urlscan.io logo urlscan.io
SecurityTrails logo

forms.monday.com Open in urlscan Pro
2606:4700::6810:b2a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.tickets.bwat.wistee.host/
Effective URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Submission: On October 16 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6810:b2a, located in United States and belongs to CLOUDFLARENET, US. The main domain is forms.monday.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 14th 2019. Valid for: 2 years.
This is the only time forms.monday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 94.124.84.12 48594 (WISTEE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 13.225.25.2 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.224.186.109 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 3.210.134.198 14618 (AMAZON-AES)
2 107.20.244.156 14618 (AMAZON-AES)
2 216.239.32.21 15169 (GOOGLE)
24 10
2    94.124.84.12 (France)

ASN48594 (WISTEE, FR)
www.tickets.bwat.wistee.host
ticket.bwat.fr
1    2606:4700::6810:b2a (United States)

ASN13335 (CLOUDFLARENET, US)
forms.monday.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    13.225.25.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-25-2.cdg3.r.cloudfront.net
cdn7.monday.com
4    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    13.224.186.109 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-109.fra2.r.cloudfront.net
d18vk66ftlazd2.cloudfront.net
1    2600:9000:2057:e600:19:82df:1740:93a1 (United States)

ASN16509 (AMAZON-02, US)
files.monday.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    3.210.134.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
data.bigbrain.me
2    107.20.244.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-244-156.compute-1.amazonaws.com
track.bigbrain.me
2    216.239.32.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
ipinfo.io
Domain Requested by
6 cdn7.monday.com forms.monday.com
4 data.bigbrain.me d18vk66ftlazd2.cloudfront.net
4 maps.googleapis.com forms.monday.com
maps.googleapis.com
2 ipinfo.io d18vk66ftlazd2.cloudfront.net
2 track.bigbrain.me d18vk66ftlazd2.cloudfront.net
2 fonts.gstatic.com fonts.googleapis.com
1 files.monday.com forms.monday.com
1 d18vk66ftlazd2.cloudfront.net cdn7.monday.com
1 fonts.googleapis.com forms.monday.com
1 forms.monday.com
1 ticket.bwat.fr 1 redirects
1 www.tickets.bwat.wistee.host 1 redirects
24 12

This site contains no links.

Subject Issuer Validity Valid
*.monday.com
Go Daddy Secure Certificate Authority - G2		 2019-11-14 -
2021-11-14		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
bigbrain.me
Amazon		 2019-12-16 -
2021-01-16		 a year crt.sh
ipinfo.io
GTS CA 1D2		 2020-09-27 -
2020-12-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Frame ID: A6EF743902DB1A6738DC6B6AD48A6545
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.tickets.bwat.wistee.host/ HTTP 302
    http://ticket.bwat.fr/ HTTP 302
    https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

