac36840ecd5fcae7e45a5325dbea1009072323402e2cd2c69e4
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82
9b9f2f51f7f542f38c230524f2c5aeb0cc2bbd800c0e983f2ac07a6d329a5494
a1cf65b7fcb5be49bbe74fa453f91c87a13f4705f38c364615ad3283b950922f
a2e48f0e886d558b5e21a188827c75647a19ecf348a72bfcf24b792d0e104e29
a61ffb707f72b8e87e07f8a4b5b02db104d2159887152da3c5a0839d42f0d1d6
a8e2a94249017ee84644fb11da3354120f89e8819f4210e7c3fbfe09b0e996d7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
d11da9396697f7532403c0c58c013699b0f0e4ef83c29e89b887a5618aa8775b
d30b8fdad1544aa040669411b871965ad386cf67f824ddc587c3ca9eb7b8cc8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa
e5fbfba65b9d9a703abd0652fad870384872ebc73b17fc3a5792218a79421e12