forms.hospitality.legal Open in urlscan Pro
2606:4700:20::681a:f80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://forms.hospitality.legal/
Effective URL:
https://forms.hospitality.legal/user/sign-in
Submission: On June 27 via api (June 27th 2024, 9:17:44 am UTC) from US — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2606:4700:20::681a:f80, located in United States and belongs to CLOUDFLARENET, US. The main domain is forms.hospitality.legal.
TLS certificate: Issued by WE1 on June 26th 2024. Valid for: 3 months.

This is the only time forms.hospitality.legal was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:20:... 2606:4700:20::681a:f80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2600:9000:275... 2600:9000:275b:2e00:f:2ae1:9ec0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.214.28.208 44.214.28.208	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:109b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.235.199.180 34.235.199.180	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::ac43:2832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	9

8 2606:4700:20::681a:f80 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

forms.hospitality.legal	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:275b:2e00:f:2ae1:9ec0:21 (United States)

ASN16509 (AMAZON-02, US)

d34mmrz2ojoc57.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.214.28.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-28-208.compute-1.amazonaws.com

us.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:109b (United States)

ASN13335 (CLOUDFLARENET, US)

js.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
find.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.235.199.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-199-180.compute-1.amazonaws.com

us.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2832 (United States)

ASN13335 (CLOUDFLARENET, US)

us-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudfront.net d34mmrz2ojoc57.cloudfront.net	6 MB
8	hospitality.legal 1 redirects forms.hospitality.legal	495 KB
5	posthog.com us.posthog.com — Cisco Umbrella Rank: 259088 us.i.posthog.com — Cisco Umbrella Rank: 14846 us-assets.i.posthog.com — Cisco Umbrella Rank: 35068	88 KB
3	userpilot.io js.userpilot.io — Cisco Umbrella Rank: 21647 find.userpilot.io — Cisco Umbrella Rank: 27856	264 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2823
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
29	7

	Domain	Requested by
9	d34mmrz2ojoc57.cloudfront.net	forms.hospitality.legal d34mmrz2ojoc57.cloudfront.net
8	forms.hospitality.legal	1 redirects forms.hospitality.legal d34mmrz2ojoc57.cloudfront.net
3	us.i.posthog.com	d34mmrz2ojoc57.cloudfront.net
2	js.userpilot.io	d34mmrz2ojoc57.cloudfront.net js.userpilot.io
2	fonts.googleapis.com	d34mmrz2ojoc57.cloudfront.net
2	track.hubspot.com	forms.hospitality.legal d34mmrz2ojoc57.cloudfront.net
1	us-assets.i.posthog.com	us.posthog.com
1	find.userpilot.io	d34mmrz2ojoc57.cloudfront.net
1	us.posthog.com	forms.hospitality.legal
1	static.cloudflareinsights.com	forms.hospitality.legal
29	10

This site contains no links.

Subject Issuer	Validity	Valid
forms.hospitality.legal WE1	`2024-06-26` - `2024-09-24`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.posthog.com Amazon RSA 2048 M02	`2023-12-17` - `2025-01-14`	a year	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
userpilot.io GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.i.posthog.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://forms.hospitality.legal/user/sign-in
Frame ID: 901C8C31FFC16A18A1218C1A8C755262
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

https://forms.hospitality.legal/ HTTP 302
https://forms.hospitality.legal/user/sign-in Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