24
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

12
Subdomains

10
IPs

3
Countries

626 kB
Transfer

2113 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.tickets.bwat.wistee.host/ HTTP 302
    http://ticket.bwat.fr/ HTTP 302
    https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5905a11dc4dbe4f48fa593f99c42df29
forms.monday.com/forms/
Redirect Chain
  • https://www.tickets.bwat.wistee.host/
  • http://ticket.bwat.fr/
  • https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae10121507cd536a0b8b85888977407752d937fd9078d5d9003676282fafdd5e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://bigbrain.me *.bigbrain.me *.mondaystaging.com *.itsmonday.com *.monday.sh *.monday.com https://mondaystaging.com https://itsmonday.com https://monday.com https://monday.sh https://teams.microsoft.com https://*.teams.microsoft.com https://*.microsoftonline.com https://*.office365.com https://*.microsoft.com https://webbyawards.com https://www.webbyawards.com https://msteams.backend.monday.app https://monday.lightning.force.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:8080 https://cdn.simpo.io/builder/builder.js *.lvh.me:* https://realize.io https://dapulse.com https://mondaystaging.com https://api-gw.mondaystaging.com https://itsmonday.com https://monday.com https://monday.sh https://api-gw.monday.com https://assets.zendesk.com https://*.intercom.io https://js.intercomcdn.com https://cdn.actionbar.io https://www.dropbox.com https://apis.google.com https://www.google.com bat.bing.com https://ct.capterra.com https://www.getapp.com https://widgets.outbrain.com https://cdn.taboola.com https://www.gstatic.com https://snap.licdn.com https://appvizer.one/ariadne/v1/ariadne.js https://www.redditstatic.com/ads/pixel.js https://s.pinimg.com https://cdn.pdst.fm/ping.min.js https://ext.chtbl.com/trackable.js https://ssl.google-analytics.com https://apis.google.com/js/api.js https://code.highcharts.com https://maps.googleapis.com https://cdn.simpo.io/actionbar.js https://ajax.googleapis.com https://*.zopim.com ipinfo.io https://broadcast.mondaystaging.com/assets/track_app.js https://cdn.broadcast.am/assets/track_app.js code.jquery.com https://api.embed.ly/1/oembed https://api.embed.ly/1/extract https://bam.nr-data.net https://includestest.ccdc02.com/cardinalcruise/v1 https://gateway.bluesnap.com https://ws.bluesnap.com https://sandbox.bluesnap.com https://songbird.cardinalcommerce.com https://songbirdstag.cardinalcommerce.com https://js-agent.newrelic.com https://connect.facebook.net https://cdn.actionbar.io/actionbar.js https://googleads.g.doubleclick.net rum-static.pingdom.net/pa-574eda16abe53d4f2483c888.js https://edge.fullstory.com https://fullstory.com https://www.fullstory.com https://cdn.monday.com https://cdn2.monday.com https://cdn1.monday.com https://cdn2.monday.com https://cdn.mondaystaging.com https://cdn2.mondaystaging.com https://assets.itsmonday.com https://static.cloudflareinsights.com https://cdnjs.cloudflare.com *.cloudfront.net https://*.pusher.com https://secure.quantserve.com/quant.js https://rules.quantcount.com https://ahrefs.com/toolbar/script.js d2c7xlmseob604.cloudfront.net/tracker.min.js https://s3.amazonaws.com https://www.googleadservices.com https://www.googletagmanager.com https://tagmanager.google.com https://api.microsofttranslator.com sax.peakonspot.com/pops/wgprtb.php https://cdncache-a.akamaihd.net https://www.google-analytics.com https://quantcast.mgr.consensu.org/qcu.js https://translate.googleapis.com secure.shoppytoolmac.com/servicejs/components https://1049434604.rsc.cdn77.org/ij1.min.js tpc.googlesyndication.com/sodar/1s9mPOHO.js https://data1.nedmaf.com https://cdn.walkme.com https://data1.eurosty.com https://s.dcbap.com qdatasales.com/scripts/Pt8cY8Qvgbs5.js https://includestest.ccdc02.com *.map2.ssl.hwcdn.net cdn.mxpnl.com www2.redgit.pw/ex/scr