urlscan.io logo urlscan.io
SecurityTrails logo

inf.dragonforms.com Open in urlscan Pro
204.180.130.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://infb.omeclk.com/portal/wts/uc^cmTmdgqeeqL3tDgrw-yc9qHZE20|XL3n
Effective URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Submission Tags: phishing malicious Search All
Submission: On June 28 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 204.180.130.190, located in Lincolnshire, United States and belongs to QTS-AS, US. The main domain is inf.dragonforms.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on June 18th 2023. Valid for: a year.
This is the only time inf.dragonforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 205.162.42.171 53866 (QTS-AS)
1 5 204.180.130.190 53866 (QTS-AS)
4 2600:9000:225... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 11
1    205.162.42.171 (Overland Park, United States)

ASN53866 (QTS-AS, US)
PTR: omeclk.com
infb.omeclk.com
5    204.180.130.190 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
inf.dragonforms.com
4    2600:9000:2251:9000:c:860d:a440:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.omeda.com
hostedcontent.dragonforms.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2600:9000:223c:ac00:0:d27a:1440:93a1 (United States)

ASN16509 (AMAZON-02, US)
static-cdn.dragonforms.com
1    2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)
js-na1.hs-scripts.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
2    2606:4700::6811:6bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:d6f3 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
Apex Domain
Subdomains		 Transfer
11 dragonforms.com
inf.dragonforms.com
hostedcontent.dragonforms.com — Cisco Umbrella Rank: 63467
static-cdn.dragonforms.com — Cisco Umbrella Rank: 62320
47 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5002
forms.hscollectedforms.net — Cisco Umbrella Rank: 5136
26 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4527
983 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2438
64 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2542
1 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 8679
1 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2425
21 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
29 KB
1 omeda.com
cdn.omeda.com — Cisco Umbrella Rank: 39184
9 KB
1 omeclk.com
infb.omeclk.com
311 B
20 10
Domain Requested by
5 inf.dragonforms.com 1 redirects inf.dragonforms.com
code.jquery.com
3 static-cdn.dragonforms.com inf.dragonforms.com
3 hostedcontent.dragonforms.com inf.dragonforms.com
1 forms.hsforms.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hs-banner.com js-na1.hs-scripts.com
1 js.hscollectedforms.net js-na1.hs-scripts.com
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 js.hs-analytics.net inf.dragonforms.com
1 code.jquery.com inf.dragonforms.com
1 cdn.omeda.com inf.dragonforms.com
1 infb.omeclk.com 1 redirects
20 13

This site contains links to these domains. Also see Links.

Domain
bioprocessintl.com
Subject Issuer Validity Valid
*.omeda.com
SSL.com RSA SSL subCA		 2023-06-18 -
2024-06-23		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Frame ID: 1AC65BE281CBCEFE2903FA5BF182FBC3
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BioProcess International - Renew

Page URL History Show full URLs

  1. https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3tDgrw-yc9qHZE20%7CXL3n HTTP 302
    https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L HTTP 302
    https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL
  2. https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