29
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

6960 kB
Transfer

8027 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://forms.hospitality.legal/ HTTP 302
https://forms.hospitality.legal/user/sign-in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sign-in Show response
forms.hospitality.legal/user/
Redirect Chain

https://forms.hospitality.legal/
https://forms.hospitality.legal/user/sign-in

3 KB
2 KB

669ms
669ms

Document
text/html

2606:4700:20::681a:f80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hospitality.legal/user/sign-in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06894b9770519d7d41fa4215f91c0263536fe7a3c123a0762e5511efa5975bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 89a458541f63903c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 09:17:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdSxYL7YjXxSUECKpvh2gZhNJt7DNF%2F0g5dLX8k95yyTZArSKkHXuqCe87Dx3zgIxe9nWRyvQIh3Q8PNmu4JK8uUlUQiY%2BUzGJ%2Fj6NYRbw96WiwERdthMborfOQPE%2BtdBKH8dFPSyxa49xCjA0SWEAv0zeSJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 89a4584fda7c903c-FRA
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 09:17:37 GMT
location: https://forms.hospitality.legal/user/sign-in
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSvc53gtxrTBsSCoA4AvmjoC0fCL4%2FaMj37ffdyXX7vWcTTzpwSfdIWf3uSG%2B5ImjiE33XZcgzS8Eu0h7MGXUorExdFOQM%2BzXnITdpeUCGRqaRUfUGnZ6WZ3HhXfeFX0swwyNuXOBVGimZZPmpQp1VC6pAr6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 documate.app.js Show response
d34mmrz2ojoc57.cloudfront.net/ 462 B
873 B 326ms
46ms Script
text/javascript 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/documate.app.js
Requested by: Host: forms.hospitality.legal
URL: https://forms.hospitality.legal/user/sign-in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d88d29adb049ce23cbbfe09cf88fccaf4389f0051a0df584be399b50e6ef1e14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4hkGRNCj3aPkfRmzwd9EdCh_xrSnx516
date: Wed, 26 Jun 2024 12:02:06 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 76533
x-amz-server-side-encryption: AES256
etag: "34d2254a124907e82d64de4fac5f5eb9"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 462
x-amz-cf-id: 1SfXEWH7iAiGhhKtUNHh6VQduQqmQTjFVqm-Wj9K9kY-K0qgTb--TA==

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 195ms
99ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: forms.hospitality.legal
URL: https://forms.hospitality.legal/user/sign-in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Origin: https://forms.hospitality.legal
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:38 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89a45859ce8903f8-FRA

GET
H2 200 main.026317c7.css
d34mmrz2ojoc57.cloudfront.net/static/css/ 2 MB
2 MB 61ms
60ms Stylesheet
text/css 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/css/main.026317c7.css
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/documate.app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a026cf7d21cc1171a8ad2f48b7bf17ffdeafeb82eabb3c1352977c9dc92f9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: j4Vo3_EOqvvIpqS4BQpbRASrnDNG6UTE
date: Thu, 27 Jun 2024 09:17:38 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 783
x-amz-server-side-encryption: AES256
etag: "12e789546af039b88c0edc30ed14bbfb"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2351483
x-amz-cf-id: W2tmKeGX2kk8AuwXf0JtVhnIl4ZGge6nWAbWNMBGaSfwSGZSuetVXA==

GET
H2 200 main.5b482597.js Show response
d34mmrz2ojoc57.cloudfront.net/static/js/ 3 MB
3 MB 219ms
218ms Script
text/javascript 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/documate.app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46c686634387e729fa998b8f48352422a68d8d831118e207942359e6858966a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hkGQ8I6FMDYImss9GdNHVJXTBMVrgyJ.
date: Thu, 27 Jun 2024 09:17:38 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11617
x-amz-server-side-encryption: AES256
etag: "7b5376abb0c8159f4ccc465925cc0819"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 3638441
x-amz-cf-id: EN5QV-uEuNE4qp7TeyNuHj2YTxGgMhSwc-9YhuP3ikeO7pNlkVKBpg==