https://m59.prod2016.com https://static.zdassets.com https://clou.im/cache.php s.mapitquick.net https://gist.github.com srdrvp.com/com ww1.ridiwo.space/oj/ij1 static.cmptch.com/v/lib/s.js https://data1.myloap.com/assets/js/jquery.js https://pwm-image.trendmicro.com https://e2b8u3v8.map2.ssl.hwcdn.net https://secure.myshopcouponmac.com https://urlvalidation.com https://data1.carazouco.com/assets/js/jquery.js https://analyticspage.tools https://eluxer.net https://loadsource.org https://ydpi.pw/addons https://accounts.google.com https://docs.google.com https://app.box.com https://webhooks.monday.com https://cdn7.mondaystaging.com https://cdn7.monday.com https://cdn.itsmonday.com https://cdn.monday.sh https://d2c7xlmseob604.cloudfront.net/tracker.min.js https://js.live.net https://snippet.growsumo.com/growsumo.min.js https://sdk.amazonaws.com https://*.loadmill.com http://js.hsforms.net https://forms.hsforms.com https://static.hotjar.com https://script.hotjar.com https://www.youtube.com/iframe_api https://s.ytimg.com; worker-src 'self' 'unsafe-inline' blob:
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
forms.monday.com
:scheme
https
:path
/forms/5905a11dc4dbe4f48fa593f99c42df29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 16 Oct 2020 07:51:20 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d7a0ff37f67a2cdf745d93e46ee1ddc121602834680; expires=Sun, 15-Nov-20 07:51:20 GMT; path=/; domain=.monday.com; HttpOnly; SameSite=Lax; Secure dapulse_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTAyMjJmZDM0NGVlNjJiZThlMTQ3ZGQyNjdlZjMzMWM5BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXdobW01dERXai9wK3o3OWZkSy9KN0ZxZ0U1U0NMeFJyU29oZ2hjU2ovTW89BjsARg%3D%3D--54097156f2f1aec2cdb412efed1859ee3df135dd; path=/; expires=Sat, 16 Oct 2021 13:51:20 -0000; secure; HttpOnly
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-pjax-version
force_refresh_version
17
referrer-policy
same-origin
cache-control
max-age=0, private, must-revalidate
x-request-id
2b33fbbf-8d66-4e72-9e88-8b1c4a1013a9
x-runtime
0.055376
x-envoy-upstream-service-time
58
x-monday-envoy
true
content-security-policy
frame-ancestors https://bigbrain.me *.bigbrain.me *.mondaystaging.com *.itsmonday.com *.monday.sh *.monday.com https://mondaystaging.com https://itsmonday.com https://monday.com https://monday.sh https://teams.microsoft.com https://*.teams.microsoft.com https://*.microsoftonline.com https://*.office365.com https://*.microsoft.com https://webbyawards.com https://www.webbyawards.com https://msteams.backend.monday.app https://monday.lightning.force.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:8080 https://cdn.simpo.io/builder/builder.js *.lvh.me:* https://realize.io https://dapulse.com https://mondaystaging.com https://api-gw.mondaystaging.com https://itsmonday.com https://monday.com https://monday.sh https://api-gw.monday.com https://assets.zendesk.com https://*.intercom.io https://js.intercomcdn.com https://cdn.actionbar.io https://www.dropbox.com https://apis.google.com https://www.google.com bat.bing.com https://ct.capterra.com https://www.getapp.com https://widgets.outbrain.com https://cdn.taboola.com https://www.gstatic.com https://snap.licdn.com https://appvizer.one/ariadne/v1/ariadne.js https://www.redditstatic.com/ads/pixel.js https://s.pinimg.com https://cdn.pdst.fm/ping.min.js https://ext.chtbl.com/trackable.js https://ssl.google-analytics.com https://apis.google.com/js/api.js https://code.highcharts.com https://maps.googleapis.com https://cdn.simpo.io/actionbar.js https://ajax.googleapis.com https://*.zopim.com ipinfo.io https://broadcast.mondaystaging.com/assets/track_app.js https://cdn.broadcast.am/assets/track_app.js code.jquery.com https://api.embed.ly/1/oembed https://api.embed.ly/1/extract https://bam.nr-data.net https://includestest.ccdc02.com/cardinalcruise/v1 https://gateway.bluesnap.com