82 %
IPv6

10
Domains

13
Subdomains

11
IPs

2
Countries

200 kB
Transfer

561 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3tDgrw-yc9qHZE20%7CXL3n HTTP 302
    https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L HTTP 302
    https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL
  2. https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3tDgrw-yc9qHZE20%7CXL3n HTTP 302
  • https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L HTTP 302
  • https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
init.do
inf.dragonforms.com/
Redirect Chain
  • https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3tDgrw-yc9qHZE20%7CXL3n
  • https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
  • https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
301 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e6755c3de9501f502e151a6cec906a6b61466f9a0d6c127c4642d390b4349a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
301
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Jun 2023 14:25:06 GMT
Keep-Alive
timeout=5
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 28 Jun 2023 14:25:06 GMT
Keep-Alive
timeout=5
Location
init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Server
Apache
spinner.gif
cdn.omeda.com/hosted/images/dragon/generic/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.omeda.com/hosted/images/dragon/generic/spinner.gif
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9000:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:22:28 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
age
153
x-cache
Hit from cloudfront
content-length
8851
x-xss-protection
1; mode=block
last-modified
Mon, 10 Oct 2016 20:45:12 GMT
server
Apache
etag
W/"8851-1476132312178"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
cAxbXT7eoxXKLXEJfRl7n9A0jhFvNvEupPGhPKHH080h3oo6h5-YnQ==
Primary Request loading.do
inf.dragonforms.com/ 		41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
2f8d4a82d8c0b34d63f02bcad0552c79dfe16bd07cbd472743a9dc6c1ec85f6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Jun 2023 14:25:07 GMT
Keep-Alive
timeout=5
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
styles-combined_1b.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/1/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/1/styles-combined_1b.css
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9000:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
4a880a28034474f5f45eab56cf954b323eae1b9931816e894fe55dee09490a67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
288
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 10 Jan 2020 13:11:00 GMT
server
Apache
etag
W/"23017-1578661860787"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
x-amz-cf-id
qRu84r1Zt1s_hog4wDZdRdQHghTjw0n0lNoQPRNaQEt8d1yyqBrGAA==
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://inf.dragonforms.com/
Origin
https://inf.dragonforms.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:25:01 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx
etag
W/"573f4859-14e4a"
vary
Accept-Encoding
x-hw
1687962301.dop017.am5.t,1687962301.cds123.am5.hn,1687962301.cds218.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
conditional.js
static-cdn.dragonforms.com/js/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.dragonforms.com/js/conditional.js?build=V23.9-20230622
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ac00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
89e0d5e92136af3c2f1d53d4bd524e308554a0ddf9e44a5bd89ab2e2bdbddd7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 02:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
41416
x-cache
Hit from cloudfront
content-length
12624
x-xss-protection
1; mode=block
last-modified
Thu, 29 Dec 2022 18:08:56 GMT
server
Apache
etag
W/"35615-1672337336000"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
GtgRD47D3g9W1Uh3sqJZ06aSq3IWbTFEMdewpyFXlMN0J6Dfu-cB5Q==
dragonCampaign.js
static-cdn.dragonforms.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.dragonforms.com/js/dragonCampaign.js?build=V23.9-20230622
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ac00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 02:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
41415
x-cache
Hit from cloudfront
content-length
4907
x-xss-protection
1; mode=block
last-modified
Tue, 01 Nov 2022 12:59:08 GMT
server
Apache
etag
W/"13287-1667307548000"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
dxK7IP2LIQQgReQvnu1FAmxaIK6VfOTSzv8PRs5vsPnzy6TIlWQhOA==
generic.css
static-cdn.dragonforms.com/style/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.dragonforms.com/style/generic.css?build=V23.9-20230622
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ac00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 02:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
41423
x-cache
Hit from cloudfront
content-length
1056
x-xss-protection
1; mode=block
last-modified
Thu, 10 Jun 2021 15:35:48 GMT
server
Apache
etag
W/"2478-1623339348000"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
HAojm_25iSMcURhvGQuFmPrI7l8kBo22eHZQE01NTGc7QYxoBkTCEQ==
24.css
hostedcontent.dragonforms.com/hosted/images/dragon/12272/ 		332 B
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12272/24.css
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9000:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e751504c7588359691401b7b55ad80b017f635cc57f0bf1674a10d0a8a7c9fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:22:14 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
age
167
x-cache
Hit from cloudfront
content-length
332
x-xss-protection
1; mode=block
last-modified
Wed, 08 Jul 2020 00:14:55 GMT
server
Apache
etag
W/"332-1594167295646"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
B0Isl8LOCmM6-I-SAf5yZS9g9R4Ro6V1cagp-3nAYUYOpZU-B5otug==
124.png
hostedcontent.dragonforms.com/hosted/images/dragon/12272/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12272/124.png
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9000:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
30d8602ed8d125e3b584c9a0d8bc7ad7bad82bc7328b260279f6600909dc87b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:22:14 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
age
167
x-cache
Hit from cloudfront
content-length
8510
x-xss-protection
1; mode=block
last-modified
Wed, 05 Feb 2020 03:35:28 GMT
server
Apache
etag
W/"8510-1580873728257"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
I61vn88KQGbSUIN3bX0rGxii39ME6JSNEbfXtP_2R1ff1MvIMqMSGg==
1724941.js
js.hs-analytics.net/analytics/1687962600000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1687962600000/1724941.js
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f364371b31599fe9965c44da35f2ebc8d1de244d3381481dd23099ceb87f7cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:25:01 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
ANVQVRQM5XPVSKJG
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
19
x-amz-id-2
R4MArNmfW/Ik85L3Om0cPJx4YjJ7nrUIrLxKx/xjUJPvy93+77yh4gFzWAA+iLYnnHx3l+PKxIOEaZNesyr3/SQ5n5M2VCZ4EKXe/0FoX8U=
x-evy-trace-listener
listener_https
x-request-id
ff9b778a-c15f-47cd-9caf-2466fedc9f99
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 15 Jun 2023 14:40:51 GMT
server
cloudflare
etag
W/"5760df9fc352a1ae80ea87cc11675659"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7de698c03dcb3721-FRA
expires
Wed, 28 Jun 2023 14:30:01 GMT
evaluateConditionalContent.do;jsessionid=21F5331F2D2EB6533AC7DCD823585DF6
inf.dragonforms.com/ 		242 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inf.dragonforms.com/evaluateConditionalContent.do;jsessionid=21F5331F2D2EB6533AC7DCD823585DF6?demo2844=RKN23L&demo2845=1000628601&demo2849=999&demo2851=GIOVANNI&demo2852=FABRIZI&demo2853=DR&demo2854=INAIL&demo2855=DEILA&demo2856=VIA%20FONTANA%20CANDIDA%201&demo2857=MONTE%20PORZIO%20CATONE%20(RM)&demo2858=&demo2859=%2000078&demo2860=196&demo2861=&demo2862=&demo2863=g.fabrizi%40inail.it&demo2864=g.fabrizi%40inail.it&demo2867=1041&demo2868=1051&demo2869=1081&demo2870=1083,1086,1092&demo2871=1113&demo2872=1108&dragon_pagenumber=2&jsessionid=21F5331F2D2EB6533AC7DCD823585DF6&timestemp=1687962301441&omedasite=INF2_BCrenew
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3fe349009c7e888f620c492399e89fe715eafbf7a6b0f2a8bf55679c8e0b28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:25:07 GMT
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
242
X-XSS-Protection
1; mode=block
evaluateConditionalContent.do;jsessionid=21F5331F2D2EB6533AC7DCD823585DF6
inf.dragonforms.com/ 		242 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inf.dragonforms.com/evaluateConditionalContent.do;jsessionid=21F5331F2D2EB6533AC7DCD823585DF6?demo2844=RKN23L&demo2845=1000628601&demo2849=999&demo2851=GIOVANNI&demo2852=FABRIZI&demo2853=DR&demo2854=INAIL&demo2855=DEILA&demo2856=VIA%20FONTANA%20CANDIDA%201&demo2857=MONTE%20PORZIO%20CATONE%20(RM)&demo2858=&demo2859=%2000078&demo2860=196&demo2861=&demo2862=&demo2863=g.fabrizi%40inail.it&demo2864=g.fabrizi%40inail.it&demo2867=1041&demo2868=1051&demo2869=1081&demo2870=1083,1086,1092&demo2871=1113&demo2872=1108&dragon_pagenumber=2&jsessionid=21F5331F2D2EB6533AC7DCD823585DF6&timestemp=1687962301459&omedasite=INF2_BCrenew
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3fe349009c7e888f620c492399e89fe715eafbf7a6b0f2a8bf55679c8e0b28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:25:07 GMT
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
242
X-XSS-Protection
1; mode=block
evaluateConditionalContent.do;jsessionid=21F5331F2D2EB6533AC7DCD823585DF6
inf.dragonforms.com/ 		0
0
1724941.js
js-na1.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/1724941.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1687962600000/1724941.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4513b02574a77fa80fcc29d32377f4749ed1a58bb5c44d68d379bb2c6a1293e2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:25:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
x-hubspot-correlation-id
9c7bdb91-fd72-4a7a-9373-f61b47b1025a
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ff3aa1f8-29ea-443b-8287-02727427b54b
last-modified
Wed, 28 Jun 2023 13:08:14 GMT
server
cloudflare
x-trace
2BDA4270BB0A950ACBCA525C77051861194610141C000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://inf.dragonforms.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=30
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-qtxhk
cf-ray
7de698c3dd7c1a7d-FRA
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=windows-1252&ln=en-us&bfp=2241961375&v=1.1&a=1724941&r=https%3A%2F%2Finf.dragonforms.com%2Finit.do%3Fomedasite%3DINF2_BCrenew%26r%3D9231F9860912C0T%26pk%3DRKN23L&pu=https%3A%2F%2Finf.dragonforms.com%2Floading.do%3Fomedasite%3DINF2_BCrenew%26r%3D9231F9860912C0T%26pk%3DRKN23L&t=BioProcess+International+-+Renew&cts=1687962301993&vi=30cd2919c5e1cb5e162bb34dcd22b754&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:25:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4bedb333-b22a-4618-b38d-39a18c1d85c6
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
eef85815-2cd6-4985-b813-157be3340999
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAUdxBVjub%2BpdNAMYhWbSIKcuSBdtvWwMa7WECX%2Fc5%2FAQntvPADG5SlzipNRDangVPIGP82BVXRSxY2yv5MiMCECd07TdSEjjrTYOjeTLq0hHsN3A4HAp%2BdiDAcRnJpMEbxmXsPdlSe8Tennuu3p"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-lqfnv
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7de698c3dc30bb86-FRA
x-robots-tag
none
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/1724941.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3

Request headers

Referer
https://inf.dragonforms.com/
Origin
https://inf.dragonforms.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:25:02 GMT
x-amz-version-id
S1jmwKbmrdTaJO._teNI0LpuWSvl4WIJ
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
489
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.378/bundles/project.js&cfRay=7de68cd5ed886931-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
17d16002-b77a-4491-a70d-18270efbe31c
last-modified
Tue, 13 Jun 2023 09:45:35 UTC
server
cloudflare
etag
W/"b19afd994dc32a5784e74169cca8128a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-mm66x
cf-ray
7de698c6ba519b25-FRA
x-amz-cf-id
V7FZRNK-v123IK_MegNGi0XpV76BaGw_DBEP-Jz9K-rydAoGH7OBIw==
x-hs-target-asset
collected-forms-embed-js/static-1.378/bundles/project.js
banner.js
js.hs-banner.com/v2/1724941/ 		209 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/1724941/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/1724941.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ab8bd6e91789c688dd81ca617027df881282ae705c7619611f11771d7e4796

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:25:02 GMT
x-amz-version-id
FWeOBs2916AVya8fnqyyyDK0KAnsChWD
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
8E9VWY2F7WSSD94F
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
age
11
x-envoy-upstream-service-time
34
x-amz-id-2
ooacqXjO7ciHH7r6PxX3M84pcDJozjA3k2suJ0QIDTUk3ob+YNM422SnsCMAAHZWBBK5cdeJHQM=
x-evy-trace-listener
listener_https
x-request-id
5beb024f-73c5-430c-bca8-766a8259399a
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 22 Jun 2023 15:55:59 GMT
server
cloudflare
etag
W/"ba81c3f8008a612e2ad4c90d6a82abfa"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://bioprocessintl.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7de698c6bbe391f9-FRA
expires
Wed, 28 Jun 2023 14:29:51 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		115 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=1724941&utk=30cd2919c5e1cb5e162bb34dcd22b754
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b33e5ff2f0f6b397a095d868c4326c0d878d1b2903c35ac140f554fcaa787c

Request headers

Accept
application/json, text/plain, */*
Referer
https://inf.dragonforms.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:25:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
4d9310ec-fda6-4430-aa11-e2b8ddf8e53b
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
52bae29e-c664-4994-8947-8402fa160210
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://inf.dragonforms.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-h6thn
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7de698c73b109b25-FRA
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:25:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
f87a64f6-39bc-41d2-96d6-eb8a6df4731a
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9506dec3-7324-4b8b-a815-2dccb36c4436
Server
cloudflare
X-Trace
2B5081F9C13189716A3930ACE2D9558ACC2489CFFC000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7de698c8796639ec-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
inf.dragonforms.com
URL
https://inf.dragonforms.com/evaluateConditionalContent.do;jsessionid=21F5331F2D2EB6533AC7DCD823585DF6?demo2844=RKN23L&demo2845=1000628601&demo2849=999&demo2851=GIOVANNI&demo2852=FABRIZI&demo2853=DR&demo2854=INAIL&demo2855=DEILA&demo2856=VIA%20FONTANA%20CANDIDA%201&demo2857=MONTE%20PORZIO%20CATONE%20(RM)&demo2858=&demo2859=%2000078&demo2860=196&demo2861=&demo2862=&demo2863=g.fabrizi%40inail.it&demo2864=g.fabrizi%40inail.it&demo2867=1041&demo2868=1051&demo2869=1081&demo2870=1083,1086,1092&demo2871=1113&demo2872=1108&dragon_pagenumber=2&jsessionid=21F5331F2D2EB6533AC7DCD823585DF6&timestemp=1687962301611&omedasite=INF2_BCrenew

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery string| AUTO_LOOKUP_MULTIPLE_FOUND string| AUTO_LOOKUP_MULTIPLE_FOUND_WITH_SECONDARY_KEY string| STANDARD_FIELD_PAYMENT_METHOD string| PAYMENT_METHOD_PAY_WITH_CREDIT_CARD string| PAYMENT_METHOD_PAY_WITH_PAYPAL string| totalPrice string| payPalPlanId boolean| exportUrlExecuted function| verifyConsole function| hideEmailLookupScrim function| showEmailLookupScrim function| toggleDisplay boolean| keepSubmitDisabled function| disableSubmit function| enableSubmit boolean| initialized boolean| lookupEmailCalled object| conditionalHandlers boolean| conditionalHandlersCalled function| registerConditionalHandler function| callConditionalHandlers function| toggleOther function| genericValidation function| checkConditions function| checkConditionsPart2 function| stopIframePolling function| applyConditionalResponses function| generateRepeatedGroup function| checkOtherFillinCheckbox function| checkOtherFillinRadio function| hideOtherFillin function| getFormData function| lookupByEmail function| lookupFreshAddress function| checkPayment function| clickBehavior function| entriesPolyFill function| httpPostWithFormData boolean| formInitialLoad boolean| formSubmitErrorOccurred string| submitButtonSelector function| calculatePaymentMethod function| clearOtherPaidElements function| getSiteContextParameter string| shippingAddressCountry string| requestedVersionId string| campaignRequestedVersionId string| billMeLaterResponse boolean| campaigElementExists function| campaignPromocodeChanged function| campaignCountryOrRequestedVersionChanged function| getPromoContentAndPrices function| hidePromoPrices function| showDragonPaidContent function| hideDragonPaidContent function| showHidePromoPrices undefined| display object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime object| e object| __hsCollectedFormsDebug boolean| _hspb_loaded boolean| _hspb_ran

6 Cookies

Domain/Path Name / Value
inf.dragonforms.com/ Name: JSESSIONID
Value: 21F5331F2D2EB6533AC7DCD823585DF6
.hubspot.com/ Name: __cf_bm
Value: qJsn9FIZyL6bhmiR3UrRH4zCSgdoBW_8RTvBpr2H2MA-1687962302-0-AVT87btejUt6SuIOwSI2+gG7X3zcbs1Eswq9XlTWgUEcen6dSLGw/Wajwq0d8YFTq6BmDHFS7kiDxPKBJ0bwo84=
inf.dragonforms.com/ Name: __hstc
Value: 180648248.30cd2919c5e1cb5e162bb34dcd22b754.1687962301990.1687962301990.1687962301990.1
inf.dragonforms.com/ Name: hubspotutk
Value: 30cd2919c5e1cb5e162bb34dcd22b754
inf.dragonforms.com/ Name: __hssrc
Value: 1
inf.dragonforms.com/ Name: __hssc
Value: 180648248.1.1687962301991

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.omeda.com
code.jquery.com
forms.hscollectedforms.net
forms.hsforms.com
hostedcontent.dragonforms.com
inf.dragonforms.com
infb.omeclk.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
static-cdn.dragonforms.com
track.hubspot.com
inf.dragonforms.com
2001:4de0:ac18::1:a:3a
204.180.130.190
205.162.42.171
2600:9000:223c:ac00:0:d27a:1440:93a1
2600:9000:2251:9000:c:860d:a440:93a1
2606:4700::6810:88ce
2606:4700::6811:6bc7
2606:4700::6811:d6f3
2606:4700::6812:18c4
2606:4700::6812:853b
2606:4700::6813:9a53
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2f8d4a82d8c0b34d63f02bcad0552c79dfe16bd07cbd472743a9dc6c1ec85f6a
30d8602ed8d125e3b584c9a0d8bc7ad7bad82bc7328b260279f6600909dc87b2
4513b02574a77fa80fcc29d32377f4749ed1a58bb5c44d68d379bb2c6a1293e2
4a880a28034474f5f45eab56cf954b323eae1b9931816e894fe55dee09490a67
5f364371b31599fe9965c44da35f2ebc8d1de244d3381481dd23099ceb87f7cc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3
89e0d5e92136af3c2f1d53d4bd524e308554a0ddf9e44a5bd89ab2e2bdbddd7a
96ab8bd6e91789c688dd81ca617027df881282ae705c7619611f11771d7e4796
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e1b33e5ff2f0f6b397a095d868c4326c0d878d1b2903c35ac140f554fcaa787c
e3fe349009c7e888f620c492399e89fe715eafbf7a6b0f2a8bf55679c8e0b28e
e6755c3de9501f502e151a6cec906a6b61466f9a0d6c127c4642d390b4349a40
e751504c7588359691401b7b55ad80b017f635cc57f0bf1674a10d0a8a7c9fc7
f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738