GET
H2 200 s.js Show response
forms.hospitality.legal/z/ 8 KB
5 KB 87ms
87ms Script
text/javascript 2606:4700:20::681a:f80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hospitality.legal/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySGVMUCUyMiUyQyUyMnglMjIlM0EwLjE0MDI3MzMyNTExNzAyMDA2JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZmb3Jtcy5ob3NwaXRhbGl0eS5sZWdhbCUyRnVzZXIlMkZzaWduLWluJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by: Host: forms.hospitality.legal
URL: https://forms.hospitality.legal/user/sign-in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab219afb6925ee68f8aa8fd9bcf0c58f58b5bfe903ded5c64deb7c511c08e51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://forms.hospitality.legal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bf59uRV4YVvDx9SFzyWd84sjNFGWMFmIxahtrk%2BfjuyCiEDhNw1ipC1YDHfkI0YB0D99NKW5mA1OEOUBsKY5b6s%2Bs3HzdL80la2go8c2AuKJrAWfZjmC5VjoRBdm6wRtU%2FjjbeX9QHZ3TLPTv3u3pW7MKTDG"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
cf-ray: 89a4585b5868903c-FRA

GET
H2 200 array.js Show response
us.posthog.com/static/ 140 KB
49 KB 448ms
162ms Script
text/javascript 44.214.28.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.posthog.com/static/array.js

Requested by

Host: forms.hospitality.legal
URL: https://forms.hospitality.legal/user/sign-in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.214.28.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-214-28-208.compute-1.amazonaws.com

Software

envoy /

Resource Hash

c699acdea500b74661b83b7e978ed2e752638798cc7e76d80cb1f7d961b9a7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 27 Jun 2024 01:58:12 GMT
server: envoy
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
x-envoy-upstream-service-time: 29

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
0 595ms
503ms Fetch
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.hubspot.com/__ptq.gif?k=1&v=1.1&a=22459951&pu=https%3A%2F%2Fforms.hospitality.legal%2Fuser%2Fsign-in&t=HeLP&cts=1719479858470&sd=1600x1200&ln=de-DE&cs=UTF-8&vi=a4ab6e4fdbd146dda0832aed73803ef4&nc=true&u=161298987.a4ab6e4fdbd146dda0832aed73803ef4.1719479858470.1719479858470.1719479858470.1&b=161298987.1.1719479858470

Requested by

Host: forms.hospitality.legal
URL: https://forms.hospitality.legal/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySGVMUCUyMiUyQyUyMnglMjIlM0EwLjE0MDI3MzMyNTExNzAyMDA2JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZmb3Jtcy5ob3NwaXRhbGl0eS5sZWdhbCUyRnVzZXIlMkZzaWduLWluJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f2b41fe6-544a-4b09-b8f9-bc74f7432adc
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f2b41fe6-544a-4b09-b8f9-bc74f7432adc
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9QlZ2BSQNApxMMeHXE0pQ0IMpziu1e1HaedvMfj294lcIRp5lp%2BuWKcdWqcjomkN9zwCqdk8B2mGNT5IYX%2BT2hERW8%2FbegK6vFPNVLul4VWuqui04Lo588Nygm8DeI0drLOGmL9gcKJdQtriG3d"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-k7dnw
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 89a4585c8ae89013-FRA
x-robots-tag: none

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 140ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600;700&display=swap

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/css/main.026317c7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a241c58f93bf9eaf5bd26735c1c1847c2ef5d4dc3516faea6267b3499a65b7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d34mmrz2ojoc57.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 09:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 09:15:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 09:17:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
775 B 142ms
50ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;500;600;700&display=swap

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/css/main.026317c7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c51a49841845a7733db240f41472f1c44d87f31bd8630f2f2c78f9eea291d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://d34mmrz2ojoc57.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 09:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 09:17:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 09:17:39 GMT

GET
H2 200 latest.js Show response
js.userpilot.io/sdk/ 3 KB
1 KB 250ms
72ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/latest.js

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79de4f9cd7a5918bc677c5e2921d04e7805d928e7e1f8f17bfef2d19910480f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: SYGY1YQ0QZEZS2DH
age: 21
x-amz-server-side-encryption: AES256
x-amz-id-2: TrRSPKPpiliBBnp9RLcVo5L2DCOZexC/KDE/wU0f0cdN77pCbBls2jI6Ta2msmX0hdxLDA+McegGsFk4PVslBA==
cf-bgj: minify
last-modified: Tue, 25 Jun 2024 06:06:31 GMT
server: cloudflare
etag: W/"81dd261778c8c41fb14dff9f12e04bd7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=120
cf-ray: 89a458609ef15ca4-FRA

