firstsightbygalls.com Open in urlscan Pro
2606:4700:4400::ac40:93a8  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://link.galls.com/u/nrd.php?p=pzADNU5D0s_1088_3424563_1_5&ems_l=4895363&i=1&d=MjIwNzk4MzQx%7CcHpBRE5VNUQwcw%3D%3D%7CYzY0ZTQ5MTI4NmVkZjE3OTE%3D%7CMjAyMjEwMjdfMjA1OF9GaXJzdC1TaWdodF9IZWFsdGgtQ2FyZV9Bd2FyZW5lc3NfMQ%3D%3D%7C&_esuh=_11_c4e96db0f1f44f5e79a9b650b0dbf0dc62994add99d6644748fcd2c119b64f68 Page URL
2. https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	nrd.php Show response link.galls.com/u/	905 B 773 B	158ms 92ms	Document text/html	217.175.192.43 EMARSYS-AS Emarsy...
General Check archive.org Show headers Download Go to Full URL https://link.galls.com/u/nrd.php?p=pzADNU5D0s_1088_3424563_1_5&ems_l=4895363&i=1&d=MjIwNzk4MzQx%7CcHpBRE5VNUQwcw%3D%3D%7CYzY0ZTQ5MTI4NmVkZjE3OTE%3D%7CMjAyMjEwMjdfMjA1OF9GaXJzdC1TaWdodF9IZWFsdGgtQ2FyZV9Bd2FyZW5lc3NfMQ%3D%3D%7C&_esuh=_11_c4e96db0f1f44f5e79a9b650b0dbf0dc62994add99d6644748fcd2c119b64f68 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.175.192.43 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT), Reverse DNS Software nginx / Resource Hash 3bfc0cbb34216649fc1858ad7863cb2ca5abe4c80bc8a04badc15d149eea3aeb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding gzip content-length 449 content-type text/html; charset=utf-8 date Wed, 02 Nov 2022 18:14:53 GMT pragma no-cache server nginx vary Accept-Encoding x-af suite34-web3 x-fe suite34-web3 x-hf suite-haproxy01f
GET H2	200	Primary Request contact-us Show response firstsightbygalls.com/	6 KB 2 KB	720ms 582ms	Document text/html	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d54cc22f5186fa71bdaf54672c2c4e646b41c9c404c97a66288d7ae79affeaa Request headers Referer https://link.galls.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 763eda36b810bbad-FRA content-encoding gzip content-type text/html; charset=windows-1252 date Wed, 02 Nov 2022 18:14:53 GMT last-modified Fri, 07 Oct 2022 18:37:36 GMT server cloudflare
GET H2	200	css fonts.googleapis.com/	3 KB 987 B	59ms 19ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rajdhani:500,600,700 Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 74d45204c71db2ff695f0869c35e3263190890af3111d76df2f7c371d5c8e7b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 02 Nov 2022 18:14:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 02 Nov 2022 18:14:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 02 Nov 2022 18:14:53 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	48ms 24ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2414294 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IdEtB0vtbhhteCSOcl72gjNSDxaFPHjDc89N0D6sOKipNQAkFcjrx0wfMT2q8y2n6DbNAmH5QQufJomwyKamu4fCss7EJ%2Fk8YEzEmZVG5KgHHpOXLIfmysNvfAJOIkSGbYsC5YYPYcT36efsTzxgmkw"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 763eda3a88ac9bc5-FRA expires Mon, 23 Oct 2023 18:14:53 GMT
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/	141 KB 22 KB	84ms 44ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://firstsightbygalls.com/ Origin https://firstsightbygalls.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 601 cdn-cachedat 08/20/2022 02:36:43 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:04 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag W/"450fc463b8b1a349df717056fbb3e078" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid b9ae7fca072f2fb1974528b5394fdf23 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 763eda3aa86c163e-FRA cdn-requestpullsuccess True
GET H2	200	styles.css firstsightbygalls.com/css/	36 KB 5 KB	917ms 917ms	Stylesheet text/css	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firstsightbygalls.com/css/styles.css?v=80 Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4dd1f7cdb66f55cc611998a0d4d0d548da9a3d70723d837b7160ebd9fc0460eb Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:54 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 07 Oct 2022 18:47:39 GMT server cloudflare etag W/"8e6d-5ea763e7d68c0" vary Accept-Encoding content-type text/css; charset=windows-1252 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 763eda3a690ebbad-FRA expires Wed, 02 Nov 2022 22:14:54 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	52ms 25ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-239100388-1 Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 67ad0b727ecaaed32bbca389af15c2113495d2cad9f034b2f4a12597e8bedb33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 43672 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 02 Nov 2022 18:14:54 GMT
