share.hsforms.com Open in urlscan Pro
2606:4700::6810:5605 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.resguarda.com/e3t/Ctc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2d...
Effective URL:
https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANq...
Submission: On June 27 via api (June 27th 2022, 6:42:47 pm UTC) from IE — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 42 HTTP transactions. The main IP is 2606:4700::6810:5605, located in United States and belongs to CLOUDFLARENET, US. The main domain is share.hsforms.com. The Cisco Umbrella rank of the primary domain is 111519.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.

This is the only time share.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:671d	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
42	16

2 2606:2c40::c73c:671d (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.resguarda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

share.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

8293688.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gstatic.com fonts.gstatic.com www.gstatic.com	574 KB
6	google.com www.google.com — Cisco Umbrella Rank: 8	75 KB
5	hsforms.com share.hsforms.com — Cisco Umbrella Rank: 111519 forms.hsforms.com — Cisco Umbrella Rank: 4450 forms-na1.hsforms.com — Cisco Umbrella Rank: 72093	10 KB
4	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3073 track.hubspot.com — Cisco Umbrella Rank: 2144	3 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2069	17 KB
2	resguarda.com 1 redirects www.resguarda.com — Cisco Umbrella Rank: 389197	4 KB
1	hubspotusercontent-na1.net 8293688.fs1.hubspotusercontent-na1.net	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3409	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2061	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5004	25 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2291	998 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6630	161 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6868	3 KB
42	14

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	js.hsforms.net www.gstatic.com www.google.com
3	track.hubspot.com
3	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	forms-na1.hsforms.com
2	forms.hsforms.com	js.hsforms.net
2	www.resguarda.com	1 redirects
1	8293688.fs1.hubspotusercontent-na1.net
1	fonts.googleapis.com	js.hsforms.net
1	forms.hubspot.com	js.hscollectedforms.net
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-scripts.com	share.hsforms.com
1	js.hsforms.net	share.hsforms.com
1	static.hsappstatic.net	share.hsforms.com
1	share.hsforms.com	www.resguarda.com
42	18

This site contains no links.

Subject Issuer	Validity	Valid
www.resguarda.com Cloudflare Inc ECC CA-3	`2022-02-10` - `2023-02-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE&utm_content=217570281&utm_source=hs_email
Frame ID: 56E14E8D2A81F4549B6D3203EFB6B68F
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=ozbze3vq7v1x
Frame ID: 783AFDEA6A6D04EA9CCF7032D8082BDF
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 88A93ADDCC9E113C68D439162786FE89
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FormForm

Page URL History Show full URLs

https://www.resguarda.com/e3t/Ctc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-... Page URL
https://www.resguarda.com/events/public/v1/encoded/track/tc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6... HTTP 307
https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=21... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

42
Requests

100 %
HTTPS

100 %
IPv6

14
Domains

18
Subdomains

16
IPs

2
Countries

911 kB
Transfer

2224 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.resguarda.com/e3t/Ctc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2dTrW5d6cWH2mJtlCN41nc_KScKBTN1TNSKQy2_Z5W23C3c95GJv2HW60r7SC7DmXGrW48YSK06-f8xjW5cJXPW2Rpxs6W2cmvx26J8z-DW80nNY770V6XRW6cTD2h5_kctqVXjRqf4p63jQW40PyV34F5ycKW8zLhrN3239kJW4Kn_dT7mcW7sW3pQxrP5KVCrWW2J9C491BMN0QMtQgQVl0--gVQjcS56wq69-W5FCsQh60hGgcN1q2H_F7Gt3RW8ZLz2x6_7ZbCN6CXSLRrzm9WN7n_TjtgHQx-3jJz1 Page URL
https://www.resguarda.com/events/public/v1/encoded/track/tc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2dTrW5d6cWH2mJtlCN41nc_KScKBTN1TNSKQy2_Z5W23C3c95GJv2HW60r7SC7DmXGrW48YSK06-f8xjW5cJXPW2Rpxs6W2cmvx26J8z-DW80nNY770V6XRW6cTD2h5_kctqVXjRqf4p63jQW40PyV34F5ycKW8zLhrN3239kJW4Kn_dT7mcW7sW3pQxrP5KVCrWW2J9C491BMN0QMtQgQVl0--gVQjcS56wq69-W5FCsQh60hGgcN1q2H_F7Gt3RW8ZLz2x6_7ZbCN6CXSLRrzm9WN7n_TjtgHQx-3jJz1?_ud=f373a6fd-9b94-4b24-a50f-11b036c5241d&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE&utm_content=217570281&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2dTrW5d6cWH2mJtlCN41nc_KScKBTN1TNSKQy2_Z5W23C3c95GJv2HW60r7SC7DmXGrW48YSK06-f8xjW5cJXPW2Rpxs6W2cmvx26J8z-DW80nNY770V6XRW6cTD2h...
www.resguarda.com/e3t/Ctc/UA+113/c-HbR04/ 9 KB
3 KB 345ms
325ms Document
text/html 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.resguarda.com/e3t/Ctc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2dTrW5d6cWH2mJtlCN41nc_KScKBTN1TNSKQy2_Z5W23C3c95GJv2HW60r7SC7DmXGrW48YSK06-f8xjW5cJXPW2Rpxs6W2cmvx26J8z-DW80nNY770V6XRW6cTD2h5_kctqVXjRqf4p63jQW40PyV34F5ycKW8zLhrN3239kJW4Kn_dT7mcW7sW3pQxrP5KVCrWW2J9C491BMN0QMtQgQVl0--gVQjcS56wq69-W5FCsQh60hGgcN1q2H_F7Gt3RW8ZLz2x6_7ZbCN6CXSLRrzm9WN7n_TjtgHQx-3jJz1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 722052ecdcf9693d-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 27 Jun 2022 18:42:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 27 Jun 2022 18:42:41 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vque75CJudqVQb4qf392Au03y1aey602xX6jYRKzPXNvH4Cjg7aA9UMevvn9Kr6K%2BegtMvXlDYeNIwxN8xpA0IB61Pgd6IO4hbAodiPjAYUdkrSnmcEzFYysL0DBdHXcH1HP8tncwClqtAqWGRjF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 8f740ea1-705b-411b-aaba-b70acec40977
x-robots-tag: none

GET
H2

200

Primary Request 1g31FOs5oRH268rkPQiwefQ4xrg8 Show response
share.hsforms.com/
Redirect Chain

https://www.resguarda.com/events/public/v1/encoded/track/tc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2dTrW5d6cWH2mJtlCN41nc_KScKBTN1TNSKQy2_Z5W23C3c95GJ...
https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7i...

8 KB
3 KB

447ms
412ms

Document
text/html

2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE&utm_content=217570281&utm_source=hs_email

Requested by

Host: www.resguarda.com
URL: https://www.resguarda.com/e3t/Ctc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2dTrW5d6cWH2mJtlCN41nc_KScKBTN1TNSKQy2_Z5W23C3c95GJv2HW60r7SC7DmXGrW48YSK06-f8xjW5cJXPW2Rpxs6W2cmvx26J8z-DW80nNY770V6XRW6cTD2h5_kctqVXjRqf4p63jQW40PyV34F5ycKW8zLhrN3239kJW4Kn_dT7mcW7sW3pQxrP5KVCrWW2J9C491BMN0QMtQgQVl0--gVQjcS56wq69-W5FCsQh60hGgcN1q2H_F7Gt3RW8ZLz2x6_7ZbCN6CXSLRrzm9WN7n_TjtgHQx-3jJz1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666863e00f0c0bc337baa8d1eb17e8d2212e6a2aa364498276df22b7b000a794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.resguarda.com/e3t/Ctc/UA+113/c-HbR04/VVwhtH3WBHF2W9js6c_839B7cW6G5rDL4LQct5N31NNC13q3nJV1-WJV7CgJXBW12XR_K3j2dTrW5d6cWH2mJtlCN41nc_KScKBTN1TNSKQy2_Z5W23C3c95GJv2HW60r7SC7DmXGrW48YSK06-f8xjW5cJXPW2Rpxs6W2cmvx26J8z-DW80nNY770V6XRW6cTD2h5_kctqVXjRqf4p63jQW40PyV34F5ycKW8zLhrN3239kJW4Kn_dT7mcW7sW3pQxrP5KVCrWW2J9C491BMN0QMtQgQVl0--gVQjcS56wq69-W5FCsQh60hGgcN1q2H_F7Gt3RW8ZLz2x6_7ZbCN6CXSLRrzm9WN7n_TjtgHQx-3jJz1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1374
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 722052f21d0e920d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 27 Jun 2022 18:42:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 20 Jun 2022 10:18:37 UTC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 199b065e4c1253c9590e1b5e57083906.cloudfront.net (CloudFront)
x-amz-cf-id: xzx_1hrPT98ThAxbALKeljaJlyW-aph82Ootol-DpT7h4aYN1XYkPQ==
x-amz-cf-pop: IAD89-P1
x-amz-meta-ao: {"allowIFrame":"always"}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: lizYn7ORudT6ErwUlD64jVMWPC6UWmtU
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: forms-submission-pages/static-1.2114/html/share.html