GET
H2 200 9092.aaed800a.chunk.css
d34mmrz2ojoc57.cloudfront.net/static/css/ 202 KB
203 KB 45ms
45ms Stylesheet
text/css 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/css/9092.aaed800a.chunk.css
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 191fac5a2965fef6acc09818ee3e7244adb9337f9d6de87367820a888b3b1152

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cU1yp1_FHDjJcq7LQnUCsSenLi9yGujs
date: Thu, 27 Jun 2024 09:17:39 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 783
x-amz-server-side-encryption: AES256
etag: "dc9748d2c9a7c6074bfc0290c48575b2"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 207083
x-amz-cf-id: E5jmna7Ly6qxt7RA8MtB_9GtwscoUe98v4oynjDEHSyEV77F3T2_pA==

GET
H2 200 9092.1dfa3bf9.chunk.js Show response
d34mmrz2ojoc57.cloudfront.net/static/js/ 207 B
617 B 55ms
55ms Script
text/javascript 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/9092.1dfa3bf9.chunk.js
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1454871e6ac997d3b3a94abbb1e8438a11f89902d16e64f7910ac9a6da0f5b19

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: hY2dKCdG5hV1qRfU4axXKjser8iXkAcD
date: Thu, 27 Jun 2024 09:17:39 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 783
x-amz-server-side-encryption: AES256
etag: "63c4868c9e35a0b3c840ce5e065e1784"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 207
x-amz-cf-id: S-bnWgvqsNxCSBFebd1vZlWF2YYXRlduN-q_TYUM07uXdxjXxeUQYQ==

POST
H2 200 t.js Show response
forms.hospitality.legal/z/ 3 KB
2 KB 66ms
66ms Fetch
application/json 2606:4700:20::681a:f80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hospitality.legal/z/t.js
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124943167d9063734ba5dbceb356dd60a1717482f0bfd7cd2706f1dd4d876e99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://forms.hospitality.legal/user/sign-in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://forms.hospitality.legal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1EwqSiWfD41CPScrH%2FDRwGf22uDpVaBlUK6RtkfpW73%2FcItlBX2xrZ4DNSTnX9%2BBT3ZKkvAkAoSjv0WWEuZtKi8kFTMf0f6XkNNMAUpGse4H%2F8mlfIVFRzu%2FA86PU4feUBVj%2BMksdMfUPKT7rX3689hA0mE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 89a458603eb5903c-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

POST
H2 200 / Show response
us.i.posthog.com/decide/ 684 B
766 B 385ms
131ms XHR
application/json 34.235.199.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/decide/?v=3&ip=1&_=1719479859222&ver=1.141.4&compression=base64

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.235.199.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-235-199-180.compute-1.amazonaws.com

Software

envoy /

Resource Hash

70feeed8587037cea3843bf74e86d006cfcc72ea7842503cc6d5cd914cbee1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://forms.hospitality.legal
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 / Show response
us.i.posthog.com/e/ 13 B
418 B 381ms
131ms XHR
application/json 34.235.199.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/e/?ip=1&_=1719479859225&ver=1.141.4&compression=base64

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.235.199.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-235-199-180.compute-1.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://forms.hospitality.legal
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: X-Requested-With,Content-Type

GET
H2 200 7686.cacc08db.chunk.js Show response
d34mmrz2ojoc57.cloudfront.net/static/js/ 7 KB
7 KB 45ms
44ms Script
text/javascript 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/7686.cacc08db.chunk.js
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b45e2d6e1b032828b0b64bc422c6c6796e020e1fecb413f98df99013cf32743