GET H2	200	FirstSightLogo.svg firstsightbygalls.com/images/	17 KB 6 KB	24ms 21ms	Image image/svg+xml	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firstsightbygalls.com/images/FirstSightLogo.svg Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1cdffb876c39db5954434b28116a988c080f57a403169bfe8c09f07aa47044e Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:54 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 08 Aug 2022 15:45:32 GMT server cloudflare age 3237 etag W/"436d-5e5bcb4b61f00" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=14400 cf-ray 763eda403e37bbad-FRA expires Wed, 02 Nov 2022 22:14:54 GMT
GET H2	200	Hero_H1.jpg firstsightbygalls.com/images/Contact_Us/	74 KB 74 KB	1177ms 1175ms	Image image/jpeg	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firstsightbygalls.com/images/Contact_Us/Hero_H1.jpg Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef2732d7996007ca9038f25581a5de2ca7470651adfc7bfa8b27f5b1221e5dcc Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:55 GMT cf-cache-status MISS last-modified Fri, 05 Aug 2022 14:25:56 GMT server cloudflare etag "1278a-5e57f3e840500" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 763eda403e38bbad-FRA content-length 75658 expires Wed, 02 Nov 2022 22:14:55 GMT
GET H2	200	Hero_M1.jpg firstsightbygalls.com/images/Contact_Us/	31 KB 31 KB	934ms 932ms	Image image/jpeg	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firstsightbygalls.com/images/Contact_Us/Hero_M1.jpg Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 494cf9e669265efe5da34b8790fa737c464eb785b72c45e8a06ff66bbee5cb26 Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:55 GMT cf-cache-status MISS last-modified Fri, 05 Aug 2022 14:54:22 GMT server cloudflare etag "7b7d-5e57fa4338380" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 763eda403e3bbbad-FRA content-length 31613 expires Wed, 02 Nov 2022 22:14:55 GMT
GET H2	200	firstsigh_logo_footer.svg firstsightbygalls.com/images/	17 KB 6 KB	756ms 755ms	Image image/svg+xml	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://firstsightbygalls.com/images/firstsigh_logo_footer.svg Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3feac96f597a7361c437529dd18c46186f816db26787fbfabff39cb08a5f6b79 Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:55 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 05 Aug 2022 15:20:50 GMT server cloudflare etag W/"44a9-5e58002da7880" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=14400 cf-ray 763eda403e3ebbad-FRA expires Wed, 02 Nov 2022 22:14:55 GMT
GET H2	200	jqueryv3.2.1.js Show response firstsightbygalls.com/js/	85 KB 30 KB	1266ms 1266ms	Script application/javascript	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firstsightbygalls.com/js/jqueryv3.2.1.js Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35 Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:55 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 31 Oct 2017 18:30:14 GMT server cloudflare etag W/"15287-55cdbf22a3980" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 763eda3afa40bbad-FRA expires Wed, 02 Nov 2022 22:14:54 GMT
GET H3	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/	19 KB 7 KB	39ms 21ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://firstsightbygalls.com/ Origin https://firstsightbygalls.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1804922 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6157 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4af4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4o27a%2BsazJ19PH5X3FDr7%2FI%2B0GvkdbEILMJBOIBp8gTXfYl8%2F9g4WZvmC%2BD14RK2v2DjT0Pxu1nRhMUn4jXJd1hXJrueXzaHq2QKAFklpAAPFBdhrnLpyHzhgLvzR%2FQ0kkKVQQkBNmvtjKRhPOnrMYS"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 763eda404b7d9067-FRA expires Mon, 23 Oct 2023 18:14:54 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/	48 KB 13 KB	41ms 38ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://firstsightbygalls.com/ Origin https://firstsightbygalls.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 601 cdn-cachedat 08/20/2022 02:32:25 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:04 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag W/"14d449eb8876fa55e1ef3c2cc52b0c17" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 5d14de1631691d6a0f08973f54f73dc2 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 763eda4038fc163e-FRA cdn-requestpullsuccess True