Redirect headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 722052ef3926693d-FRA
date: Mon, 27 Jun 2022 18:42:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE&utm_content=217570281&utm_source=hs_email>; rel="canonical"
location: https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE&utm_content=217570281&utm_source=hs_email
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDAtSvNc8LU3LmKzZqL7XkI19AcSUfBni8p7kPJOO4pXgivpCh7MO66ciqLHWXA%2FWIJinhpYpfwbPg%2FCapGa2hJi5cEibVRU3JSS3B5HAvDUCeZ7Zq4gnz37OHpaskZiuFjqcLOdE2N%2F4NKz8Lda"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 937cd45d-f59e-497a-ac56-ece5db32c47c
x-robots-tag: none

GET
H2 200 share-legacy.js Show response
static.hsappstatic.net/forms-submission-pages/static-1.2114/bundles/ 4 KB
3 KB 46ms
17ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/forms-submission-pages/static-1.2114/bundles/share-legacy.js

Requested by

Host: share.hsforms.com
URL: https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE&utm_content=217570281&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d20ab0bef4d2b244ef34f396c508df91d4be2580140a1b3e73be4d202d8b09d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 635420
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-replication-status: PENDING
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 20 Jun 2022 10:12:02 GMT
server: cloudflare
etag: W/"7daed7b6b17b77f37dac3b2034f47c23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md%2FeLz0nMTHrLA9azfYmLSqBCjl8J%2BS73sOcWi7Aj9Ncbau%2FpEKTpo7Y68TpKJmndFIWZIYXy5cDXRVTc1ge%2FneCyVXtmbLcB7qONyWyoYMlWAvtLI%2BS4XdCTnL7w8b5uOG98r29maqg1xhGcrqbLDoGlwU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: OwrvuO7k3njWFGIoFgwf_6cKw.iyjkO5
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
cf-ray: 722052f4fbaa6928-FRA
x-amz-cf-id: EeHpOfJEisoivow0IySEncXuzaKBZzH8wlEPxl2iAuO5iugcs45ycQ==
expires: Tue, 27 Jun 2023 18:42:42 GMT

GET
H2 200 v3.js Show response
js.hsforms.net/forms/embed/ 529 KB
161 KB 186ms
167ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d472349ff8459b635b8670d2548f7ac536a71eec90773911a78690411765574c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.1997/bundles/project-v3.js&cfRay=722052f51d45929b-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Jun 2022 10:43:35 UTC
server: cloudflare
etag: W/"5a0f254ed328659c756a291a690ac546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSojer4tF2g95o3SatiuLB4fH9wEl%2BG2%2FAWg1pjn0pyx3jp46LfNqvCimv%2BXnH%2F%2FvBaf3itOJR1%2FKvtmO3978iTDGaFP76RWqx01Dh8%2BK6%2Fu3O2xDdGPAF1UU46SNnfNoau3mfnfi00Z7WMw"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: cmhPeu0N_VMxaMieR1QyQNcbXIwLb0T0
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
cf-ray: 722052f51d45929b-FRA
x-amz-cf-id: fVKCJcdL9mFLjBIZPMKXEZHaif7Wes8Mkgf1xzcvBrIl_l_uWDo-Kg==
x-hs-target-asset: forms-embed/static-1.1997/bundles/project-v3.js

GET
H2 200 8293688.js Show response
js.hs-scripts.com/ 2 KB
998 B 159ms
141ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8293688.js
Requested by: Host: share.hsforms.com
URL: https://share.hsforms.com/1g31FOs5oRH268rkPQiwefQ4xrg8?utm_campaign=Webinars&utm_medium=email&_hsmi=217570281&_hsenc=p2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE&utm_content=217570281&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092495f275c04fd6781804e5c482a094618da7fda726d45c9d8852b4522c3c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 2ba64cec-bd37-44f3-9fcb-8a2b0d240ebe
last-modified: Mon, 27 Jun 2022 04:38:51 GMT
server: cloudflare
x-trace: 2BC60962A4E64C00391FD644A8BE1D81AD261F74CA000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://share.hsforms.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 722052f51fa59101-FRA
expires: Mon, 27 Jun 2022 18:43:42 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 72 KB
25 KB 63ms
22ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8293688.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5

Request headers

Referer: https://share.hsforms.com/
Origin: https://share.hsforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 17957
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=721e9c8d99169bec-EWR
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 722052f65ffc915f-FRA
last-modified: Thu, 19 May 2022 12:56:36 UTC
server: cloudflare
etag: W/"9bdc82a581dc188ff306ce5ac3c3e170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YOV_g-HIx2KOqcxqOtsQpHJ4L49kyGb640eL33u4hzBuTT-HJJo0kQ==
x-hs-target-asset: collected-forms-embed-js/static-1.278/bundles/project.js

GET
H2 200 8293688.js Show response
js.hs-analytics.net/analytics/1656355200000/ 62 KB
20 KB 207ms
166ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1656355200000/8293688.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8293688.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0af9123608fc5b3f3a8dfec0e8e8b4efd27564e3495087a026a559179d0459f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 67A35NC94VCE64YZ
x-amz-server-side-encryption: AES256
cf-ray: 722052f65fdb9244-FRA
x-amz-id-2: wMrt7HRNlbKdv8qmyAY/7tWN51/u2vGXKHSxNwQQl8Hxfvk7LX9U/wxPgmQ254xMSnXnzr70m4k=
last-modified: Tue, 14 Jun 2022 15:53:01 GMT
server: cloudflare
etag: W/"dbb0d5bb711715e1d47a811c917445f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 27 Jun 2022 18:47:42 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 57ms
18ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8293688.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67bde44785ec5cd4a52b80ea9f11e1e0c3ba5341f57000e55e1003705f231cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
via: 1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 175
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.283/bundles/pixels-release.js&cfRay=72204eaf6e329110-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 23 Jun 2022 03:19:05 UTC
server: cloudflare
etag: W/"6cb7b14623fc6fff69528b7c98e33bcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: wsSp05Vslq9sKHmIlNZGOnuq9CMghpzX
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 722052f65e9090ec-FRA
x-amz-cf-id: sI35poW92IxY85L_2BUULjLZmpZsMXKbd5EKtNc3EZRkdJIjMQMMgw==
x-hs-target-asset: adsscriptloaderstatic/static-1.283/bundles/pixels-release.js

GET
H2 200 8293688.js Show response
js.hs-banner.com/ 63 KB
17 KB 72ms
34ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/8293688.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8293688.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 817be0f39c8e05fc660ff446a7a42d8a318dd8ddfa16165c8f2dae4598b766d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 119
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: SH95DHYWNDH5HJ7D
x-amz-id-2: 04sZpXSVO6bg42cDQ7rhd4yRi6oVe/Pf8yIEtVqoPDZW9WW2ytJxqJsXi6/nZNKp6ZElUlC0HOY=
timing-allow-origin: *
last-modified: Fri, 27 May 2022 17:10:38 GMT
server: cloudflare
etag: W/"a8ce9bb9a9e4b12d5dd1332be0bf60fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 5L3BJLSI21QzIabx2PqX9MxOycX_HulB
access-control-allow-origin: https://www.resguarda.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 722052f65aa46910-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 27 Jun 2022 18:45:43 GMT

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/8293688/837d453a-ce68-447d-baf2-b90f422c1e7d/ 44 KB
6 KB 187ms
168ms XHR
application/json 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8293688/837d453a-ce68-447d-baf2-b90f422c1e7d/json?X-HubSpot-Static-App-Info=%7B%22projectName%22:%22forms-embed%22,%22projectVersion%22:%221.1997%22,%22project%22:%22forms-embed-1.1997%22%7D

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe4251279677de5f54e890f5fa6d4db26f1736066e160936e16fdb50096c1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://share.hsforms.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-origin-hublet: na1
date: Mon, 27 Jun 2022 18:42:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: b9b71d31-9463-4297-96cc-dd4a35b6e5df
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2BCF7126FD7F3EA977C5DA5989EECD4A9126478B54000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://share.hsforms.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 722052f6dde89bdc-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 155ms
136ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8293688&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f029c1ab344cf316c3bd9f963c837d8c3f17e99548e6f2ebf3141df1a5c6af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://share.hsforms.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e919b17a-85a2-45df-87e4-a16d1f397c4c
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX6xq3235nlN0LjndtRJUt7dspNlicW70zkbu%2BSRqp94wGxNh6M6vDSI7wdGAZakkauHP9pKQV36EzPj5aG92lDABgsekwx76yXIo8BTAiTSuMF2GDjnhdYqzTXgEAy3y8RRyf8bGtjfhtHsXiyj"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://share.hsforms.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 722052f6fac59a09-FRA
access-control-allow-headers: *

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 120ms
105ms Preflight
application/octet-stream 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://share.hsforms.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://share.hsforms.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 722052f78ff291d8-FRA
content-length: 0
content-type: application/octet-stream
date: Mon, 27 Jun 2022 18:42:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
timing-allow-origin: *

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
136 B 129ms
128ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/8293688.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://share.hsforms.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Mon, 27 Jun 2022 18:42:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 39141241-d0b4-4387-9228-951b8064c6db
x-trace: 2BCAB718026239AF52845F8AD62ACC8BF9AB912857000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://share.hsforms.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 722052f8290791d8-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
965 B 178ms
161ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=8293688&ccu=https%3A%2F%2Fshare.hsforms.com%2F1g31FOs5oRH268rkPQiwefQ4xrg8&pu=https%3A%2F%2Fshare.hsforms.com%2F1g31FOs5oRH268rkPQiwefQ4xrg8%3Futm_campaign%3DWebinars%26utm_medium%3Demail%26_hsmi%3D217570281%26_hsenc%3Dp2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE%26utm_content%3D217570281%26utm_source%3Dhs_email&t=Form&cts=1656355362468&vi=eb2645a172459c8410b23103e53062f4&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 20a2f16e-5730-438b-bb7e-4b9ff5d47d1e
cf-ray: 722052f78cc89b95-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCj2qErGJsnW4h4T5rq%2BJqKpbj5i9W9Hoa1U1EtoY3B6yTahOPMV%2Br9qj7ON9GrFS701cnNRyRBna4ww3blzGEc17ongaD%2B%2FWCVn3Dhm6UyvaSj0%2FdP0C8xnVM1McuLWhFy3RB6WEod1AHDxhB1T"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d853175d1e7dcec631bfa4c1287ca8adec8cdfc3d010aaf9aaf6f705adf6ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 18:00:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Jun 2022 18:42:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Jun 2022 18:42:42 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_db7d7e90_af17_4c10_ba54_8789978894df&render=explicit&hl=es

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a9561032ca4ec06658b1d4264859a4f1ee35f32b277a7902af90af04dd04846

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 640
x-xss-protection: 1; mode=block
expires: Mon, 27 Jun 2022 18:42:42 GMT

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
170 B 184ms
174ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 832e7bbe-261c-4609-ba3d-ddf87afefa19
cf-ray: 722052f86e0a920d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2B52272D2B9D5A70F8BFACED2920733E47580FCE85000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 encabezado.jpg
8293688.fs1.hubspotusercontent-na1.net/hubfs/8293688/ 15 KB
16 KB 1012ms
982ms Image
image/jpeg 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8293688.fs1.hubspotusercontent-na1.net/hubfs/8293688/encabezado.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e73707b8b58834e6bbc02694adb649bec6c4e030a9d65995f1cafa2b809d7c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Mon, 27 Jun 2022 18:42:43 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-meta-cache-tag: F-69075562855,P-8293688,FLS-ALL
x-amz-cf-pop: FRA50-C1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 722052f88c739a18-FRA
edge-cache-tag: F-69075562855,P-8293688,FLS-ALL
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-type: image/jpeg
content-length: 15024
x-amz-id-2: R2NYnFN05fhXUat0loKoKVUAyJhnSim0uNsGDuGBPZfG57bbEdi5o1wUGuIlDvjZH693UaGCdrs=
last-modified: Mon, 21 Mar 2022 13:17:56 GMT
server: cloudflare
etag: "99f30076ffb70f23291cd57f6293fabf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1647868675250
x-amz-request-id: 26925KPKQ15R3F4P
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: OB.53CDI8b_mihQyLGM0cdXf6SRwO8ey
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TmODoa5G2CXXJEfApHfU-1cmlzO3WoKK_9aOx4l-x87OL3JZpEQLKQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
558 B 154ms
153ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=837d453a-ce68-447d-baf2-b90f422c1e7d&fci=db7d7e90-af17-4c10-ba54-8789978894df&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=8293688&ccu=https%3A%2F%2Fshare.hsforms.com%2F1g31FOs5oRH268rkPQiwefQ4xrg8&pu=https%3A%2F%2Fshare.hsforms.com%2F1g31FOs5oRH268rkPQiwefQ4xrg8%3Futm_campaign%3DWebinars%26utm_medium%3Demail%26_hsmi%3D217570281%26_hsenc%3Dp2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE%26utm_content%3D217570281%26utm_source%3Dhs_email&t=Form&cts=1656355362599&vi=eb2645a172459c8410b23103e53062f4&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 43401bf0-737d-45a6-af76-8120e769233c
cf-ray: 722052f86e7f9b95-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RNCtDzcUCRaAGuZeV6VuAk3H4jyg%2F76JLQdjpJIIRmTnE5RLXJyJNSVwe64s0DDgPrSARoupyerrHsShz2uBRqA9rrsjemGt7bK3x5%2FvsU1ZIqZJ6HYBZoZJpVSDJEOG07SW9nH%2F6%2FBUAcgcMMF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
170 B 189ms
180ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 2c37b253-4855-4610-8cb1-8421f76d00a4
cf-ray: 722052f86e0b920d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2B7FCD9265B2D2E6CC596C7788AC0BAB0B7F5DE22E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
554 B 135ms
134ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=837d453a-ce68-447d-baf2-b90f422c1e7d&fci=db7d7e90-af17-4c10-ba54-8789978894df&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=8293688&ccu=https%3A%2F%2Fshare.hsforms.com%2F1g31FOs5oRH268rkPQiwefQ4xrg8&pu=https%3A%2F%2Fshare.hsforms.com%2F1g31FOs5oRH268rkPQiwefQ4xrg8%3Futm_campaign%3DWebinars%26utm_medium%3Demail%26_hsmi%3D217570281%26_hsenc%3Dp2ANqtz-_-YIfO8XM_x2DSjdD7AjgZ-k5UBqYj82JhKgVLcgnLvvq0x8Pxq92Y_oUYseQosXpjs6cb7iRMrtZhUJO3jsBusWUdrGu55bq0Axv-gzkMsZnbliE%26utm_content%3D217570281%26utm_source%3Dhs_email&t=Form&cts=1656355362600&vi=eb2645a172459c8410b23103e53062f4&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9775eb88-7be3-40fc-ba50-0398bfe51d6c
cf-ray: 722052f86e829b95-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC7Mk6ZlQIF1oq04TMhHhhFrpn84x2YI1hPWDiZt0wxBUbfeTGgoFxQ5Pj9ajdC4r7bn6HDIEslV9m2LOBhwF%2Fg%2FDORdxI66N8xwmgyMehk5cSZOb3U9JiLBsVkwsTHOAWmETAXKqeHXAMOnpt63"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
272 B 131ms
130ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 3fdcfd31-01b2-4dd8-ae3c-e2c961ee15f2
cf-ray: 722052f86dfa920d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2B914EC1664939582AE695CA8120D6E28F9CE6CE54000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 12 KB
13 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://share.hsforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:08:28 GMT
x-content-type-options: nosniff
age: 524054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:08:28 GMT

GET
H2 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_db7d7e90_af17_4c10_ba54_8789978894df&render=explicit&hl=es

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

383e139dfa601dbb4ee5a6c43751d81a8df31f96cd68cccbbd4e5f6ba05ca386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://share.hsforms.com/
Origin: https://share.hsforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147782
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 09:19:06 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 783A 43 KB
22 KB 45ms
27ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=ozbze3vq7v1x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a169e35363129bc4cfd60b44e3ded19bd195e9cf60fe5678fae5f7cd422b2fea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gaJn9Nrv99WzWHYVulDvuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.hsforms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22676
content-security-policy: script-src 'report-sample' 'nonce-gaJn9Nrv99WzWHYVulDvuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:42:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 783A 51 KB
24 KB 24ms
7ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=ozbze3vq7v1x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 17:37:17 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 783A 366 KB
144 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__es.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

383e139dfa601dbb4ee5a6c43751d81a8df31f96cd68cccbbd4e5f6ba05ca386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147782
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 09:19:06 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 783A 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 342153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 30 Jun 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 783A 15 KB
15 KB 26ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 545077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Jun 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 783A 15 KB
15 KB 27ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 517374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Jun 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 783A 102 B
132 B 16ms
16ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4f64b320fcbc22300860e4ecaa1bc9595eea935355b9bd6caa33c36f1ff400d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=ozbze3vq7v1x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Mon, 27 Jun 2022 18:42:42 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 88A9 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e76e6670ef55886bd717281811bfd48fde0c7016c36ef966e663c1158939fc97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pmUGeEeS4TjTyjU1eKcGUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.hsforms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-pmUGeEeS4TjTyjU1eKcGUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 18:42:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 88A9 51 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 17:37:17 GMT

GET
H3 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 88A9 366 KB
144 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

383e139dfa601dbb4ee5a6c43751d81a8df31f96cd68cccbbd4e5f6ba05ca386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147782
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 09:19:06 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 88A9 38 KB
23 KB 39ms
39ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__es.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7515a8acf9760d019bd16ca9775b9dea2d3886a5245c631596381b09dfcffff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 27 Jun 2022 18:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23273
x-xss-protection: 1; mode=block
expires: Mon, 27 Jun 2022 18:42:43 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 88A9 600 B
624 B 8ms
8ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 464227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 29 Jun 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 88A9 530 B
554 B 12ms
11ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 21:24:07 GMT
x-content-type-options: nosniff
age: 595116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 27 Jun 2022 21:24:07 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 88A9 665 B
689 B 11ms
10ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 431061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 29 Jun 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 88A9 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 545078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Jun 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 88A9 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 06:37:10 GMT
x-content-type-options: nosniff
age: 302733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Jun 2023 06:37:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 88A9 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 517375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Jun 2023 18:59:48 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 88A9 28 KB
28 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AGdBq25VxDrjByFEmqv_1N8932bepXyotyiSuyUi06p2RierRTHv6oI47mFkOZXsoBMAFdOHCV0gl9w5oNdswDRs-Rkjia53M1c9H4KAtJn9ErfEdwODfEZW2hEBylaNMQphmF-FyCYOHW7B3d_whv2Q-Bjqa-78nYaXDjUXI8gCbptuNsdVh00zqKBNq15j16AhgVc6p8Kqhy75QnC4M7VQKL4Uw1fLwlRnU3D60XoSb8xr_7Y4sC0&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a62e8b013693645336b4846b5c383824be57aad0f91db5ead87923901b857473

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=es&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 18:42:43 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28821
x-xss-protection: 1; mode=block
expires: Mon, 27 Jun 2022 18:42:43 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 08:25:07	Name: _GRECAPTCHA Value: 09ABCpXhmO1t_PQ6F5D9UV6sqETQWrABHUYVT87H_3Ajrk5jm-tIuuPTY77hnTHou71VR_A6AW_lYBaFgK7QZXwf0
.www.resguarda.com/	1969-12-31 23:59:59	Name: __cfruid Value: 3dbfbd63ecb0c5769ce43f38231f8bd764fd0a8c-1656355361
.hubspot.com/	1970-01-20 04:05:57	Name: __cf_bm Value: yh04WsrRFmBVwZb5Hmo.CuDFlMdzGmd.cp0MafFPeBQ-1656355362-0-AZ0XLAF6twNJWHBtDckiZpHf9RYKaP6h98xUPUmJi6kTDIx4K96QJP05ykj8R2FCpFb8XniI577Jd+8tRfryCnk=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8293688.fs1.hubspotusercontent-na1.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
share.hsforms.com
static.hsappstatic.net
track.hubspot.com
www.google.com
www.gstatic.com
www.resguarda.com
2606:2c40::c73c:671d
2606:4700:4400::ac40:9a55
2606:4700:4400::ac40:9ad8
2606:4700::6810:5605
2606:4700::6810:5705
2606:4700::6811:46b0
2606:4700::6811:71b0
2606:4700::6811:81ab
2606:4700::6811:9d2
2606:4700::6811:b649
2606:4700::6811:d2cc
2606:4700::6813:9a53
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:828::200a
092495f275c04fd6781804e5c482a094618da7fda726d45c9d8852b4522c3c9c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2f029c1ab344cf316c3bd9f963c837d8c3f17e99548e6f2ebf3141df1a5c6af3
383e139dfa601dbb4ee5a6c43751d81a8df31f96cd68cccbbd4e5f6ba05ca386
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4d853175d1e7dcec631bfa4c1287ca8adec8cdfc3d010aaf9aaf6f705adf6ee4
4f64b320fcbc22300860e4ecaa1bc9595eea935355b9bd6caa33c36f1ff400d5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9561032ca4ec06658b1d4264859a4f1ee35f32b277a7902af90af04dd04846
666863e00f0c0bc337baa8d1eb17e8d2212e6a2aa364498276df22b7b000a794
67bde44785ec5cd4a52b80ea9f11e1e0c3ba5341f57000e55e1003705f231cd2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7e73707b8b58834e6bbc02694adb649bec6c4e030a9d65995f1cafa2b809d7c1
817be0f39c8e05fc660ff446a7a42d8a318dd8ddfa16165c8f2dae4598b766d3
8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8fe4251279677de5f54e890f5fa6d4db26f1736066e160936e16fdb50096c1f2
a169e35363129bc4cfd60b44e3ded19bd195e9cf60fe5678fae5f7cd422b2fea
a62e8b013693645336b4846b5c383824be57aad0f91db5ead87923901b857473
c0af9123608fc5b3f3a8dfec0e8e8b4efd27564e3495087a026a559179d0459f
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d20ab0bef4d2b244ef34f396c508df91d4be2580140a1b3e73be4d202d8b09d9
d472349ff8459b635b8670d2548f7ac536a71eec90773911a78690411765574c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76e6670ef55886bd717281811bfd48fde0c7016c36ef966e663c1158939fc97
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7515a8acf9760d019bd16ca9775b9dea2d3886a5245c631596381b09dfcffff

share.hsforms.com Open in urlscan Pro 2606:4700::6810:5605 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

100 %IPv6

14 Domains

18 Subdomains

16 IPs

2 Countries

911 kBTransfer

2224 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

share.hsforms.com Open in urlscan Pro
2606:4700::6810:5605 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

100 %
IPv6

14
Domains

18
Subdomains

16
IPs

2
Countries

911 kB
Transfer

2224 kB
Size

3
Cookies

42 HTTP transactions
0 data transactions