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zhNdMHtk.pQJI2Ic6Ctb8WvCJRkheqIW
date: Thu, 27 Jun 2024 09:17:39 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 782
x-amz-server-side-encryption: AES256
etag: "d1d7bf8d24193ba591793c76151aa751"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 6734
x-amz-cf-id: e1fsNNnXqnYFGk6PeobJzWPIP2E4KeiaHfUyHsCmcn24-35kscfYow==

GET
H2 200 5634.51eb6cb6.chunk.js Show response
d34mmrz2ojoc57.cloudfront.net/static/js/ 11 KB
12 KB 48ms
47ms Script
text/javascript 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/5634.51eb6cb6.chunk.js
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c4df03e818e493f426c7e8de5212b219aae8f36245ec1e75fb709b7081b1499

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: _lmUqVdi1U_QOz66z6TB2VDLZHaomWaS
date: Thu, 27 Jun 2024 09:17:39 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 782
x-amz-server-side-encryption: AES256
etag: "60658c813083b6bae6291754442522d7"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 11511
x-amz-cf-id: vG9m2j9Gbzh_4qlsckd1fulWxoj-0SwCRXyaeIGb1J9_3Yue6hKGtg==

GET
H2 200 4516.513319ac.chunk.css
d34mmrz2ojoc57.cloudfront.net/static/css/ 410 B
813 B 46ms
46ms Stylesheet
text/css 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/css/4516.513319ac.chunk.css
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b626e29adfff666d6317f2e6ed4bb51213790c351e134cef0da994982a5bc6ab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: jymwn.wLrBd40MsXz8BGMM4DecGFFJu4
date: Thu, 27 Jun 2024 09:17:39 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 782
x-amz-server-side-encryption: AES256
etag: "34caebdca699582d2cc4716407471fd7"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 410
x-amz-cf-id: 5O5ox6pI40Uhdw9eUxFFokJ51I-REz4inuP8Dh_JrL8yjs-ffl1ivg==

GET
H2 200 4516.cc132688.chunk.js Show response
d34mmrz2ojoc57.cloudfront.net/static/js/ 24 KB
25 KB 55ms
55ms Script
text/javascript 2600:9000:275b:2e00:f:2ae1:9ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/4516.cc132688.chunk.js
Requested by: Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:2e00:f:2ae1:9ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36c0d9508846eb14ff05273c995212bad1549b8bfa0ea3c752d167e6f9968f11

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: m_lljUsBoQgV4qlSqGVfe4OwOEvAya.4
date: Thu, 27 Jun 2024 09:17:39 GMT
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 02:45:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 782
x-amz-server-side-encryption: AES256
etag: "2527a33513136aef4ecb88731692c228"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 24808
x-amz-cf-id: qH_m4j4ujqzqLOyrpuB_UoNidX24EIa92zutUS-1Z617iMl9UBnvnQ==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
0 164ms
164ms Fetch
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://track.hubspot.com/__ptq.gif?k=1&v=1.1&a=22459951&pu=https%3A%2F%2Fforms.hospitality.legal%2Fuser%2Fsign-in&t=HeLP&cts=1719479859245&sd=1600x1200&ln=de-DE&cs=UTF-8&vi=a4ab6e4fdbd146dda0832aed73803ef4&nc=false&u=161298987.a4ab6e4fdbd146dda0832aed73803ef4.1719479858470.1719479858470.1719479858470.1&b=161298987.2.1719479858470

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e7bcca39-d2b1-40a4-a699-fa6799a18ab4
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e7bcca39-d2b1-40a4-a699-fa6799a18ab4
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZjbnvcJ9HO73z6l%2Bclyq%2BSgSzAXat7LcYbxWdoNccB8KGB0saLebCP8swJE%2FHGmdwEI2GnV7DGPYzuP9nXRnf9kYgYC3OXmSo%2Fc93n64N%2BmItqUKbium4iMnpKke7FUNsK4Yn8MAszk%2FogkFTrW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-l8qsb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 89a45860a8019013-FRA
x-robots-tag: none