GET H2	200	script.js Show response firstsightbygalls.com/js/	388 B 402 B	604ms 601ms	Script application/javascript	2606:4700:4400::ac40:93a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://firstsightbygalls.com/js/script.js?v=3 Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6952edd859ad227a8d44dce01e9cfbb7bb19f91b0a48453bce1dbf942e9afc7d Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:55 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 08 Jul 2022 00:55:16 GMT server cloudflare etag W/"184-5e340a7ca0500" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 763eda403e32bbad-FRA expires Wed, 02 Nov 2022 22:14:55 GMT
GET H2	200	/ Show response uscav.wufoo.com/embed/w1b3pcoq104wdks/ Frame 1EA8	33 KB 34 KB	1006ms 919ms	Document text/html	13.225.78.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uscav.wufoo.com/embed/w1b3pcoq104wdks/ Requested by Host: firstsightbygalls.com URL: https://firstsightbygalls.com/contact-us?sc_src=email_3424563&sc_lid=220798341&sc_uid=pzADNU5D0s&sc_llid=1088&sc_eh=c64e491286edf1791&utm_source=Emarsys&utm_medium=email&utm_campaign=20221027_2058_First-Sight_Health-Care_Awareness_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-5.fra2.r.cloudfront.net Software nginx/1.20.1 / Resource Hash 0a4ee37a10f58e074ea72dd31b0e094f2a081e58b08a8d58c9e69ce7733d2a29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://firstsightbygalls.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers origin, x-requested-with, content-type, authorization access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-origin * content-type text/html;charset=UTF-8 date Wed, 02 Nov 2022 18:14:55 GMT server nginx/1.20.1 strict-transport-security max-age=31536000; includeSubDomains via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) x-amz-cf-id T3Ngq-d0TilL1PgNi8dh9h7B3D530hSQlDBFTrUFCXfbNcXFVny9Mg== x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront
GET H2	200	LDI2apCSOBg7S-QT7pb0EPOreec.woff2 fonts.gstatic.com/s/rajdhani/v15/	15 KB 15 KB	43ms 9ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pb0EPOreec.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rajdhani:500,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://firstsightbygalls.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 26 Oct 2022 19:36:39 GMT x-content-type-options nosniff age 599895 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15084 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:47:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 26 Oct 2023 19:36:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	40ms 8ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-239100388-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://firstsightbygalls.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 02 Nov 2022 17:15:54 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 3540 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 02 Nov 2022 19:15:54 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	34ms 16ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=983710325&t=pageview&_s=1&dl=https%3A%2F%2Ffirstsightbygalls.com%2Fcontact-us%3Fsc_src%3Demail_3424563%26sc_lid%3D220798341%26sc_uid%3DpzADNU5D0s%26sc_llid%3D1088%26sc_eh%3Dc64e491286edf1791%26utm_source%3DEmarsys%26utm_medium%3Demail%26utm_campaign%3D20221027_2058_First-Sight_Health-Care_Awareness_1&dr=https%3A%2F%2Flink.galls.com%2F&ul=en-us&de=windows-1252&dt=First%20Sight%20By%20Galls&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=570011335&gjid=1382857618&cid=1991739250.1667412895&tid=UA-239100388-1&_gid=1992209383.1667412895&_r=1&gtm=2ouav0&z=1869985975 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://firstsightbygalls.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 02 Nov 2022 18:14:54 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://firstsightbygalls.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	index.0665.css static.wufoo.com/stylesheets/public/forms/css/ Frame 1EA8	35 KB 35 KB	215ms 201ms	Stylesheet text/css	13.225.78.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.wufoo.com/stylesheets/public/forms/css/index.0665.css Requested by Host: uscav.wufoo.com URL: https://uscav.wufoo.com/embed/w1b3pcoq104wdks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-5.fra2.r.cloudfront.net Software nginx/1.20.1 / Resource Hash 02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://uscav.wufoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:55 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) server nginx/1.20.1 x-amz-cf-pop FRA2-C2 etag 0762c077c68bf71c547f47453512c983 x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type text/css;charset=UTF-8 access-control-allow-origin * x-cache Miss from cloudfront cache-control max-age=600; must-revalidate access-control-allow-headers origin, x-requested-with, content-type, authorization x-amz-cf-id NVGz3z2g5gDWPD_bLqGAq7-4wzB8Ujb34NLhgKlZ2uDIhoYhyD5MFQ==
