urlscan.io logo urlscan.io
SecurityTrails logo

url9296.formswift.com Open in urlscan Pro
104.17.149.49  Public Scan

Go To Rescan Add Verdict Report
URL: https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4Y...
Submission: On April 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 104.17.149.49, located in and belongs to CLOUDFLARENET, US. The main domain is url9296.formswift.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2021. Valid for: a year.
This is the only time url9296.formswift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 104.17.149.49 13335 (CLOUDFLAR...)
11 104.16.169.131 13335 (CLOUDFLAR...)
4 104.16.168.131 13335 (CLOUDFLAR...)
25 4
Apex Domain
Subdomains		 Transfer
15 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 7925
newassets.hcaptcha.com — Cisco Umbrella Rank: 11266
954 KB
10 formswift.com
url9296.formswift.com
84 KB
25 2
Domain Requested by
10 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
10 url9296.formswift.com url9296.formswift.com
5 hcaptcha.com url9296.formswift.com
newassets.hcaptcha.com
25 3

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
www.cloudflare.com
Subject Issuer Validity Valid
formswift.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh

This page contains 5 frames:

Primary Page: https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
Frame ID: 068303922FF75292E944ADE8BB857061
Requests: 11 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Frame ID: 80722F8F8D22777B82B45BD2891D8975
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Frame ID: 4850D68890E5F04F45FE1613C39C4DF7
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Frame ID: E18D5C5A956F8C375B7E54FA1A889D37
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Frame ID: 4308C00B03A4DCD32ABD5A6879DDF517
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attention Required! | Cloudflare

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

1038 kB
Transfer

2854 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request click
url9296.formswift.com/ls/ 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1094d8c621719c6e0730be0906350eee92686e96f5f3ece01a25adfb69c5d504
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass
1
cf-ray
701f733c6feb6983-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 26 Apr 2022 12:51:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
url9296.formswift.com/cdn-cgi/styles/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://url9296.formswift.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efefef4dea8e9c02dc9079fcfe64205b48b0f96ba73dfba169fb7919b8768f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 15:47:14 GMT
server
cloudflare
etag
W/"62602b02-5c8b"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=7200, public
cf-ray
701f733ca8746983-FRA
vary
Accept-Encoding
expires
Tue, 26 Apr 2022 14:51:29 GMT
v1
url9296.formswift.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://url9296.formswift.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=701f733c6feb6983
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcab53f7e8e9c71fa8502cc40657d9a00f204c7487f6040fc2c57a34e1f8f3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D&__cf_chl_rt_tk=E_IeSaLnJwJ.gmhtjDL6ByvrSZlSqzWP0H.jDwDPKEQ-1650977489-0-gaNycGzNCD0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
content-encoding
br
server
cloudflare
cache-control
max-age=0, must-revalidate
cf-ray
701f733cc8c36983-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
transparent.gif
url9296.formswift.com/cdn-cgi/images/trace/captcha/js/ 		42 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url9296.formswift.com/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=701f733c6feb6983
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D&__cf_chl_rt_tk=E_IeSaLnJwJ.gmhtjDL6ByvrSZlSqzWP0H.jDwDPKEQ-1650977489-0-gaNycGzNCD0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D&__cf_chl_rt_tk=E_IeSaLnJwJ.gmhtjDL6ByvrSZlSqzWP0H.jDwDPKEQ-1650977489-0-gaNycGzNCD0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 15:47:14 GMT
server
cloudflare
etag
"62602b02-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
701f733cc8c66983-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 26 Apr 2022 14:51:29 GMT
transparent.gif
url9296.formswift.com/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url9296.formswift.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=701f733c6feb6983
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D&__cf_chl_rt_tk=E_IeSaLnJwJ.gmhtjDL6ByvrSZlSqzWP0H.jDwDPKEQ-1650977489-0-gaNycGzNCD0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D&__cf_chl_rt_tk=E_IeSaLnJwJ.gmhtjDL6ByvrSZlSqzWP0H.jDwDPKEQ-1650977489-0-gaNycGzNCD0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 15:47:14 GMT
server
cloudflare
etag
"62602b02-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
701f733cc8c86983-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 26 Apr 2022 14:51:29 GMT
browser-bar.png
url9296.formswift.com/cdn-cgi/images/ 		715 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url9296.formswift.com/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 15:47:14 GMT
server
cloudflare
etag
"62602b02-2cb"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
701f733cc8ca6983-FRA
vary
Accept-Encoding
content-length
715
expires
Tue, 26 Apr 2022 14:51:29 GMT
cf-no-screenshot-warn.png
url9296.formswift.com/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url9296.formswift.com/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 15:47:14 GMT
server
cloudflare
etag
"62602b02-a20"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
701f733cc8cb6983-FRA
vary
Accept-Encoding
content-length
2592
expires
Tue, 26 Apr 2022 14:51:29 GMT
api.js
hcaptcha.com/1/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=701f733c6feb6983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05ff20a409e1b8404326b2253467f94d3e8f4af41a7dcb90cf9b27829d35a46b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
W/"b4d3dce1e99506a4288cef5fa44792b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
DUS51-P2
cf-ray
701f733d385a916b-FRA
x-amz-cf-id
kWEYhzOIoLTfAcaj1LNYOqvDC7MTD0NBofRdbbV6_Ezdly645UPQYg==
aa3f1b3a592e637
url9296.formswift.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7416031034384227:1650977006:23e6b1fbda9ee83a25ee4486037d411440c844940d3fbdfe263a3f7d3f5e6112/701f733c6feb6983/ 		72 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://url9296.formswift.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7416031034384227:1650977006:23e6b1fbda9ee83a25ee4486037d411440c844940d3fbdfe263a3f7d3f5e6112/701f733c6feb6983/aa3f1b3a592e637
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=701f733c6feb6983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a0cd3f0a2f1780132eb0773aa89fbb1d5b3efb1e58dbd8feba311f4938a9bc