GET
H2 200 app.js Show response
js.userpilot.io/sdk/version/v0/ 1 MB
262 KB 58ms
58ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/version/v0/app.js

Requested by

Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f3d200c2f9b72045aa7b99609fdc54b0762b1248be01ce6a0c036d4bc18bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: YJ9GTA7VCMSTPDMY
age: 18578
cf-polished: origSize=1176293
x-amz-server-side-encryption: AES256
x-amz-id-2: 2vI4aNonk6ZjJlSol/Kax0c5IAR+gdMzT8N5iA3iMa0AzDMRqpHuBVYFmOjTpgETvNW98RNj1tE=
cf-bgj: minify
last-modified: Tue, 25 Jun 2024 06:06:30 GMT
server: cloudflare
etag: W/"c372b8d5f58b8ab029d1843143136fa5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
cf-ray: 89a458611f725ca4-FRA

GET
H2 200 NX-902c2ce4 Show response
find.userpilot.io/v1/lookups/ 62 B
527 B 841ms
732ms XHR
application/json 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://find.userpilot.io/v1/lookups/NX-902c2ce4

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-cache: Hit from findex
x-request-id: F9zR0p5pGL6M4yYCBTCB
last-modified: Thu, 27 Jun 2024 09:17:40 GMT
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 59999
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-apo-via: origin,host
x-ratelimit-limit: 60000
x-ratelimit-reset: 1719479880000
cf-ray: 89a4586308f39235-FRA

POST
H2 204 rum Show response
forms.hospitality.legal/cdn-cgi/ 0
102 B 50ms
50ms XHR
text/plain 2606:4700:20::681a:f80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hospitality.legal/cdn-cgi/rum?

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://forms.hospitality.legal/user/sign-in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://forms.hospitality.legal
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 89a45862693e903c-FRA

GET
H2 200 favicon.ico
forms.hospitality.legal/ 18 KB
18 KB 822ms
822ms Other
image/vnd.microsoft.icon 2606:4700:20::681a:f80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hospitality.legal/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577cb157a4361a5bdc0e4fd0a9647caa6cbed0405abc7411e532908158b40aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/user/sign-in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 18134
x-xss-protection: 1
last-modified: Mon, 24 Jun 2024 16:24:56 GMT
server: cloudflare
etag: "1719246296.6144164-18134-2050820487"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0e3IWcns11MFCHzX4ct09euqBvUqayouVkExI1%2BYj5w0AI1JT%2FU%2BHxSvPB9Xfq7venY3WC5xknV4i6RTQlZJnB40DF6vLiLYIq0fqyVQGQmDEuY%2BDXDu2sbn%2FwIeA1fH56s3KLRi%2F9ZuSPxjiinXtdGzDEz"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89a458627946903c-FRA
expires: Fri, 27 Jun 2025 09:17:40 GMT

GET
H2 200 recorder.js Show response
us-assets.i.posthog.com/static/ 106 KB
38 KB 160ms
59ms Script
text/javascript 2606:4700:10::ac43:2832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-assets.i.posthog.com/static/recorder.js?v=1.141.4

Requested by

Host: us.posthog.com
URL: https://us.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e308b1ce194d995fac2a0c1387472161b5fa6181407fde9a2cd03365d0270a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 266
x-envoy-upstream-service-time: 25
referrer-policy: same-origin
last-modified: Thu, 27 Jun 2024 01:58:13 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89a45863af864d97-FRA