GET H2	200	theme.css uscav.wufoo.com/css/custom/17/ Frame 1EA8	12 KB 13 KB	761ms 760ms	Stylesheet text/css	13.225.78.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uscav.wufoo.com/css/custom/17/theme.css Requested by Host: uscav.wufoo.com URL: https://uscav.wufoo.com/embed/w1b3pcoq104wdks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-5.fra2.r.cloudfront.net Software nginx/1.20.1 / Resource Hash d29f4835c9af9d9302515d6b51d57464840edf0a08cc3dedee89cde14f8f875a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://uscav.wufoo.com/embed/w1b3pcoq104wdks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:56 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) server nginx/1.20.1 x-amz-cf-pop FRA2-C2 etag c530ba215d4ed2986ed786cc72b13625 x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type text/css;charset=UTF-8 access-control-allow-origin * x-cache Miss from cloudfront cache-control max-age=600; must-revalidate access-control-allow-headers origin, x-requested-with, content-type, authorization x-amz-cf-id sKk5BLh6n3JfvukN5a4OrXqNfhsCuRidGcDm_BWHcoEDuHAVs6SY0g==
GET H/1.1	200 OK	wufoo-styles.css www.galls.com/firstsight/css/ Frame 1EA8	4 KB 1 KB	684ms 641ms	Stylesheet text/css	2606:4700::6811:9918 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.galls.com/firstsight/css/wufoo-styles.css?v=9 Requested by Host: uscav.wufoo.com URL: https://uscav.wufoo.com/embed/w1b3pcoq104wdks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:9918 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cd5305241f3cfade43f040c4a2baf0b2dbdfd4607f67ef60546fe48da484d5b Security Headers Name Value X-Frame-Options sameorigin Request headers accept-language de-DE,de;q=0.9 Referer https://uscav.wufoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 18:14:56 GMT Content-Encoding gzip CF-Cache-Status MISS Connection keep-alive Content-Length 776 Last-Modified Fri, 05 Aug 2022 15:13:40 GMT Server cloudflare ETag "f98-5e57fe9393100-gzip" X-Frame-Options sameorigin Vary Accept-Encoding Content-Type text/css; charset=windows-1252 Access-Control-Allow-Origin ionic://localhost Cache-Control public, max-age=14400 Accept-Ranges bytes CF-RAY 763eda46ca3b6909-FRA Expires Wed, 02 Nov 2022 22:14:56 GMT
GET H2	200	dynamic.0665.js Show response static.wufoo.com/scripts/public/ Frame 1EA8	171 KB 172 KB	233ms 219ms	Script text/javascript	13.225.78.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.wufoo.com/scripts/public/dynamic.0665.js?language=english Requested by Host: uscav.wufoo.com URL: https://uscav.wufoo.com/embed/w1b3pcoq104wdks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-5.fra2.r.cloudfront.net Software nginx/1.20.1 / Resource Hash f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://uscav.wufoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:55 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) last-modified Tue, 01 Nov 2022 19:37:50GMT server nginx/1.20.1 x-amz-cf-pop FRA2-C2 etag 24abca4b15ba96257212e4f7cc28dd00 x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type text/javascript;charset=UTF-8 access-control-allow-origin * x-cache Miss from cloudfront cache-control max-age=600; must-revalidate access-control-allow-headers origin, x-requested-with, content-type, authorization x-amz-cf-id -2WeVavIm8fw1UQzlKKUwTOT2Dv8cLcFkm3VkESIz-eUwpy1TctyAg==
GET H2	200	fieldbg.gif uscav.wufoo.com/images/ Frame 1EA8	46 B 634 B	622ms 621ms	Image image/gif	13.225.78.5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uscav.wufoo.com/images/fieldbg.gif Requested by Host: uscav.wufoo.com URL: https://uscav.wufoo.com/css/custom/17/theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-5.fra2.r.cloudfront.net Software nginx/1.20.1 / Resource Hash 1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://uscav.wufoo.com/css/custom/17/theme.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Wed, 02 Nov 2022 18:14:57 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) last-modified Wed, 30 Sep 2020 14:15:40 GMT server nginx/1.20.1 x-amz-cf-pop FRA2-C2 etag "5f74930c-2e" access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type image/gif access-control-allow-origin * x-cache Miss from cloudfront accept-ranges bytes access-control-allow-headers origin, x-requested-with, content-type, authorization content-length 46 x-amz-cf-id UL7ctrwkDZA3UE_f13qiE5NUdj_e6LhQ8phXYz1jfJCfE3Kr4iPlhg==
