freeforms.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Effective URL:
https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Submission: On February 01 via manual (February 1st 2023, 9:08:27 pm UTC) from US — Scanned from NL

Summary HTTP 67 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 67 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is freeforms.com. The Cisco Umbrella rank of the primary domain is 662995.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 3rd 2022. Valid for: a year.

This is the only time freeforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	169.150.247.35 169.150.247.35	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	52.206.2.160 52.206.2.160	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
67	12

11 2a06:98c1:3120::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freeforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 169.150.247.35 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-35.datapacket.com

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.2.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-2-160.compute-1.amazonaws.com

eforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	wpmucdn.com hb.wpmucdn.com — Cisco Umbrella Rank: 34443	121 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
11	freeforms.com 1 redirects freeforms.com — Cisco Umbrella Rank: 662995	196 KB
8	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1468 ka-f.fontawesome.com — Cisco Umbrella Rank: 2791	313 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	75 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	206 KB
2	eforms.com eforms.com — Cisco Umbrella Rank: 116870	15 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
67	9

	Domain	Requested by
19	hb.wpmucdn.com	freeforms.com
11	freeforms.com	1 redirects freeforms.com hb.wpmucdn.com
8	www.gstatic.com	www.google.com www.gstatic.com
7	ka-f.fontawesome.com	kit.fontawesome.com
6	www.google.com	freeforms.com www.gstatic.com www.google.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	freeforms.com www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	eforms.com	freeforms.com eforms.com
2	fonts.googleapis.com	freeforms.com
1	region1.google-analytics.com	www.googletagmanager.com
1	kit.fontawesome.com	freeforms.com
67	12

This site contains links to these domains. Also see Links.

Domain
www.law.cornell.edu
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-03` - `2023-11-03`	a year	crt.sh
*.wpmucdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-14` - `2023-04-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
eforms.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-16` - `2023-03-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Frame ID: 15B96300276E2ECE3D91AD49A58568BE
Requests: 51 HTTP requests in this frame

Frame: https://eforms.com/widget/410
Frame ID: FA7807002F0FD5A0AF6D0376B26ABA4C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho&co=aHR0cHM6Ly9mcmVlZm9ybXMuY29tOjQ0Mw..&hl=nl&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=inline&cb=97oqmd1xg98u
Frame ID: 36C9708C90AA943F4B16A52667B1CC33
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho
Frame ID: 1302CA7354503E87B45799888A628853
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Escrow Holdback Agreement Addendum | PDF | WORD

Page URL History Show full URLs

http://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/ HTTP 301
https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

67
Requests

100 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

2269 kB
Transfer

3208 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.law.cornell.edu/cfr/text/26/1.468B-7
Title: 26 CFR § 1.468B-7

Search URL Search Domain Scan URL

URL: https://www.facebook.com/freeformsllc

Search URL Search Domain Scan URL

URL: https://twitter.com/freeformsllc

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/ HTTP 301
https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Redirect Chain

http://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/

56 KB
14 KB

1036ms
989ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06f5eb6e61f76d35f5a897820d954c396b8ea4f5a9fe23be55590e56d06809c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 792da96e8a22bb35-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 21:08:21 GMT
expires: Wed, 01 Feb 2023 21:18:21 GMT
link: <https://freeforms.com/wp-json/>; rel="https://api.w.org/" <https://freeforms.com/wp-json/wp/v2/pages/13910>; rel="alternate"; type="application/json" <https://freeforms.com/?p=13910>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdfeYHA%2FMWExGuykNATuN6Tl9Xu8dhrghStOi2TzzJN1dwBQH%2B8GnfiU5xCWYlzOTx0BdEl1Fzye0YWDOvVpUye1VXBSyYpa%2BSBpRspMgnxNt5qCYP3PE9pJUNxFyG3NyhKnws4YdhQnS3ce"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 792da96e0a262baa-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 01 Feb 2023 21:08:20 GMT
Expires: Wed, 01 Feb 2023 22:08:20 GMT
Location: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usU91b%2Bb0%2BUYvCTBhO8M3ItVWCH3kn2PICDtxS87APWBaYH4IDUAvnV2t9A4ATq5mUoo5byJ3zZ3YkI%2BEVTwCEUd6YCZbgCCzEavugNeEW6VHmPXyKNR%2BeMcXxnrblK4sVD0ssF7uHR2Vrws"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 285cafeb-d13c-4e00-8c2d-0590aab13c73.css
hb.wpmucdn.com/freeforms.com/ 93 KB
15 KB 112ms
42ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/285cafeb-d13c-4e00-8c2d-0590aab13c73.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: c268874e92d3a10804bb3b6bc60da8f75fe297f64e68a2dd819c8da335bcacf7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 752
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:20:31
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:20:12 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=94889
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6aa5470297a9e84ba83197e6f02fe24e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 859242d6119955eedd8cae0f18eea1a9
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 574d8669-456b-44cd-b891-9075ea7c479c.css
hb.wpmucdn.com/freeforms.com/ 253 B
973 B 90ms
19ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/574d8669-456b-44cd-b891-9075ea7c479c.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 18439ed94997e312fb1c7498286666223c12d192a1da7e3e1f2dd48a3d963b3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 1053
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:20:31
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:20:13 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=217
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"7dff908feb07876cce0941c1b01c6541"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bf2e381d5e546e47a8ff1931b98662f1
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8b3c9591-bdfc-4466-82f7-67bcc280d419.css
hb.wpmucdn.com/freeforms.com/ 5 KB
2 KB 90ms
20ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/8b3c9591-bdfc-4466-82f7-67bcc280d419.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 9e96722fdf3c75aa6313ec53fc127d90f739e528c86d11f02a8944ca0e96f772