GET
H2 200 logo.png
forms.hospitality.legal/ 465 KB
466 KB 981ms
981ms Image
image/png 2606:4700:20::681a:f80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hospitality.legal/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a938c441469bcd5216879db9dd897dc11f8d0791617b8d2cfbaadca002e65f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://forms.hospitality.legal/user/sign-in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 476484
x-xss-protection: 1
last-modified: Wed, 26 Jun 2024 01:10:27 GMT
server: cloudflare
etag: "1719364227.8452158-476484-3141340112"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBXJAZtGpEPOho7hWV69GeK5yvSKmNSM%2Fc8XjxFJCsgswsBb3IAgo4TaBMRqWdmsQXxgYcbzRUHOtqWmGgrB31I9nvB5gzndLUeNE8OudUEEv3U17EYmjOOjvBS5gFgXOfvARTBXYL90YWzxjMIk0nbcJ1%2FX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89a458634a67903c-FRA
expires: Fri, 27 Jun 2025 09:17:40 GMT

GET
H2 200 providers Show response
forms.hospitality.legal/api/documate/v1/auth/ 88 B
778 B 1144ms
1144ms XHR
application/json 2606:4700:20::681a:f80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hospitality.legal/api/documate/v1/auth/providers

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53e8df0e2dcaa3131db6a31dfc264648bb23a94e2ac31f10167be0c9cd116a2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json
Referer: https://forms.hospitality.legal/user/sign-in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:17:40 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
x-xss-protection: 1
referrer-policy: no-referrer
server: cloudflare
etag: W/"58-HiuktomkaBikHORjuwB9WjSrBBU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSaBhEY0PwoRBwfhxiS05BxtEhuNjMNULYnIFqaRRvPPFdSVzBzIp8WhHTX7mged%2FSkXnv46QFU7ijDk7a3992CRulxxb5dGtU9%2FuWMdXkUDK9G10HoCdnSi67a7sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cf-ray: 89a458635a7a903c-FRA

POST
H2 200 / Show response
us.i.posthog.com/s/ 13 B
417 B 251ms
251ms XHR
application/json 34.235.199.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/s/?ip=1&_=1719479862222&ver=1.141.4&compression=gzip-js