GET H2	200	nr-1216.min.js Show response js-agent.newrelic.com/ Frame 1EA8	38 KB 14 KB	40ms 7ms	Script application/javascript	151.101.66.137
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1216.min.js Requested by Host: uscav.wufoo.com URL: https://uscav.wufoo.com/embed/w1b3pcoq104wdks/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Request headers accept-language de-DE,de;q=0.9 Referer https://uscav.wufoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id mHHzJIqOizHibcYt0xqAszRr0gQRiNYy content-encoding gzip via 1.1 varnish date Wed, 02 Nov 2022 18:14:57 GMT x-amz-request-id C0PM5183JTHZWH2D x-cache HIT cross-origin-resource-policy cross-origin content-length 14391 x-amz-id-2 tUMDyL0WmISarV+7o1NgKgWBtYzXNe+0EnfQp9GNw/ovvN9d9fmllP8gGX8Hwu2wvGQYXP+laxM= x-served-by cache-hhn4066-HHN last-modified Thu, 14 Apr 2022 16:45:57 GMT server AmazonS3 x-timer S1667412897.194299,VS0,VE0 etag "9f533d8cd24b2c5e3b4dc886ecbd43e8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1003
GET H/1.1	200 OK	1e390569c3 Show response bam.nr-data.net/1/ Frame 1EA8	49 B 527 B	231ms 197ms	Script text/javascript	162.247.241.14
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/1e390569c3?a=536297313&v=1216.487a282&to=YQdTbENQXUFVAUxbDFhNZEpYHlVdRg9LHQpYBlRAH1lHX1g%3D&rst=2458&ck=0&ref=https://uscav.wufoo.com/embed/w1b3pcoq104wdks/&ap=136&be=1020&fe=2412&dc=1794&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1667412894748,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:53,%22c%22:53,%22s%22:68,%22ce%22:88,%22rq%22:88,%22rp%22:1008,%22rpe%22:1010,%22dl%22:1010,%22di%22:1794,%22ds%22:1794,%22de%22:1796,%22dc%22:2412,%22l%22:2412,%22le%22:2415%7D,%22navigation%22:%7B%7D%7D&fp=1796&fcp=1796&at=TUBQGgtKTk8%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1216.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.241.14 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Request headers accept-language de-DE,de;q=0.9 Referer https://uscav.wufoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Wed, 02 Nov 2022 18:14:57 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Transfer-Encoding chunked access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Vary Accept-Encoding access-control-allow-credentials true Cross-Origin-Resource-Policy cross-origin Connection keep-alive CF-Ray 763eda4fc9bb910c-FRA

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| Popper object| bootstrap function| SubmitEmail

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.firstsightbygalls.com/	1970-01-20 16:46:12	Name: _ga Value: GA1.2.1991739250.1667412895
			.firstsightbygalls.com/	1970-01-20 07:11:39	Name: _gid Value: GA1.2.1992209383.1667412895
			.firstsightbygalls.com/	1970-01-20 07:10:12	Name: _gat_gtag_UA_239100388_1 Value: 1
			.wufoo.com/	1970-01-20 07:10:14	Name: ep201 Value: /mCaRS9DCw3IHnPfIYPOKCgGK78=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
firstsightbygalls.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
link.galls.com
maxcdn.bootstrapcdn.com
static.wufoo.com
uscav.wufoo.com
www.galls.com
www.google-analytics.com
www.googletagmanager.com
13.225.78.5
151.101.66.137
162.247.241.14
217.175.192.43
2606:4700:4400::ac40:93a8
2606:4700::6811:190e
2606:4700::6811:9918
2606:4700::6812:bcf
2a00:1450:4001:800::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200e
02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0
0a4ee37a10f58e074ea72dd31b0e094f2a081e58b08a8d58c9e69ce7733d2a29
1a108f888be23c9c00ba58170fba7d3e06dfa9149d9032d4b8e50287c9893790
23afdb9b5b89b878fab04d80cc30bf41bb4f3f7e8be88e5f16a7cc7671cdb2dc
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2d54cc22f5186fa71bdaf54672c2c4e646b41c9c404c97a66288d7ae79affeaa
3bfc0cbb34216649fc1858ad7863cb2ca5abe4c80bc8a04badc15d149eea3aeb
3feac96f597a7361c437529dd18c46186f816db26787fbfabff39cb08a5f6b79
494cf9e669265efe5da34b8790fa737c464eb785b72c45e8a06ff66bbee5cb26
4cd5305241f3cfade43f040c4a2baf0b2dbdfd4607f67ef60546fe48da484d5b
4dd1f7cdb66f55cc611998a0d4d0d548da9a3d70723d837b7160ebd9fc0460eb
67ad0b727ecaaed32bbca389af15c2113495d2cad9f034b2f4a12597e8bedb33
6952edd859ad227a8d44dce01e9cfbb7bb19f91b0a48453bce1dbf942e9afc7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
74d45204c71db2ff695f0869c35e3263190890af3111d76df2f7c371d5c8e7b0
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
d1cdffb876c39db5954434b28116a988c080f57a403169bfe8c09f07aa47044e
d29f4835c9af9d9302515d6b51d57464840edf0a08cc3dedee89cde14f8f875a
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef2732d7996007ca9038f25581a5de2ca7470651adfc7bfa8b27f5b1221e5dcc
f8feea41477cf6c615d64e34192ca16596d8d1d4a19016c292aec5c894af2bb8