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 1053
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:20:31
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:20:13 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=5334
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"4fceadf524dfee6d8533bd2567a3f65e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1f8aff22aed24908f20e56034c770419
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ef0e4544-28fc-495d-8866-8fc03cc58453.css
hb.wpmucdn.com/freeforms.com/ 36 KB
10 KB 117ms
47ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/ef0e4544-28fc-495d-8866-8fc03cc58453.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 0d91ba05ea78c2921b1b47681e73aaeb4103f90e8c70b17d6c1b15f1364b9a88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 722
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:20:31
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:20:14 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=5.0%, origSize=38354
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"0a0a3a23e34d749aa6392cfbf081cff5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 99e35b666442db9ac7cbb0a78d0592b9
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cf5cf252-41ad-46b3-83a4-ee5a54fb160b.css
hb.wpmucdn.com/freeforms.com/ 8 KB
3 KB 113ms
43ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/cf5cf252-41ad-46b3-83a4-ee5a54fb160b.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 7874a9c3d56bd5fea4692a8254f477cbfae474c34082153fc4e1af917bf4924f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 860
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:20:31
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:20:14 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=4.4%, origSize=8969
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"836e8daaa512a09a64b816afb666c49a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c408818b22d7332fc001eee2b64d19d3
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 506b411e-8eb6-49fa-b49e-78a626531479.css
hb.wpmucdn.com/freeforms.com/ 24 KB
5 KB 119ms
49ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/506b411e-8eb6-49fa-b49e-78a626531479.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: f2c60e3be5282b79eaee79d2a0d658d160b18a133af019bbee9029780cb20c05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 860
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:20:31
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:20:15 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=22538
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"3bd379a21b8f666aff01bccceca19da3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c94224792c7d5bf3a286b4cf9846eba2
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 78ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:300|Raleway:500&subset=latin

Requested by

Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a0948a23d7e87b4775f88ff7cd5ddfc4f0e033c32ee1ce6f6360a527392f072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 21:08:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 21:08:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
703 B 79ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans

Requested by

Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 21:06:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Feb 2023 21:08:21 GMT

GET
H2 200 new-logo.svg
freeforms.com/wp-content/uploads/2017/10/ 3 KB
2 KB 28ms
27ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freeforms.com/wp-content/uploads/2017/10/new-logo.svg
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 072cd0853465fd38f5ce1385eb0f7799eb7468bddca7217e684a11b562514e23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2017 17:28:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 566703
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4b88pvT3NFxW2OdPe4dE2kTtd0lv5bNXSs1%2Fn27NJKGk%2B%2FqaDi3X72qUwy%2BCOT438rsTKFesj7M4X5%2FCRODDdCpTlEULV1ldP9%2BIC7EsK9R%2FOaN9Ba3bvC3k%2FYfVR0r%2FlTJ5A513AxP3aTo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 792da974ebebbb35-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Feb 2023 07:43:18 GMT

GET
H2 200 1d00e2ae-6176-4570-ae60-775217a875ba.css
hb.wpmucdn.com/freeforms.com/ 2 KB
1 KB 61ms
21ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/1d00e2ae-6176-4570-ae60-775217a875ba.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: fddf11f4d2eb352a85ee0e56e3cc0693a85037c012819d8872708a21d269b610

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 1047
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:21:20 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=18.3%, origSize=2645
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"b8d45a04700ed274d8a6fa67c882ea1c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 72a593880043d4eedde8df508608a306
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 c8f751ad-5301-42f1-913e-c80e41d1ec32.css
hb.wpmucdn.com/freeforms.com/ 435 B
1 KB 39ms
38ms Stylesheet
text/css 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/c8f751ad-5301-42f1-913e-c80e41d1ec32.css
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 0b6e84934ae49d9d93323860c8151e126d9cf5b92df46ae5312064a0a135cc71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: br
cdn-edgestorageid: 1076
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:21:20 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=25.2%, origSize=551
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"cd74bcc5bd6f106d7c0d89a6f4eaffbe"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: aeb156f5877f90accc0abe0477aedcc4
cdn-requestcountrycode: NL
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 rocket-loader.min.js Show response
freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
22ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 14:59:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63d7db5d-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnKyI3AouRsaurNIgj2FiMBGs47QvTjneUleVSUHz7vW3Part6eZRt2vf5XE7kEawB%2FVJfNsoKI%2BbWO%2FscHu6uXTzJ1fz0uke%2BvwoSF6SDkDNiRLY8bSfFaJaxnvulkMIBvUTBNeJkFSmALl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 792da974ebeebb35-FRA
expires: Fri, 03 Feb 2023 21:08:21 GMT

GET
H3 200 nobg.png
freeforms.com/wp-content/themes/mts_schema/images/ 68 B
599 B 397ms
397ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freeforms.com/wp-content/themes/mts_schema/images/nobg.png
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
cf-cache-status: BYPASS
last-modified: Thu, 15 Feb 2018 08:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,User-Agent,Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrzpdYTjFySm9KoRIKI1vfuqljl0KzVRK2EF6UUSNcefFpcyybY4miYhrr7WTrN3z88yttnFgJzsvbc%2Fwwk9%2BVrdMUELT1T4bbSGpAJMtDybHlih2KFss%2FKKxfxqq1AwHCkAqy1hPXnKhs9o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 792da9757e509b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
expires: Fri, 03 Mar 2023 21:08:22 GMT