Requested by

Host: d34mmrz2ojoc57.cloudfront.net
URL: https://d34mmrz2ojoc57.cloudfront.net/static/js/main.5b482597.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.235.199.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-235-199-180.compute-1.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://forms.hospitality.legal/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Jun 2024 09:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://forms.hospitality.legal
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
access-control-allow-headers: X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forms.hospitality.legal/	1969-12-31 23:59:59	Name: session Value: 36fd607685e874f3_667d2e31.9eKLbvvC1zq6g9r7oO3tFWGe0JA
.hospitality.legal/	1969-12-31 23:59:59	Name: cfzs_hubspot Value: %7B%22vTdS_hssrc%22%3A%7B%22v%22%3A%221%22%7D%7D
.hubspot.com/	1970-01-20 21:38:01	Name: __cf_bm Value: 2U_.lEqEAHW_dHr.1d9SajG7EGKJ7rsQNLB8kuNOWeI-1719479858-1.0.1.1-bp36pPbXlL9ztWe_G8YWceMOpN0pj1bJ2.Qw9MOiKex_7xaoW.8QVi6b2yHNxRejB0vIpXz44eRSkJYbVRx2rA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: AnWYdeaTCI5BzqDl6pu.KG6fWwMqelbaIBU15pdZWiU-1719479858765-0.0.1.1-604800000
.hospitality.legal/	1970-01-21 07:13:59	Name: cfz_hubspot Value: %7B%22vTdS_hubspotutk%22%3A%7B%22v%22%3A%22a4ab6e4fdbd146dda0832aed73803ef4%22%2C%22e%22%3A1751015858470%7D%2C%22vTdS_hstc%22%3A%7B%22v%22%3A%22161298987.a4ab6e4fdbd146dda0832aed73803ef4.1719479858470.1719479858470.1719479858470.1%22%2C%22e%22%3A1751015858470%7D%2C%22vTdS_hssc%22%3A%7B%22v%22%3A%22161298987.2.1719479858470%22%2C%22e%22%3A1751015859245%7D%7D
.hospitality.legal/	1970-01-21 06:23:35	Name: ph_phc_XriIs0chlKgibIPaDIrirbEEKTAoTbn8DLRfPyPkqC3_posthog Value: %7B%22distinct_id%22%3A%22019058fc-7815-7a7e-8fab-f0d3f2fc3ecf%22%2C%22%24sesid%22%3A%5B1719479859662%2C%22019058fc-7815-7a7e-8fab-f0d1375522ba%22%2C1719479859221%5D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://forms.hospitality.legal/user/sign-in Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d34mmrz2ojoc57.cloudfront.net
find.userpilot.io
fonts.googleapis.com
forms.hospitality.legal
js.userpilot.io
static.cloudflareinsights.com
track.hubspot.com
us-assets.i.posthog.com
us.i.posthog.com
us.posthog.com
2600:9000:275b:2e00:f:2ae1:9ec0:21
2606:4700:10::ac43:2832
2606:4700:20::681a:f80
2606:4700::6810:5049
2606:4700::6810:7674
2606:4700::6812:109b
2a00:1450:4001:813::200a
34.235.199.180
44.214.28.208
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
124943167d9063734ba5dbceb356dd60a1717482f0bfd7cd2706f1dd4d876e99
1454871e6ac997d3b3a94abbb1e8438a11f89902d16e64f7910ac9a6da0f5b19
191fac5a2965fef6acc09818ee3e7244adb9337f9d6de87367820a888b3b1152
36c0d9508846eb14ff05273c995212bad1549b8bfa0ea3c752d167e6f9968f11
3ab219afb6925ee68f8aa8fd9bcf0c58f58b5bfe903ded5c64deb7c511c08e51
46c686634387e729fa998b8f48352422a68d8d831118e207942359e6858966a4
53e8df0e2dcaa3131db6a31dfc264648bb23a94e2ac31f10167be0c9cd116a2f
577cb157a4361a5bdc0e4fd0a9647caa6cbed0405abc7411e532908158b40aca
5c51a49841845a7733db240f41472f1c44d87f31bd8630f2f2c78f9eea291d87
5e308b1ce194d995fac2a0c1387472161b5fa6181407fde9a2cd03365d0270a7
70feeed8587037cea3843bf74e86d006cfcc72ea7842503cc6d5cd914cbee1ce
79de4f9cd7a5918bc677c5e2921d04e7805d928e7e1f8f17bfef2d19910480f4
7c4df03e818e493f426c7e8de5212b219aae8f36245ec1e75fb709b7081b1499
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
90f3d200c2f9b72045aa7b99609fdc54b0762b1248be01ce6a0c036d4bc18bcc
9b45e2d6e1b032828b0b64bc422c6c6796e020e1fecb413f98df99013cf32743
a241c58f93bf9eaf5bd26735c1c1847c2ef5d4dc3516faea6267b3499a65b7af
a938c441469bcd5216879db9dd897dc11f8d0791617b8d2cfbaadca002e65f6b
b626e29adfff666d6317f2e6ed4bb51213790c351e134cef0da994982a5bc6ab
c0a026cf7d21cc1171a8ad2f48b7bf17ffdeafeb82eabb3c1352977c9dc92f9b
c699acdea500b74661b83b7e978ed2e752638798cc7e76d80cb1f7d961b9a7bc
d06894b9770519d7d41fa4215f91c0263536fe7a3c123a0762e5511efa5975bb
d88d29adb049ce23cbbfe09cf88fccaf4389f0051a0df584be399b50e6ef1e14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

forms.hospitality.legal Open in urlscan Pro 2606:4700:20::681a:f80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

78 %IPv6

7 Domains

10 Subdomains

9 IPs

2 Countries

6960 kBTransfer

8027 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

forms.hospitality.legal Open in urlscan Pro
2606:4700:20::681a:f80 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

6960 kB
Transfer

8027 kB
Size

6
Cookies

29 HTTP transactions
0 data transactions