Request headers

Referer
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
CF-Challenge
aa3f1b3a592e637
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Apr 2022 12:51:29 GMT
content-encoding
br
cf_chl_gen
CLjrkGhYjr35didU1ls3BIkbDrqz4Xitj3n3FGYIp5oa9PG1qToJjDDgzpfhPYEq4ROvvWBPvSW4NxD/5lyOHTR7i0g/MB06PXHY4Mm3bcFwi4AgTQSFWKqE5C0nD/PKo++hKoYaK3EKVmE+sn/6ag8GwMZ2ng05LnwQ3QHSScaDJQA22Hcti4hmeVwlVZCyLVd7ZrW54NxbKv7z0QCkpMuH3iECuU98B0sjjItRODz+RAaxdHS8g46DuDdjVPwV/XRAnR7SHQh4jusEGVUhJPeq0veqxUTKpekS7GX23Wo=$767xs3J/pwCq4OH08Ca2UQ==
server
cloudflare
cf-ray
701f733ddad96983-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
Ml9c4GUQJBiRlTy
url9296.formswift.com/cdn-cgi/challenge-platform/h/b/img/701f733c6feb6983/1650977489604/ 		61 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://url9296.formswift.com/cdn-cgi/challenge-platform/h/b/img/701f733c6feb6983/1650977489604/Ml9c4GUQJBiRlTy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8d1b978cdae9078f10d67fe522c0ac48a26842890daf8d69708bd8081228be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
server
cloudflare
cf-ray
701f734699f86983-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
aa3f1b3a592e637
url9296.formswift.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7416031034384227:1650977006:23e6b1fbda9ee83a25ee4486037d411440c844940d3fbdfe263a3f7d3f5e6112/701f733c6feb6983/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://url9296.formswift.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7416031034384227:1650977006:23e6b1fbda9ee83a25ee4486037d411440c844940d3fbdfe263a3f7d3f5e6112/701f733c6feb6983/aa3f1b3a592e637
Requested by
Host: url9296.formswift.com
URL: https://url9296.formswift.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=701f733c6feb6983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.149.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
895aaa454356518a4fff3350aacb5cee75099792f7fcd679bdca5f64b18f4a10