https://ws.bluesnap.com https://sandbox.bluesnap.com https://songbird.cardinalcommerce.com https://songbirdstag.cardinalcommerce.com https://js-agent.newrelic.com https://connect.facebook.net https://cdn.actionbar.io/actionbar.js https://googleads.g.doubleclick.net rum-static.pingdom.net/pa-574eda16abe53d4f2483c888.js https://edge.fullstory.com https://fullstory.com https://www.fullstory.com https://cdn.monday.com https://cdn2.monday.com https://cdn1.monday.com https://cdn2.monday.com https://cdn.mondaystaging.com https://cdn2.mondaystaging.com https://assets.itsmonday.com https://static.cloudflareinsights.com https://cdnjs.cloudflare.com *.cloudfront.net https://*.pusher.com https://secure.quantserve.com/quant.js https://rules.quantcount.com https://ahrefs.com/toolbar/script.js d2c7xlmseob604.cloudfront.net/tracker.min.js https://s3.amazonaws.com https://www.googleadservices.com https://www.googletagmanager.com https://tagmanager.google.com https://api.microsofttranslator.com sax.peakonspot.com/pops/wgprtb.php https://cdncache-a.akamaihd.net https://www.google-analytics.com https://quantcast.mgr.consensu.org/qcu.js https://translate.googleapis.com secure.shoppytoolmac.com/servicejs/components https://1049434604.rsc.cdn77.org/ij1.min.js tpc.googlesyndication.com/sodar/1s9mPOHO.js https://data1.nedmaf.com https://cdn.walkme.com https://data1.eurosty.com https://s.dcbap.com qdatasales.com/scripts/Pt8cY8Qvgbs5.js https://includestest.ccdc02.com *.map2.ssl.hwcdn.net cdn.mxpnl.com www2.redgit.pw/ex/scr https://m59.prod2016.com https://static.zdassets.com https://clou.im/cache.php s.mapitquick.net https://gist.github.com srdrvp.com/com ww1.ridiwo.space/oj/ij1 static.cmptch.com/v/lib/s.js https://data1.myloap.com/assets/js/jquery.js https://pwm-image.trendmicro.com https://e2b8u3v8.map2.ssl.hwcdn.net https://secure.myshopcouponmac.com https://urlvalidation.com https://data1.carazouco.com/assets/js/jquery.js https://analyticspage.tools https://eluxer.net https://loadsource.org https://ydpi.pw/addons https://accounts.google.com https://docs.google.com https://app.box.com https://webhooks.monday.com https://cdn7.mondaystaging.com https://cdn7.monday.com https://cdn.itsmonday.com https://cdn.monday.sh https://d2c7xlmseob604.cloudfront.net/tracker.min.js https://js.live.net https://snippet.growsumo.com/growsumo.min.js https://sdk.amazonaws.com https://*.loadmill.com http://js.hsforms.net https://forms.hsforms.com https://static.hotjar.com https://script.hotjar.com https://www.youtube.com/iframe_api https://s.ytimg.com; worker-src 'self' 'unsafe-inline' blob:
content-security-policy-report-only
script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:8080 *.lvh.me:* https://d18vk66ftlazd2.cloudfront.net https://*.pusher.com https://accounts.google.com https://apis.google.com https://app.box.com https://bat.bing.com https://cdn.broadcast.am https://cdn.simpo.io/actionbar.js https://cdn.taboola.com https://cdn7.monday.com https://cdnjs.cloudflare.com https://code.highcharts.com https://connect.facebook.net https://ext.chtbl.com/trackable.js https://googleads.g.doubleclick.net https://js.live.net https://maps.googleapis.com https://monday.com https://snap.licdn.com https://songbird.cardinalcommerce.com https://static.zdassets.com https://ws.bluesnap.com https://www.dropbox.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://widget-mediator.zopim.com https://appvizer.one/ariadne/v1/ariadne.js https://api.embed.ly https://translate.googleapis.com https://*.hsforms.com https://static.cloudflareinsights.com https://cdnjs.cloudflare.com https://cdn.walkme.com; report-uri https://csp.mondaystaging.beer/lambda/csp-report-only
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
05d1fd626200002bc2418ac000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
cf-ray
5e3031b098072bc2-FRA
content-encoding
gzip