GET
H3 200 Escrow-Holdback-Agreement-Addendum-760x1024.png
freeforms.com/wp-content/uploads/2019/10/ 154 KB
155 KB 624ms
623ms Image
image/webp 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freeforms.com/wp-content/uploads/2019/10/Escrow-Holdback-Agreement-Addendum-760x1024.png
Requested by: Host: freeforms.com
URL: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43ecd6bfbb345f7fb2a8282018a7955d7eb0ea574c37aa240d25f23c0843690

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
cf-cache-status: BYPASS
last-modified: Mon, 04 Jan 2021 13:56:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,User-Agent,Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FbIwf5YIiw1N34Ab6LB2S5RkL6Guum5PLmMvVZLqrIwN5mKAIlOB%2BxCGm8lKZy2aduX9S9TA7Qgr7MfSn63Uckb2TtaKmzrJNjbc2otFgdOh%2Fx7PgpBNQqnZH61OqBYK7kIi%2BtyF15gHlZD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 792da9758e6b9b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 157922
expires: Thu, 01 Feb 2024 21:08:22 GMT

GET
H2 200 d888a76b-8d40-46a7-98b3-44e583c63d8b.js Show response
hb.wpmucdn.com/freeforms.com/ 7 KB
2 KB 21ms
21ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/d888a76b-8d40-46a7-98b3-44e583c63d8b.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: c06191d67d84b39bb47cad1c540a9052bb2a12a8772c98d4e6f4ad62220e6cba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 874
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 14:29:21
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:22:28 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=40.7%, origSize=12504
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"4f1934f695c54dbee6db3780b7be85cf"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 9b3ff585bf2f533d94c3473c54fec72a
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1b2e76b0-3af5-4d61-998d-b525931fc667.js Show response
hb.wpmucdn.com/freeforms.com/ 2 KB
1 KB 20ms
19ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/1b2e76b0-3af5-4d61-998d-b525931fc667.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 751f6b8218f334b4e6833ea06c39d9d3b68405b073d0b8efff56365ca7c95313

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1079
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:22:27 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=2041
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"43f4e0375629ece0084e51be2e5762a0"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 62c8006490c6489ec61a2cac9404c02d
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 3e2928e9-8229-4970-bc73-750f00a5761f.js Show response
hb.wpmucdn.com/freeforms.com/ 7 KB
3 KB 20ms
19ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/3e2928e9-8229-4970-bc73-750f00a5761f.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 55635fac4b016e66cfb17fb7a61021b3886e7b821e3a6e67f754d640a6237055

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 723
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:22:26 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=6657
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"66e940aae34cf785c36df6e1af379670"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: fa5ca5a18f561d7246daaf529ec79422
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 23b65e14-1b64-47c0-b466-897957f44b6e.js Show response
hb.wpmucdn.com/freeforms.com/ 23 KB
7 KB 22ms
20ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/23b65e14-1b64-47c0-b466-897957f44b6e.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 566506cb0e91db026ae19f11ba4241c42f4d20361c405b815450d4f2e751b2d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1076
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:22:26 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=23433
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"2b6cfd52c66c7626a4b2b781c084a30f"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 1ce8368f748f340098e6769960001c96
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 d9191e6b-6396-4e6d-89a7-daaaec0e924d.js Show response
hb.wpmucdn.com/freeforms.com/ 1 KB
1001 B 43ms
42ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/d9191e6b-6396-4e6d-89a7-daaaec0e924d.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 7ddfea082d627186946f29c34f8f902c89d10c5a8ba6ae34568e6ad8c75d80d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 863
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:22:25 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=1050
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"a10b1681053aa6dd73ba08b254718514"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 2e989e4ee54f0163ee78e8e9d82b5ecb
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dcc27717-22ac-4003-8282-08691c28bb3a.js Show response
hb.wpmucdn.com/freeforms.com/ 167 B
681 B 38ms
35ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/dcc27717-22ac-4003-8282-08691c28bb3a.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: a5250054a22da472c3ddbc3f9e9f63487f96cb1af95de1c3c78c66b615b64ed9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1075
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:21:20 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=133
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"474bf47c55cb95e4827ce7b2b379ef5d"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 541baa5d107ea53d83af369040e6ceed
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
900 B 115ms
43ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&ver=5.8.4

Requested by

Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51c2faad4b2189d5960bcb92cf824fcd09918537847b0e5a239200b8fbd4824b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580
x-xss-protection: 1; mode=block
expires: Wed, 01 Feb 2023 21:08:22 GMT

GET
H2 200 widget Show response
eforms.com/ 928 B
1 KB 325ms
99ms Script
application/javascript 52.206.2.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eforms.com/widget
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.206.2.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-2-160.compute-1.amazonaws.com
Software: nginx /
Resource Hash: dffcf4609016d0d9af99839b25bf3bb2e45ca21e94a8c672f927a13f895e2014

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
last-modified: Wed, 01 Feb 2023 20:02:22 GMT
server: nginx
etag: "63dac54e-3a0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 928

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 107ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-93951612-1

Requested by

Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40406baf21745bc2bf496e338dec4bba746c4534b2c27900e9034559652720d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Feb 2023 21:08:22 GMT

GET
H3 200 custom-forms.js Show response
freeforms.com/wp-content/themes/mts_schema/js/ 3 KB
2 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeforms.com/wp-content/themes/mts_schema/js/custom-forms.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575d61b2158dd420c2241ee9cc1324a11d6bdb424062a35108520d32f6f7f226

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2173077
cf-polished: origSize=5814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Feb 2022 19:00:55 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ve%2BaTqkj8NnEmo%2FVoj7C7SHmZHaWdLamRG7O5VwIHssVTE8mfXwZDLowcj%2BjqGC6Zor7ArmVJmQjdiPjdhyGPNFsQbt%2BR90prlY4g%2F0%2FEQMfUwotW6BdNSEL%2BebRwmwRNc2czVTS1X8vZEB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 792da9759e7d9b5d-FRA
expires: Mon, 06 Feb 2023 17:30:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 81ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112464667-1

Requested by

Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

884d9178fbbbb5ec6c492d5d8b8a7f8addd063ae82e45c07337c0561925d86ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Feb 2023 21:08:22 GMT

GET
H2 200 0cfe6198-6819-422b-8fab-10bd95d551a2.js Show response
hb.wpmucdn.com/freeforms.com/ 81 KB
25 KB 25ms
23ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/0cfe6198-6819-422b-8fab-10bd95d551a2.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 2aab12b28607701bdd2122bd003812b75a0e8c0392c354a819887da2efe37e8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 865
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:21:19 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=29528
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"b69d434588ff8d2ec8c8a2fd4e78c879"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 696dc89d6bb27147ebe0d30a2b039cdf
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 webviewer.min.js Show response
freeforms.com/wp-content/themes/mts_schema/pdf-tron/lib/ 26 KB
9 KB 28ms
27ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeforms.com/wp-content/themes/mts_schema/pdf-tron/lib/webviewer.min.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c85358f3c91f4c4b75fa0c310cb031926e1bc0970f859e74b6e9cb82e0057361

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Feb 2022 13:46:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2173077
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FOFrcRu30RfnOBAO3cpFVa3RGzjE6TNCrv8Wlqz6B93b%2BsM8dNVNgIX1nnT6PPbubk9Vtsmd%2BBsN1HvdEToluYU%2BJpC4zUjWEdIrWT0nhtHZkoCabz976O9o2CRQzD3%2BPNpxU38n1e2b1iv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 792da9759e809b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 17:30:25 GMT

GET
H2 200 10d4a3b2-c34a-4123-9703-bcbd9b8158f8.js Show response
hb.wpmucdn.com/freeforms.com/ 8 KB
3 KB 29ms
27ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/10d4a3b2-c34a-4123-9703-bcbd9b8158f8.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 3f06148a604423d3337144d96dc825facf9e277bf4fff9c8336642a13a44f099

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1077
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:21:18 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=8509
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"20340eeaef8ae95b2e9cc4e4964fc0f3"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 946528c7b2b13588a590ef44cbe1afc3
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 2ba0e0fb-aed8-4bd0-bd0b-bfbe96c5957f.js Show response
hb.wpmucdn.com/freeforms.com/ 2 KB
1 KB 31ms
29ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/2ba0e0fb-aed8-4bd0-bd0b-bfbe96c5957f.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 433c3e5e27085c7fd5f19396172d84263c6526c074611e03fe1716045c71abf1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1049
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:21:18 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=1537
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"2d7ef25d4a28cf1a94c215400147f7e4"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 0a3a915e1b168f21217f614a243f90b2
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bb117a16-d352-4e7a-ae66-2de63e724d8f.js Show response
hb.wpmucdn.com/freeforms.com/ 11 KB
5 KB 30ms
28ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/bb117a16-d352-4e7a-ae66-2de63e724d8f.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: 5e396a9139b035f0e38a298aba6c15e04286b81c55dc253b25f248ebdd85c42e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1053
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:23:02
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:21:17 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=11224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"4f7825414e6f08fa9d1390b18d0999b5"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: f440f60b07d6f13028b46ea93d578f64
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 61cd9c42-7d46-4775-9703-82736d65e7c9.js Show response
hb.wpmucdn.com/freeforms.com/ 88 KB
33 KB 34ms
33ms Script
application/javascript 169.150.247.35
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/freeforms.com/61cd9c42-7d46-4775-9703-82736d65e7c9.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-35.datapacket.com
Software: BunnyCDN-DE1-1078 /
Resource Hash: d5123c261cf3b0213bed44bd197869803a2595bd2c2c376e7dffa8f28fc6bbb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/01/2023 13:20:32
cdn-pullzone: 1101156
last-modified: Wed, 01 Feb 2023 13:20:15 GMT
server: BunnyCDN-DE1-1078
x-amz-meta-hb-minify: minify=0.0%, origSize=89684
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"38f548588e37cbd596025594dd794ab0"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 6d63712cd179690b169520059aaaa62f
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 DOMPurify.min.js Show response
freeforms.com/wp-content/plugins/svg-support/vendor/DOMPurify/ 21 KB
9 KB 32ms
31ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeforms.com/wp-content/plugins/svg-support/vendor/DOMPurify/DOMPurify.min.js
Requested by: Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50c36bc2a71485bc6939c1f5de3d1b38ff260d9de91dac1855df0b50c35d81bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 13:14:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 497374
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtQUVdBcqQPo9t66EP8Vh6LUncj%2FhxOGlzUbK%2FwXqeu5bQivv%2FKRwQCdoisiQuFrrLSFKWaZMyyRMdRWkZ%2BwUVh2axS9%2BIAbSbhbY%2BiNqTaIppjwWbbgIHhNn4v1qS8wbV5R2Mres2ozCRRy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 792da9759e819b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Feb 2023 02:58:48 GMT

GET
H2 200 7733f05cba.js Show response
kit.fontawesome.com/ 11 KB
4 KB 98ms
40ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/7733f05cba.js

Requested by

Host: freeforms.com
URL: https://freeforms.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e4ba688bde49f8a307bf1e2fd9c1143d1564bba3643c3cf130c7a56ee94288d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://freeforms.com/
Origin: https://freeforms.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 792da975fb7b3a74-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fz_PeFJuhHI3hMkMieei

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 100 KB
23 KB 110ms
31ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=7733f05cba
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7733f05cba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7a9f485d6f2e1dabd73d8b9ebba2930177e6d77565963ed32707837ed9bba33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 2193763
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
server: cloudflare
etag: W/"2dbe34367e935e2684b01124b0860d71"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xhdfm7F0ZntuDpz35IcpX0UWz83cIU2uq%2FoffFyN4Dg%2FjQVjHwntmmy%2B4i4uPXemSeYSG93dcma9OSO4lImK1WcnRFSvmJ%2BMF4TrohrdUzRLIIEIyaXOTSjUmhmjFEsHaMRIm2PDrexrLEU77yyAf6%2F1Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 792da978791b2bcb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: EZDp-QWU-D9LiME0EB3CWSqsN5FWDtT-MKO7L6zjNJ3CMP_2XAM3UQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 27 KB
5 KB 106ms
28ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=7733f05cba
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7733f05cba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b856bad6a7ffe16d3ba0ea0d6c6fe0526385ebd11e589a2efbcbf97386e9ea40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 2503972
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
server: cloudflare
etag: W/"0d00741459c51dd7330d97cd19326a7b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqZP7UKepVvLkDc9uLwHZHgKaaxA%2BlZ7h3%2FYeXAeb2sv1Lvq7ZdpILEkEt0SKAWoF%2FWUW2Tp1prc4bcJGhHKRYas5WMZV19T3kNMWkaFQ0MGkcrsiDLzDoPF0zvuqmlLIgAk%2BRuagDuHTYCgH6lk%2FAFAtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 792da978791d2bcb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: gk9g7fN5ZY6oQlpwekT0DE7IDzcZEzdNhPS9HQ6vR4Zirv_IaB03qg==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 823 B
721 B 105ms
28ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=7733f05cba
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7733f05cba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788283b9392704ad36e4767d8e14790895e3a504214d4553da9b4992fd9f2af2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 2503972
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
server: cloudflare
etag: W/"15e2713dff942747406520edde3fd0bf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RiU0EBzT%2Bxz%2FGZWqUP7plAxVsE4tUcFZ8%2B5GyNSSkSxe8z1Gj9s0%2BEGGm8bTfYd7YagrCeE3kC6llwSDjTa4tX5YT3WFTnQFJi0%2F0yvikYvoKcojMEyD1Su8qfMMmuPb%2F515IH%2Fe5dwn0%2FVIkuk2ohC9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 792da978791e2bcb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cV9t1tAbiNMrkhquGfpIt88atn41OY9b_bP8gVRQZW4XVLifZjO9_g==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.2.1/css/ 2 KB
1 KB 104ms
27ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=7733f05cba
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7733f05cba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04994be7db4693bad5bc011cd1aa7a3cdd72c55dd72f478b772de9a795e82210

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 2503972
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
server: cloudflare
etag: W/"075b2106ba08d32bc88fff3724503b1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yM%2Fy3rnbyQwnZTYWjt845bWUEmy8Q5qZ%2FCR2gkL4kcIWoFL958uxlDXtyx33V7l3cCagw1N%2BTgQQaFKfI%2Bzxb2ksh7iJ6SktiHluCDWD%2BWVQRSU9%2Bsyo0OlEoBgJCwznf9SOabzTMbZ2n5uFil9s6bsD1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 792da978791f2bcb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Gle2eKaUloC1vMuwgt587m8lX_M2aMikY9hJnB3so6UWa1Bk-Hwe9g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112464667-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 20:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 812
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 01 Feb 2023 22:54:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-93951612-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112464667-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b5997ec5aed441ba3561cef2135bf4d536fb8149396b738bfa857999683ff78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Feb 2023 21:08:22 GMT

GET
H2 200 410 Show response
eforms.com/widget/ Frame FA78 14 KB
14 KB 292ms
292ms Document
text/html 52.206.2.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eforms.com/widget/410
Requested by: Host: eforms.com
URL: https://eforms.com/widget
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.206.2.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-2-160.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e33c154d0e8f4ad7fad0eb38346c282283ddd16f2f65e985b160b83412de892

Request headers

Referer: https://freeforms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 21:08:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NCX8NRSWKZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93951612-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d873c0f0042768af5dc878ac833ba988b34d83ccab483921c776ffd2c46afa74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Feb 2023 21:08:22 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ 403 KB
404 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&ver=5.8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c8dd4fa8d53dcff99beee9ff1fb8d16564f6cb5e0de6a55b02570a5c93cec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeforms.com/
Origin: https://freeforms.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 13:02:44 GMT
x-content-type-options: nosniff
age: 461138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412756
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 13:02:44 GMT

GET
H3 200 admin-ajax.php Show response
freeforms.com/wp-admin/ 4 B
613 B 960ms
960ms XHR
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeforms.com/wp-admin/admin-ajax.php?postviews_id=13910&action=postviews&_=1675285702403

Requested by

Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/freeforms.com/61cd9c42-7d46-4775-9703-82736d65e7c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edaf31d91128ba1f3c332a73b0982fc1fe6b722182da2d8b853a15dcbdf9b84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sl3WWHWXvMUit5sU6sTI58tjygnKoKzolEw%2FT9%2BALHZPHXroJJ6TqaZLsCjIs79zZQwu5mcoQ9yBhibH88b0B839OCl9l60AnU7IY0j6UWjCTSoUVqMC7PfHVS14l3P8wX2w7kkFaiEmq57%2F"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 792da9784b359b5d-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 admin-ajax.php Show response
freeforms.com/wp-admin/ 21 B
659 B 858ms
858ms XHR
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://freeforms.com/wp-admin/admin-ajax.php

Requested by

Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/freeforms.com/61cd9c42-7d46-4775-9703-82736d65e7c9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da897e5f0957f79684c2985ab2ce7165f6d6af28eb66173902d64b7f3083c1ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://freeforms.com/purchase-agreements/addendums/escrow-holdback-agreement/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 01 Feb 2023 21:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://freeforms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y68mctCY0Zl6Fe%2FM0oUpIzOQWWQkcCLRDHEql8uwO%2BvFHsqCtyUSr9Ih836MSBLItHo1YurRboGQsn%2FL1hC8EHMi%2BCBo3W1IdoNytEzUdLD78pxQ%2FbQ8mh%2FGyNwOGvXBFHcj8M674wcGey3V"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 792da9785b439b5d-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freeforms.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 16:07:18 GMT
x-content-type-options: nosniff
age: 536464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:07:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 47ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NCX8NRSWKZ&gtm=2oe1u0&_p=1723659123&cid=239335560.1675285703&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675285702&sct=1&seg=0&dl=https%3A%2F%2Ffreeforms.com%2Fpurchase-agreements%2Faddendums%2Fescrow-holdback-agreement%2F&dt=Free%20Escrow%20Holdback%20Agreement%20Addendum%20%7C%20PDF%20%7C%20WORD&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCX8NRSWKZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 21:08:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freeforms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 27ms
26ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1723659123&t=pageview&_s=1&dl=https%3A%2F%2Ffreeforms.com%2Fpurchase-agreements%2Faddendums%2Fescrow-holdback-agreement%2F&ul=en-us&de=UTF-8&dt=Free%20Escrow%20Holdback%20Agreement%20Addendum%20%7C%20PDF%20%7C%20WORD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=933536902&gjid=996608317&cid=239335560.1675285703&tid=UA-112464667-1&_gid=441386488.1675285703&_r=1&_slc=1&gtm=2ou1u0&z=1280023633

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeforms.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 21:08:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freeforms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 27ms
26ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1723659123&t=pageview&_s=1&dl=https%3A%2F%2Ffreeforms.com%2Fpurchase-agreements%2Faddendums%2Fescrow-holdback-agreement%2F&ul=en-us&de=UTF-8&dt=Free%20Escrow%20Holdback%20Agreement%20Addendum%20%7C%20PDF%20%7C%20WORD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=827202964&gjid=1433141297&cid=239335560.1675285703&tid=UA-93951612-1&_gid=441386488.1675285703&_r=1&_slc=1&gtm=2ou1u0&z=1218850328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freeforms.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 21:08:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freeforms.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.2.1/webfonts/ 105 KB
106 KB 37ms
36ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f04c94b287d7dfdfad36e60915eefbef7127a073546e6c21512b5052c6ac48d

Request headers

Referer: https://freeforms.com/
Origin: https://freeforms.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 2446071
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107656
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
server: cloudflare
etag: "d3c93d772e2ec6d8c7c7e726f92a7dbf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy8nHNWtxqdIsUW4m%2Fj4qufai7Oj03FqSTZiK1nLmJUX678Rv9EyBxEGPX3JhwpWOY1gieEZd%2FdzS3ZNobBdcg%2BqbAnlqVNJEDGu2SWG4PsGpb2flzbDM9mVHcOZv0GfEA5I9modP9Tz74eT%2B%2BW9jb7rmw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 792da9793a1c2bcb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: onhpODmoek9ucx1lhHb5mcOvo9ih5FUCOTmOScqAmXute5bVfatkgQ==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.2.1/webfonts/ 147 KB
148 KB 28ms
28ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4

Request headers

Referer: https://freeforms.com/
Origin: https://freeforms.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 1863849
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150500
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
server: cloudflare
etag: "69a76555beae5c43a59559396c1aeb54"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0QI54E9VhOTg%2FDv46bcVHWiew4zf4bHQxVpXo5t%2BqxcuQb38%2BEYodSvM9zm88BQ3bneatKsQ742lWn3Go7tToaFSpgBA%2Fc0Lupqhdi5wdTDnp67th9L8urMekbsoXa%2B9vGOqBDX6HZi92WdvhILi1VtWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 792da9793a1e2bcb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Xs3J_mmNF-3ZNLiBpGuubedJ8SPWGmJLrdRLmE6I282XMMzHJ8I3FQ==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v6.2.1/webfonts/ 25 KB
25 KB 35ms
35ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-regular-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5074bf724d70c107946d158f07964ac24bb3225029bacdf8ece02fb29df8a9f1

Request headers

Referer: https://freeforms.com/
Origin: https://freeforms.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 2446071
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25244
last-modified: Mon, 14 Nov 2022 15:15:22 GMT
server: cloudflare
etag: "b0b42dfe405f3f5dadcc952d941a6f1d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpiXXmarqDqzdnEVPVgQOwY2UEJv5KioUI8KD%2Fn3zkdj9vjqi4ZzhxGkQBRI2XhrNUHD8sIhIf0QKqX8SV%2FL2owZL12tiIKcTTvshVc%2Fh2KAMU4ommLl0FmtFaqo37oEIYRxIJEgVc%2FP0KMmIbHIK3vU%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 792da9793a1f2bcb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9BO7g6Ga002c0pgSn6Y3A_Pzgl4yPrAP6GNudEqkaUN_J6B1LvrH3w==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 36C9 43 KB
23 KB 57ms
56ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho&co=aHR0cHM6Ly9mcmVlZm9ybXMuY29tOjQ0Mw..&hl=nl&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=inline&cb=97oqmd1xg98u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b62e02e6c00ab1f24fbc59bf0a5448335c5496a16f23b983f5a8ba79ee1b2ff9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wYqbYaAThZtW9ZJhgoOsxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freeforms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23276
content-security-policy: script-src 'report-sample' 'nonce-wYqbYaAThZtW9ZJhgoOsxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 21:08:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 36C9 55 KB
24 KB 67ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho&co=aHR0cHM6Ly9mcmVlZm9ybXMuY29tOjQ0Mw..&hl=nl&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=inline&cb=97oqmd1xg98u

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 16:44:24 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 36C9 403 KB
403 KB 78ms
33ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c8dd4fa8d53dcff99beee9ff1fb8d16564f6cb5e0de6a55b02570a5c93cec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 13:02:44 GMT
x-content-type-options: nosniff
age: 461138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412756
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 13:02:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 36C9 102 B
134 B 29ms
29ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=RGRQD9tdxHtnt-Bxkx9pM75S

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

444eb5836430e665efc37c1ecacddc4390d7e6482a44fff2f2b6d36b9b7758f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho&co=aHR0cHM6Ly9mcmVlZm9ybXMuY29tOjQ0Mw..&hl=nl&type=image&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=inline&cb=97oqmd1xg98u
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 01 Feb 2023 21:08:22 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1302 7 KB
1 KB 35ms
35ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

395938463685c6e2d0980a4a5c237a393d6619a54b515528a390d99d94f7d7a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aMb5OE8X-QxWfDNrSnsbLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freeforms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-aMb5OE8X-QxWfDNrSnsbLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 21:08:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 1302 55 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 16:44:24 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame 1302 403 KB
403 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c8dd4fa8d53dcff99beee9ff1fb8d16564f6cb5e0de6a55b02570a5c93cec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 13:02:44 GMT
x-content-type-options: nosniff
age: 461139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412756
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 13:02:44 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1302 39 KB
24 KB 105ms
105ms XHR
application/json 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4101813b4d2972de519fb69f8ceeaaf0d2d7428971c4eedb968f0f1e32563d3b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 01 Feb 2023 21:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24296
x-xss-protection: 1; mode=block
expires: Wed, 01 Feb 2023 21:08:23 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1302 600 B
624 B 21ms
21ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 19:16:51 GMT
x-content-type-options: nosniff
age: 6692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 08 Feb 2023 19:16:51 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1302 530 B
554 B 23ms
22ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:18:10 GMT
x-content-type-options: nosniff
age: 442213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Feb 2023 18:18:10 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1302 665 B
689 B 23ms
22ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 01:26:19 GMT
x-content-type-options: nosniff
age: 502924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Feb 2023 01:26:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1302 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 12:17:50 GMT
x-content-type-options: nosniff
age: 377433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1302 15 KB
15 KB 32ms
31ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 07:04:14 GMT
x-content-type-options: nosniff
age: 396249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 07:04:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1302 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 168424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 1302 26 KB
26 KB 87ms
87ms Image
image/jpeg 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8WTgFSvZld83fyiMqrWWYrUEAZfBzb2i4xLTFe5YgRd6hNr4rTGh7Dhw9XsN-e5x-AbkpwmORuiWJD6GpsDBPT6Ap4-g_H7TStPhTT9mlb55K7BZ7tgjSszulOAf0HhsLgrzNFebRiNwMSue_bSIvCtD1sb6RnCZssnagWTvG7MgjyhLAmoBGamQuLZ-GPu6s-1w18a1eyhDcqZydcX-neBe4d7TMSGkCMiEh-yEwoUV36lI9k&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

056efd225fc017b9348e9808b179a38c89965304ef7241c202f35507274e351f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LehbmMfAAAAAJwz43ue13sgP47Q_CDKliMNsVho
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:08:23 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26601
x-xss-protection: 1; mode=block
expires: Wed, 01 Feb 2023 21:08:23 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:40:37	Name: _GRECAPTCHA Value: 09APHd1aki6RZljBf1KthlrWiOY4cTUnp2k8udVmdYrslv0UBUTKWBlP306S5rFcF3uGHhxpNrtUbn2lliVZfLZAc
.freeforms.com/	1970-01-20 18:57:25	Name: _ga_NCX8NRSWKZ Value: GS1.1.1675285702.1.0.1675285702.0.0.0
.freeforms.com/	1970-01-20 18:57:25	Name: _ga Value: GA1.2.239335560.1675285703
.freeforms.com/	1970-01-20 09:22:52	Name: _gid Value: GA1.2.441386488.1675285703
.freeforms.com/	1970-01-20 09:21:25	Name: _gat_gtag_UA_112464667_1 Value: 1
.freeforms.com/	1970-01-20 09:21:25	Name: _gat_gtag_UA_93951612_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eforms.com
fonts.googleapis.com
fonts.gstatic.com
freeforms.com
hb.wpmucdn.com
ka-f.fontawesome.com
kit.fontawesome.com
region1.google-analytics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
169.150.247.35
2001:4860:4802:32::36
2606:4700::6812:1634
2606:4700:e4::ac40:a916
2a00:1450:4001:806::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
2a06:98c1:3120::c
52.206.2.160
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
04994be7db4693bad5bc011cd1aa7a3cdd72c55dd72f478b772de9a795e82210
056efd225fc017b9348e9808b179a38c89965304ef7241c202f35507274e351f
072cd0853465fd38f5ce1385eb0f7799eb7468bddca7217e684a11b562514e23
0b6e84934ae49d9d93323860c8151e126d9cf5b92df46ae5312064a0a135cc71
0d91ba05ea78c2921b1b47681e73aaeb4103f90e8c70b17d6c1b15f1364b9a88
1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4
18439ed94997e312fb1c7498286666223c12d192a1da7e3e1f2dd48a3d963b3c
2aab12b28607701bdd2122bd003812b75a0e8c0392c354a819887da2efe37e8e
395938463685c6e2d0980a4a5c237a393d6619a54b515528a390d99d94f7d7a6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f06148a604423d3337144d96dc825facf9e277bf4fff9c8336642a13a44f099
40406baf21745bc2bf496e338dec4bba746c4534b2c27900e9034559652720d1
4101813b4d2972de519fb69f8ceeaaf0d2d7428971c4eedb968f0f1e32563d3b
433c3e5e27085c7fd5f19396172d84263c6526c074611e03fe1716045c71abf1
444eb5836430e665efc37c1ecacddc4390d7e6482a44fff2f2b6d36b9b7758f4
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4e33c154d0e8f4ad7fad0eb38346c282283ddd16f2f65e985b160b83412de892
4f04c94b287d7dfdfad36e60915eefbef7127a073546e6c21512b5052c6ac48d
5074bf724d70c107946d158f07964ac24bb3225029bacdf8ece02fb29df8a9f1
50c36bc2a71485bc6939c1f5de3d1b38ff260d9de91dac1855df0b50c35d81bd
51c2faad4b2189d5960bcb92cf824fcd09918537847b0e5a239200b8fbd4824b
55635fac4b016e66cfb17fb7a61021b3886e7b821e3a6e67f754d640a6237055
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
566506cb0e91db026ae19f11ba4241c42f4d20361c405b815450d4f2e751b2d7
575d61b2158dd420c2241ee9cc1324a11d6bdb424062a35108520d32f6f7f226
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5997ec5aed441ba3561cef2135bf4d536fb8149396b738bfa857999683ff78
5e396a9139b035f0e38a298aba6c15e04286b81c55dc253b25f248ebdd85c42e
751f6b8218f334b4e6833ea06c39d9d3b68405b073d0b8efff56365ca7c95313
7874a9c3d56bd5fea4692a8254f477cbfae474c34082153fc4e1af917bf4924f
788283b9392704ad36e4767d8e14790895e3a504214d4553da9b4992fd9f2af2
7ddfea082d627186946f29c34f8f902c89d10c5a8ba6ae34568e6ad8c75d80d6
884d9178fbbbb5ec6c492d5d8b8a7f8addd063ae82e45c07337c0561925d86ee
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a0948a23d7e87b4775f88ff7cd5ddfc4f0e033c32ee1ce6f6360a527392f072
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8e4ba688bde49f8a307bf1e2fd9c1143d1564bba3643c3cf130c7a56ee94288d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97c8dd4fa8d53dcff99beee9ff1fb8d16564f6cb5e0de6a55b02570a5c93cec5
9e96722fdf3c75aa6313ec53fc127d90f739e528c86d11f02a8944ca0e96f772
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a43ecd6bfbb345f7fb2a8282018a7955d7eb0ea574c37aa240d25f23c0843690
a5250054a22da472c3ddbc3f9e9f63487f96cb1af95de1c3c78c66b615b64ed9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b62e02e6c00ab1f24fbc59bf0a5448335c5496a16f23b983f5a8ba79ee1b2ff9
b856bad6a7ffe16d3ba0ea0d6c6fe0526385ebd11e589a2efbcbf97386e9ea40
c06191d67d84b39bb47cad1c540a9052bb2a12a8772c98d4e6f4ad62220e6cba
c268874e92d3a10804bb3b6bc60da8f75fe297f64e68a2dd819c8da335bcacf7
c85358f3c91f4c4b75fa0c310cb031926e1bc0970f859e74b6e9cb82e0057361
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d06f5eb6e61f76d35f5a897820d954c396b8ea4f5a9fe23be55590e56d06809c
d5123c261cf3b0213bed44bd197869803a2595bd2c2c376e7dffa8f28fc6bbb0
d873c0f0042768af5dc878ac833ba988b34d83ccab483921c776ffd2c46afa74
da897e5f0957f79684c2985ab2ce7165f6d6af28eb66173902d64b7f3083c1ad
dffcf4609016d0d9af99839b25bf3bb2e45ca21e94a8c672f927a13f895e2014
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a9f485d6f2e1dabd73d8b9ebba2930177e6d77565963ed32707837ed9bba33
edaf31d91128ba1f3c332a73b0982fc1fe6b722182da2d8b853a15dcbdf9b84d
f2c60e3be5282b79eaee79d2a0d658d160b18a133af019bbee9029780cb20c05
fddf11f4d2eb352a85ee0e56e3cc0693a85037c012819d8872708a21d269b610

freeforms.com Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

83 %IPv6

9 Domains

12 Subdomains

12 IPs

2 Countries

2269 kBTransfer

3208 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freeforms.com Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

2269 kB
Transfer

3208 kB
Size

6
Cookies

67 HTTP transactions
0 data transactions