Request headers

Referer
https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
CF-Challenge
aa3f1b3a592e637
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
content-encoding
br
cf_chl_gen
GT3vTsCrMpYV8hjyBbAg3vZX0yQ4smX0qkJlyefi3Tc=$dTTW0rkhFuV9D2xOq+DDEg==
server
cloudflare
cf-ray
701f7347bc1e6983-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame 8072 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ad0beae827eb96a0a35819f8789699421717a0a283d89b1399f89ed942486e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://url9296.formswift.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
701f734838e7916b-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 26 Apr 2022 12:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
ZB49_Arl6y47GTnWyr5r35ESeZHTcjziwVSWTVwoP5LUCdox5dkerg==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame 4850 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe5013fd6295f6ca0e825ccdbebd28691cd7329c475c6cfb5c2477bfa00fa5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://url9296.formswift.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
701f734838de916b-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 26 Apr 2022 12:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
x-amz-cf-id
j3F6dCTj5rtQ8Js0SF2U1XpeC9Z5xA0LwQ7l1IL7G3piIKsMw3iSNA==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame E18D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ad0beae827eb96a0a35819f8789699421717a0a283d89b1399f89ed942486e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://url9296.formswift.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
701f734838e3916b-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 26 Apr 2022 12:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id
ZB49_Arl6y47GTnWyr5r35ESeZHTcjziwVSWTVwoP5LUCdox5dkerg==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/c65510b/static/ Frame 4308 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe5013fd6295f6ca0e825ccdbebd28691cd7329c475c6cfb5c2477bfa00fa5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://url9296.formswift.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
701f734838dc916b-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 26 Apr 2022 12:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
x-amz-cf-id
j3F6dCTj5rtQ8Js0SF2U1XpeC9Z5xA0LwQ7l1IL7G3piIKsMw3iSNA==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame 4308 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e4c5b88baadb7f64da4b24832b535113a18f22ebc919e1f8f5dd0f9a18d400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80346
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43687
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"d17ce84807a9ca89bce386d8552b9ec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
701f73488985916b-FRA
x-amz-cf-id
sPhii_q1gY6JbFoR1aPrupkIeViuy6yE87hDPKozSrdZIToQMYowYQ==
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame 4850 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e4c5b88baadb7f64da4b24832b535113a18f22ebc919e1f8f5dd0f9a18d400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80346
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43687
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"d17ce84807a9ca89bce386d8552b9ec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
701f73488987916b-FRA
x-amz-cf-id
sPhii_q1gY6JbFoR1aPrupkIeViuy6yE87hDPKozSrdZIToQMYowYQ==
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame 8072 		206 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea8974edf42587189349d61e463c18f56b970fa9f767baac038af41ac7f9546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80346
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60442
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"afd4b48e139bbf94eb2c3439625e497a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
701f7348898b916b-FRA
x-amz-cf-id
Vfh2Sltco_GEKekqPB4D8owYyHRsp83DJfjml02SQ1QBPbhvYx-Csg==
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/c65510b/ Frame E18D 		206 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea8974edf42587189349d61e463c18f56b970fa9f767baac038af41ac7f9546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
80346
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60442
access-control-allow-origin
*
last-modified
Wed, 20 Apr 2022 13:12:47 GMT
server
cloudflare
etag
"afd4b48e139bbf94eb2c3439625e497a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
cf-ray
701f73488992916b-FRA
x-amz-cf-id
Vfh2Sltco_GEKekqPB4D8owYyHRsp83DJfjml02SQ1QBPbhvYx-Csg==
truncated
/ Frame 4850 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4308 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 4850 		522 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=url9296.formswift.com&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a1c6448b8ec5487aec3cc9c218867601eca55956e4844862ad239127db7b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
701f73498fd85b9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 4308 		522 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=url9296.formswift.com&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fffb69947199d7ae0d5dca411f2e395260aeb525a88f8e0ae8ef84d4e7389229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
701f73498fd75b9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=url9296.formswift.com&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
GET
Origin
https://newassets.hcaptcha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://newassets.hcaptcha.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
701f73496f025c32-FRA
content-length
0
date
Tue, 26 Apr 2022 12:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=c65510b&host=url9296.formswift.com&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
GET
Origin
https://newassets.hcaptcha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://newassets.hcaptcha.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
701f73496efc5c32-FRA
content-length
0
date
Tue, 26 Apr 2022 12:51:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
hsw.js
newassets.hcaptcha.com/c/dd5d3f71/ Frame 8072 		958 KB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/dd5d3f71/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d45794c83356dbd469f1ac17acf38661dae1d569bb2348711da4a9f9732c5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
80
x-cache
Miss from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Apr 2022 11:24:37 GMT
server
cloudflare
etag
W/"11a03d285fbe15888c6a0f0e9586e068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
cf-ray
701f7349a80a5b9e-FRA
x-amz-cf-id
ZKuxIEazzDbp-pTFZiFT0Y9w296kaT0CuLKXMexHdcDodWzk9IXLqQ==
hsw.js
newassets.hcaptcha.com/c/dd5d3f71/ Frame E18D 		958 KB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/dd5d3f71/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c65510b/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d45794c83356dbd469f1ac17acf38661dae1d569bb2348711da4a9f9732c5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/c65510b/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 12:51:31 GMT
via
1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
80
x-cache
Miss from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Apr 2022 11:24:37 GMT
server
cloudflare
etag
W/"11a03d285fbe15888c6a0f0e9586e068"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
DUS51-P2
cf-ray
701f7349b8105b9e-FRA
x-amz-cf-id
ZKuxIEazzDbp-pTFZiFT0Y9w296kaT0CuLKXMexHdcDodWzk9IXLqQ==