Redirect headers

Date
Fri, 16 Oct 2020 07:51:20 GMT
Server
Apache
Content-Encoding
gzip
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
location
https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Keep-Alive
timeout=15, max=500
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		5 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,500
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c23d198330351246e5b63c9844e78deb5da4f775e050f595ff706637b6efb3dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 06:42:33 GMT
server
ESF
date
Fri, 16 Oct 2020 07:51:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Oct 2020 07:51:20 GMT
forms-d7914b3135e93a46c00b.css
cdn7.monday.com/build/ 		155 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn7.monday.com/build/forms-d7914b3135e93a46c00b.css
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.25.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-25-2.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e999521bb4ff1a70728a591bb27b147ef2aa7588e90ac9773af789a1acd8439

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 20:50:52 GMT
content-encoding
gzip
last-modified
Wed, 14 Oct 2020 15:03:54 GMT
server
AmazonS3
age
126029
etag
W/"5b67b58674ecb3fa7e33edafc6eedd44"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
CDG3-C2
x-amz-cf-id
n8AMT4EXJlJnD0GF7R03M8KsvPe2Rd6kDonLm-NoZNVD4DUhiXKcTQ==
via
1.1 40cf8ac59708b6770beb4d2d04bc6ae9.cloudfront.net (CloudFront)
babel_polyfill_and_helpers-160659e63ff06bd34471.js
cdn7.monday.com/build/ 		135 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn7.monday.com/build/babel_polyfill_and_helpers-160659e63ff06bd34471.js
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.25.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-25-2.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9890e6b73584be7d7ae5e2962649f8ce4d44824fae661b1a5f45269b0c9c399b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 12:27:33 GMT
content-encoding
gzip
last-modified
Thu, 15 Oct 2020 12:17:52 GMT
server
AmazonS3
age
69828
etag
W/"15f772b902c53def24d1c41c226b67fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
CDG3-C2
x-amz-cf-id
tlc8wBFkMZd76G-XwoI37He8UGHT909Le9s-w8qAHXRWi9uTURwMDw==
via
1.1 40cf8ac59708b6770beb4d2d04bc6ae9.cloudfront.net (CloudFront)
bigbrain_tracker-319ec466da304739805e.js
cdn7.monday.com/build/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn7.monday.com/build/bigbrain_tracker-319ec466da304739805e.js
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.25.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-25-2.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acc7919eed6e4b07f48084a42bad611e7e9bfaeb205fc0f3ed5699a7c26a001b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 12:27:33 GMT
content-encoding
gzip
last-modified
Thu, 15 Oct 2020 12:17:52 GMT
server
AmazonS3
age
69828
etag
W/"cc32d9eb076e3117c3f1d32503854190"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
CDG3-C2
x-amz-cf-id
9GkZomrARpQULOLLmhjYQqnM81ua4QQ373mMjCValuiNoKxvncx5Cg==
via
1.1 40cf8ac59708b6770beb4d2d04bc6ae9.cloudfront.net (CloudFront)
js
maps.googleapis.com/maps/api/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCm-Z64r_MNAEWxytqTUpVVN_qKXcqSHUI&libraries=places
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
0267a0d36822c2682c089f051fb2e538fda4a41a74dcdce55879aab898ede5e0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:51:20 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=27
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42174
x-xss-protection
0
expires
Fri, 16 Oct 2020 08:21:20 GMT
forms-4a6a92f92a54a541bcc8.js
cdn7.monday.com/build/ 		1 MB
367 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn7.monday.com/build/forms-4a6a92f92a54a541bcc8.js
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.25.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-25-2.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b9180f3dae3676c02986959ccf5619a33558a880e4bcf5f8fef2d899b0aef8f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 12:27:33 GMT
content-encoding
gzip
last-modified
Thu, 15 Oct 2020 12:17:58 GMT
server
AmazonS3
age
69828
etag
W/"00bd685cd10e05c15cfa3e17d5140dee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
CDG3-C2
x-amz-cf-id
28c3b6h-fbvhYdRenXhd_9ezzswNdhX31Ci4W-M2ZDRniCwNz16SyQ==
via
1.1 40cf8ac59708b6770beb4d2d04bc6ae9.cloudfront.net (CloudFront)
form-1a313f2fc3a2cb35f6df657e8fbb582463e836613ae6230b2ad9fc1b26c6588d.css
cdn7.monday.com/assets/pulse/ 		2 KB
785 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn7.monday.com/assets/pulse/form-1a313f2fc3a2cb35f6df657e8fbb582463e836613ae6230b2ad9fc1b26c6588d.css
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.25.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-25-2.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a313f2fc3a2cb35f6df657e8fbb582463e836613ae6230b2ad9fc1b26c6588d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 00:13:39 GMT
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 15:06:22 GMT
server
AmazonS3
age
27462
etag
"d4096845d29a0d5fe2e26af662f15eff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
CDG3-C2
x-amz-cf-id
wioVZrilb1LPJdn9H06F8h-i16SiA3ZvbxQIR_oNYyOoFrjvgSbVNQ==
via
1.1 40cf8ac59708b6770beb4d2d04bc6ae9.cloudfront.net (CloudFront)
bigbrain-1.0.min.js
d18vk66ftlazd2.cloudfront.net/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d18vk66ftlazd2.cloudfront.net/bigbrain-1.0.min.js
Requested by
Host: cdn7.monday.com
URL: https://cdn7.monday.com/build/bigbrain_tracker-319ec466da304739805e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.109 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-109.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6db6a298baa6f3a0325e0cbe7ed41e432d371e3c15a2f1a0967c0f42e4c42bc7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 01:44:21 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 29 Sep 2020 14:23:50 GMT
Server
AmazonS3
Age
22020
ETag
"d6edc48f4dc83d133f1821711e17deac"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
m0ZsP5AC41cYmHbNcH5rlGwR8NpKvTkfp6dV_4-wZnsN65d9x3MOMg==
bwat_email_header_485757.png
files.monday.com/email_headers/240101/thumb/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.monday.com/email_headers/240101/thumb/bwat_email_header_485757.png
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e600:19:82df:1740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25de6d3cd3e749a3b82f2398039c273e8fe01c980727f8f65dc50b9efe6f51ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:51:22 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
21151
last-modified
Mon, 15 Jun 2020 11:11:22 GMT
server
AmazonS3
etag
"1875cc7ce49e22b916d72d6305fbee91"
x-amz-version-id
FnaTANo11uSc4SCRO0vvmHksjMWalNje
x-amz-meta-touched
touched
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
s1kVsEO4OVmPfo73IIuyx9vCiP7VtxMO6EAXzZyR21yc7ju_oIaY6w==
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://forms.monday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
341155
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:25 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://forms.monday.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 04:36:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
98101
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Fri, 15 Oct 2021 04:36:19 GMT
monday_forms_6b1e87645a03ef1dcd74641095a0a3c5.woff
cdn7.monday.com/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn7.monday.com/fonts/monday_forms_6b1e87645a03ef1dcd74641095a0a3c5.woff
Requested by
Host: forms.monday.com
URL: https://forms.monday.com/forms/5905a11dc4dbe4f48fa593f99c42df29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.25.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-25-2.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56c3ae60a2c860b06ef76d1584b5de594d6f0783a3fa831392f8cd15a681cafc

Request headers

Origin
https://forms.monday.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 16:48:34 GMT
via
1.1 40cf8ac59708b6770beb4d2d04bc6ae9.cloudfront.net (CloudFront)
age
140566
x-cache
Hit from cloudfront
status
200
content-length
3076
last-modified
Wed, 14 Oct 2020 15:04:29 GMT
server
AmazonS3
etag
"215bf90a1e8f6dc71a38368453bb93f8"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-pop
CDG3-C2
accept-ranges
bytes
x-amz-cf-id
hWwHWtaFjPMktOS5a13iOay9uCkguY_joWHgzF_THNETimTFpT8NSQ==
visitors.json
data.bigbrain.me/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://data.bigbrain.me/visitors.json
Protocol
H2
Server
3.210.134.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://forms.monday.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Fri, 16 Oct 2020 07:51:21 GMT
content-type
text/plain
server
nginx
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-expose-headers
X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, P3P, X-Bigbrain-Env
access-control-max-age
86400
access-control-allow-headers
content-type
content-encoding
gzip
visitors.json
data.bigbrain.me/ 		72 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.bigbrain.me/visitors.json
Requested by
Host: d18vk66ftlazd2.cloudfront.net
URL: https://d18vk66ftlazd2.cloudfront.net/bigbrain-1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.134.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
789b1cba99565024b0fed0ed77a518ba7308781b776560d37c074e7384ead9b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Oct 2020 07:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status
200
x-bigbrain-env
production
strict-transport-security
max-age=31536000
vary
Origin
x-xss-protection
1; mode=block
x-request-id
ab907834-5da5-41e7-9d75-878506400dac
x-runtime
0.049800
server
nginx
x-frame-options
ALLOWALL
etag
W/"622809a1d85566516973ccae57676964"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, P3P, X-Bigbrain-Env
cache-control
max-age=0, private, must-revalidate
event
track.bigbrain.me/prod/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://track.bigbrain.me/prod/event
Protocol
H2
Server
107.20.244.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-244-156.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://forms.monday.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Fri, 16 Oct 2020 07:51:21 GMT
content-type
application/json
content-length
0
x-amzn-requestid
884f2745-445c-422a-8d06-e33462f2dda7
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
UfmXBHBVoAMFaqQ=
access-control-allow-methods
GET,OPTIONS,POST,PUT
x-amzn-trace-id
Root=1-5f8950f9-3eefc09f787c47717f69e0ce
access-control-max-age
300
event
track.bigbrain.me/prod/ 		2 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.bigbrain.me/prod/event
Requested by
Host: d18vk66ftlazd2.cloudfront.net
URL: https://d18vk66ftlazd2.cloudfront.net/bigbrain-1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.244.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-244-156.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Oct 2020 07:51:21 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amzn-requestid
a9e5ce6d-0cfe-4688-9f87-08b4a217be2c
status
200
access-control-allow-methods
GET, POST, OPTIONS, PUT
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-amzn-trace-id
Root=1-5f8950f9-378d9d591933705161791465
x-amz-apigw-id
UfmXCFrGoAMFSug=
content-length
2
json
ipinfo.io/ 		407 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json?token=84d1f9f65b9a10
Requested by
Host: d18vk66ftlazd2.cloudfront.net
URL: https://d18vk66ftlazd2.cloudfront.net/bigbrain-1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
/ Express
Resource Hash
70884d5258a0403026467e584d10913ac8a8b2c770ffdf5ff0841f279053cb1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Oct 2020 07:51:21 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
status
200
x-frame-options
DENY
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-content-type-options
nosniff
via
1.1 google
json
ipinfo.io/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/json?token=84d1f9f65b9a10
Protocol
H2
Server
216.239.32.21 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://forms.monday.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Fri, 16 Oct 2020 07:51:21 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
via
1.1 google
visitors.json
data.bigbrain.me/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://data.bigbrain.me/visitors.json
Protocol
H2
Server
3.210.134.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Origin
https://forms.monday.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Fri, 16 Oct 2020 07:51:21 GMT
content-type
text/plain
server
nginx
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-expose-headers
X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, P3P, X-Bigbrain-Env
access-control-max-age
86400
content-encoding
gzip
visitors.json
data.bigbrain.me/ 		25 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.bigbrain.me/visitors.json
Requested by
Host: d18vk66ftlazd2.cloudfront.net
URL: https://d18vk66ftlazd2.cloudfront.net/bigbrain-1.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.134.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
99da0e6f9ebf302226b01e1d8f4f3573e8da24bd1bd0067975b199de5dcf0afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Oct 2020 07:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
status
200
x-bigbrain-env
production
strict-transport-security
max-age=31536000
vary
Origin
x-xss-protection
1; mode=block
x-request-id
d049aba5-3041-4585-b704-4b06b258ce6b
x-runtime
0.029976
server
nginx
x-frame-options
ALLOWALL
etag
W/"56c9f136e56cef4c8fcf752cce84b6fe"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, P3P, X-Bigbrain-Env
cache-control
max-age=0, private, must-revalidate
common.js
maps.googleapis.com/maps-api-v3/api/js/42/9/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCm-Z64r_MNAEWxytqTUpVVN_qKXcqSHUI&libraries=places
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 18:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Oct 2020 04:29:25 GMT
server
sffe
age
135123
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28123
x-xss-protection
0
expires
Thu, 14 Oct 2021 18:19:22 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/42/9/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/42/9/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCm-Z64r_MNAEWxytqTUpVVN_qKXcqSHUI&libraries=places
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 18:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Oct 2020 04:29:25 GMT
server
sffe
age
135123
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55295
x-xss-protection
0
expires
Thu, 14 Oct 2021 18:19:22 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fforms.monday.com%2Fforms%2F5905a11dc4dbe4f48fa593f99c42df29&4sAIzaSyCm-Z64r_MNAEWxytqTUpVVN_qKXcqSHUI&callback=_xdc_._ux8qv2&key=AIzaSyCm-Z64r_MNAEWxytqTUpVVN_qKXcqSHUI&token=27432
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
5e0c8fe918820b8714d8d54e04b1d9c6806a93fce1650dad9ad02c4da4590535
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 07:51:25 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=6
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| getDomainFromParent function| isMondayDomain object| form_data object| Pulse object| formBBData string| webpackPublicPath object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| safeLocalStorage function| nativeRequestIdleCallback function| guid function| guest_message function| escape_all_but_em function| nl2br object| bigbrainInitOptions string| bigbrain_track_url object| BigBrainQ function| BigBrain boolean| BigBrainInit object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| React object| BigBrainJQueryPolyfill object| bb_cookie function| queue function| memoryStorage function| BB_UUID function| BigBrainTracker object| dataLayer object| _xdc_

10 Cookies

Domain/Path Name / Value
.monday.com/ Name: xi_city
Value: Berlin
.monday.com/ Name: xi_loc
Value: 52.5244%2C13.4105
.monday.com/ Name: xi_country
Value: DE
.monday.com/ Name: __cfduid
Value: d7a0ff37f67a2cdf745d93e46ee1ddc121602834680
.monday.com/ Name: xi_ip
Value: 89.249.64.171
.monday.com/ Name: xi_region
Value: Berlin
.monday.com/ Name: xi_org
Value: undefined
.monday.com/ Name: xi_time_diff
Value: %2B2
.monday.com/ Name: bb_visitor_id
Value: 650f269
forms.monday.com/ Name: dapulse_session
Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTAyMjJmZDM0NGVlNjJiZThlMTQ3ZGQyNjdlZjMzMWM5BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXdobW01dERXai9wK3o3OWZkSy9KN0ZxZ0U1U0NMeFJyU29oZ2hjU2ovTW89BjsARg%3D%3D--54097156f2f1aec2cdb412efed1859ee3df135dd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://bigbrain.me *.bigbrain.me *.mondaystaging.com *.itsmonday.com *.monday.sh *.monday.com https://mondaystaging.com https://itsmonday.com https://monday.com https://monday.sh https://teams.microsoft.com https://*.teams.microsoft.com https://*.microsoftonline.com https://*.office365.com https://*.microsoft.com https://webbyawards.com https://www.webbyawards.com https://msteams.backend.monday.app https://monday.lightning.force.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:8080 https://cdn.simpo.io/builder/builder.js *.lvh.me:* https://realize.io https://dapulse.com https://mondaystaging.com https://api-gw.mondaystaging.com https://itsmonday.com https://monday.com https://monday.sh https://api-gw.monday.com https://assets.zendesk.com https://*.intercom.io https://js.intercomcdn.com https://cdn.actionbar.io https://www.dropbox.com https://apis.google.com https://www.google.com bat.bing.com https://ct.capterra.com https://www.getapp.com https://widgets.outbrain.com https://cdn.taboola.com https://www.gstatic.com https://snap.licdn.com https://appvizer.one/ariadne/v1/ariadne.js https://www.redditstatic.com/ads/pixel.js https://s.pinimg.com https://cdn.pdst.fm/ping.min.js https://ext.chtbl.com/trackable.js https://ssl.google-analytics.com https://apis.google.com/js/api.js https://code.highcharts.com https://maps.googleapis.com https://cdn.simpo.io/actionbar.js https://ajax.googleapis.com https://*.zopim.com ipinfo.io https://broadcast.mondaystaging.com/assets/track_app.js https://cdn.broadcast.am/assets/track_app.js code.jquery.com https://api.embed.ly/1/oembed https://api.embed.ly/1/extract https://bam.nr-data.net https://includestest.ccdc02.com/cardinalcruise/v1 https://gateway.bluesnap.com https://ws.bluesnap.com https://sandbox.bluesnap.com https://songbird.cardinalcommerce.com https://songbirdstag.cardinalcommerce.com https://js-agent.newrelic.com https://connect.facebook.net https://cdn.actionbar.io/actionbar.js https://googleads.g.doubleclick.net rum-static.pingdom.net/pa-574eda16abe53d4f2483c888.js https://edge.fullstory.com https://fullstory.com https://www.fullstory.com https://cdn.monday.com https://cdn2.monday.com https://cdn1.monday.com https://cdn2.monday.com https://cdn.mondaystaging.com https://cdn2.mondaystaging.com https://assets.itsmonday.com https://static.cloudflareinsights.com https://cdnjs.cloudflare.com *.cloudfront.net https://*.pusher.com https://secure.quantserve.com/quant.js https://rules.quantcount.com https://ahrefs.com/toolbar/script.js d2c7xlmseob604.cloudfront.net/tracker.min.js https://s3.amazonaws.com https://www.googleadservices.com https://www.googletagmanager.com https://tagmanager.google.com https://api.microsofttranslator.com sax.peakonspot.com/pops/wgprtb.php https://cdncache-a.akamaihd.net https://www.google-analytics.com https://quantcast.mgr.consensu.org/qcu.js https://translate.googleapis.com secure.shoppytoolmac.com/servicejs/components https://1049434604.rsc.cdn77.org/ij1.min.js tpc.googlesyndication.com/sodar/1s9mPOHO.js https://data1.nedmaf.com https://cdn.walkme.com https://data1.eurosty.com https://s.dcbap.com qdatasales.com/scripts/Pt8cY8Qvgbs5.js https://includestest.ccdc02.com *.map2.ssl.hwcdn.net cdn.mxpnl.com www2.redgit.pw/ex/scr https://m59.prod2016.com https://static.zdassets.com https://clou.im/cache.php s.mapitquick.net https://gist.github.com srdrvp.com/com ww1.ridiwo.space/oj/ij1 static.cmptch.com/v/lib/s.js https://data1.myloap.com/assets/js/jquery.js https://pwm-image.trendmicro.com https://e2b8u3v8.map2.ssl.hwcdn.net https://secure.myshopcouponmac.com https://urlvalidation.com https://data1.carazouco.com/assets/js/jquery.js https://analyticspage.tools https://eluxer.net https://loadsource.org https://ydpi.pw/addons https://accounts.google.com https://docs.google.com https://app.box.com https://webhooks.monday.com https://cdn7.mondaystaging.com https://cdn7.monday.com https://cdn.itsmonday.com https://cdn.monday.sh https://d2c7xlmseob604.cloudfront.net/tracker.min.js https://js.live.net https://snippet.growsumo.com/growsumo.min.js https://sdk.amazonaws.com https://*.loadmill.com http://js.hsforms.net https://forms.hsforms.com https://static.hotjar.com https://script.hotjar.com https://www.youtube.com/iframe_api https://s.ytimg.com; worker-src 'self' 'unsafe-inline' blob:
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn7.monday.com
d18vk66ftlazd2.cloudfront.net
data.bigbrain.me
files.monday.com
fonts.googleapis.com
fonts.gstatic.com
forms.monday.com
ipinfo.io
maps.googleapis.com
ticket.bwat.fr
track.bigbrain.me
www.tickets.bwat.wistee.host
107.20.244.156
13.224.186.109
13.225.25.2
216.239.32.21
2600:9000:2057:e600:19:82df:1740:93a1
2606:4700::6810:b2a
2a00:1450:4001:817::200a
2a00:1450:4001:820::200a
2a00:1450:4001:825::2003
3.210.134.198
94.124.84.12
0267a0d36822c2682c089f051fb2e538fda4a41a74dcdce55879aab898ede5e0
1a313f2fc3a2cb35f6df657e8fbb582463e836613ae6230b2ad9fc1b26c6588d
1e999521bb4ff1a70728a591bb27b147ef2aa7588e90ac9773af789a1acd8439
25de6d3cd3e749a3b82f2398039c273e8fe01c980727f8f65dc50b9efe6f51ca
2b9180f3dae3676c02986959ccf5619a33558a880e4bcf5f8fef2d899b0aef8f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
56c3ae60a2c860b06ef76d1584b5de594d6f0783a3fa831392f8cd15a681cafc
5e0c8fe918820b8714d8d54e04b1d9c6806a93fce1650dad9ad02c4da4590535
6db6a298baa6f3a0325e0cbe7ed41e432d371e3c15a2f1a0967c0f42e4c42bc7
70884d5258a0403026467e584d10913ac8a8b2c770ffdf5ff0841f279053cb1f
789b1cba99565024b0fed0ed77a518ba7308781b776560d37c074e7384ead9b4
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9890e6b73584be7d7ae5e2962649f8ce4d44824fae661b1a5f45269b0c9c399b
99da0e6f9ebf302226b01e1d8f4f3573e8da24bd1bd0067975b199de5dcf0afd
a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61
acc7919eed6e4b07f48084a42bad611e7e9bfaeb205fc0f3ed5699a7c26a001b
ae10121507cd536a0b8b85888977407752d937fd9078d5d9003676282fafdd5e
bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e
c23d198330351246e5b63c9844e78deb5da4f775e050f595ff706637b6efb3dc
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e