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _cf_chl_opt function| a function| b object| _cf_translation function| _cf_chl_hload function| SHA256 function| sendRequest function| _cf_atob function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| _cf_chl_hlep object| hcaptcha boolean| _cf_chl_hloaded object| _

3 Cookies

Domain/Path Name / Value
url9296.formswift.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7416031034384227:1650977006:23e6b1fbda9ee83a25ee4486037d411440c844940d3fbdfe263a3f7d3f5e6112/701f733c6feb6983 Name: cf_chl_seq_aa3f1b3a592e637
Value: uwGT3rzxhOQi7Mn
url9296.formswift.com/ Name: cf_chl_2
Value: aa3f1b3a592e637
url9296.formswift.com/ Name: cf_chl_prog
Value: b

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://url9296.formswift.com/ls/click?upn=2wa6l9fHIGXnxlQvYyDdhPLC9cfsiRLni0w55EFlIl5avT7oNBysqwbGD2BCCi-2FPs8x6uJqY-2Bu7EJ4YhysQvzt-2F9sVV4Dj5ZtVEFRoHI9Nyu4Hhs3tuP3XFig21ZOqaGlkTIoU8IK7txwG3CN3HM2Q6p2Npw7i7w7bdkW8QNvLbMOzyJ-2BZfsJQAAaGQCeuBVPE5iZ2rn-2B4VcHwlyjw2sfY6Vc0hkQ8qlR0OJu5tQS1g-3DvEry_TMp-2FVxGoOmMN3TET5YJZDiBtZctINlb9HqPoh7JT7vxlFXg28WaGUoxlwcLOxTwhy8-2BabyM9KUo5n6cKMXhRTEJGmRGA0mv53zonBxNqFnMmQxPB0WBWqsnua0550OzOIy4kzjDEhFj6hDgNEvlgS5KAEIdToUsjhmyGB34BOPsuIFnPLDTVPcgbnIHUDv73AUW73DdTRqxSBR4GP2n5A53xANfrcya4NB67ui2ZarHUAbi1Kwfd-2Fbcds-2Fy6hQHMIAf3-2FJoBlpvWrZrQhLl3Sr9RWzb-2FPpEOp3vzln7wvJbCq0mo9-2FkL0fus0ZQfEajhvNLef0DhBYBEhJh2RUlh6NyOAXZc52YdL8CgUkbVeov5caiIr9iHmQYEwqOrDrDxqf8WSNXxyDas2OnuFjfeEMZGGm4Qq8JmB4x04y-2BZkq5nH6crAe9-2FeTL7j6Ie-2BoYGHuWm-2BLtPP4R50INmEW11FAD88mKl1otTQ500r-2BWyT58UmBKJe7jmrpSqECa58xLOmfkgx-2FALq09LysIuLAcd904bnj0kEtGgz5Y-2FcciBIQAC8S86mS9y4S2DteorMxGtU7ELSwoue5WVS9-2FAecoZDfM7WP-2F-2BLIkeMVINmNlshG-2FBqptKf70gChiHZVuhmLj3eC8APl5c2-2FJ-2Bld8CLjpNNMMH3DLmrtWn7y4cedICU6NrBcn75ByExDX4W1tP5WFW1ByFhemUDK6KT6QYGrirlS0-2FWmTHBqRp5m36L-2F8HU0I-3D
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN