share.hsforms.com Open in urlscan Pro
2606:4700::6811:eff9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cjwgl04.na1.hubspotlinks.com/Ctc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW1...
Effective URL:
https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdn...
Submission: On March 20 via api (March 20th 2024, 2:37:00 pm UTC) from CA — Scanned from CA

Summary HTTP 42 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 14 domains to perform 42 HTTP transactions. The main IP is 2606:4700::6811:eff9, located in United States and belongs to CLOUDFLARENET, US. The main domain is share.hsforms.com. The Cisco Umbrella rank of the primary domain is 282214.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time share.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:ac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:eff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c060	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:bc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:50ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7e0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c1d::6a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
9	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
42	16

2 2606:4700::6812:ac9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cjwgl04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:eff9 (United States)

ASN13335 (CLOUDFLARENET, US)

share.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c060 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e3a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1d::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

research.hinrichfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com www.gstatic.com fonts.gstatic.com	766 KB
8	google.com www.google.com — Cisco Umbrella Rank: 5	92 KB
4	hsforms.com share.hsforms.com — Cisco Umbrella Rank: 282214 forms.hsforms.com — Cisco Umbrella Rank: 8362 forms-na1.hsforms.com — Cisco Umbrella Rank: 14709	16 KB
3	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 4697	3 KB
2	hubspotlinks.com 1 redirects cjwgl04.na1.hubspotlinks.com	3 KB
1	hinrichfoundation.com research.hinrichfoundation.com	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	929 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 9861	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4692	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 6691	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4649	23 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4992	1 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 13956	151 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 11378	3 KB
42	14

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
8	www.google.com	js.hsforms.net www.gstatic.com www.google.com
3	track.hubspot.com
2	forms-na1.hsforms.com
2	cjwgl04.na1.hubspotlinks.com	1 redirects
1	research.hinrichfoundation.com
1	fonts.googleapis.com	js.hsforms.net
1	forms.hsforms.com	js.hsforms.net
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-scripts.com	share.hsforms.com
1	js.hsforms.net	share.hsforms.com
1	static.hsappstatic.net	share.hsforms.com
1	share.hsforms.com	cjwgl04.na1.hubspotlinks.com
42	17

This site contains links to these domains. Also see Links.

Domain
www.hinrichfoundation.com

Subject Issuer	Validity	Valid
hubspotlinks.com E1	`2024-03-17` - `2024-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
hsappstatic.net E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
research.hinrichfoundation.com GTS CA 1P5	`2024-03-17` - `2024-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email
Frame ID: E71C3E63AFE0648BCD30C2FD06466C43
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&badge=inline&cb=oyhp4qa1gzzw
Frame ID: 79400258CD4F397ADB734C662FDFCD98
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: C6A207505D7DC00798CEE95474E0D836
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Form

Page URL History Show full URLs

https://cjwgl04.na1.hubspotlinks.com/Ctc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6... Page URL
https://cjwgl04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x... HTTP 307
https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

42
Requests

100 %
HTTPS

100 %
IPv6

14
Domains

17
Subdomains

16
IPs

1
Countries

1183 kB
Transfer

3112 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hinrichfoundation.com/about/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cjwgl04.na1.hubspotlinks.com/Ctc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW18FK848GbytXV7wlK78hqWy1W8dClRx7wfwdYW3h9kBv2ZDdFyW37g0Gg85MGFmN4yhJSNXYZ1KW5v4pJz5j4dtfW29S1Ps4v5f28W52_vn14WxhZwW3frndW2Fg3HzN8vHmPCXXtCDW5jh-Fc3-zjNTW6CTM_j8pCz8wW581hHl2VGJBxW8HWzCG6HfghbW9fcZD53FpvzyW4dhQv13hZz8QW72wWWF7hdJJFN6ZNVf966RnKW5KQ16z30l914N37sHrFnPs1TW4bS6jx72rV4RVtQC225bWJ6vf5bQpnd04 Page URL
https://cjwgl04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW18FK848GbytXV7wlK78hqWy1W8dClRx7wfwdYW3h9kBv2ZDdFyW37g0Gg85MGFmN4yhJSNXYZ1KW5v4pJz5j4dtfW29S1Ps4v5f28W52_vn14WxhZwW3frndW2Fg3HzN8vHmPCXXtCDW5jh-Fc3-zjNTW6CTM_j8pCz8wW581hHl2VGJBxW8HWzCG6HfghbW9fcZD53FpvzyW4dhQv13hZz8QW72wWWF7hdJJFN6ZNVf966RnKW5KQ16z30l914N37sHrFnPs1TW4bS6jx72rV4RVtQC225bWJ6vf5bQpnd04?_ud=fa0d1770-0f9e-4ce9-8ed6-60d30e82df32&_jss=1&_fl=8&_pl=3&_hc=16&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW18FK848GbytXV7wlK78hqWy1W8dClRx7wfwdYW3h9kBv2ZDdFyW37g0Gg85MGFmN4yhJSNXYZ1KW5v4pJz5j4dtfW29S1Ps4v5f28W52_vn14WxhZwW3frndW...
cjwgl04.na1.hubspotlinks.com/Ctc/OP+113/cJWGL04/ 8 KB
3 KB 546ms
180ms Document
text/html 2606:4700::6812:ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cjwgl04.na1.hubspotlinks.com/Ctc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW18FK848GbytXV7wlK78hqWy1W8dClRx7wfwdYW3h9kBv2ZDdFyW37g0Gg85MGFmN4yhJSNXYZ1KW5v4pJz5j4dtfW29S1Ps4v5f28W52_vn14WxhZwW3frndW2Fg3HzN8vHmPCXXtCDW5jh-Fc3-zjNTW6CTM_j8pCz8wW581hHl2VGJBxW8HWzCG6HfghbW9fcZD53FpvzyW4dhQv13hZz8QW72wWWF7hdJJFN6ZNVf966RnKW5KQ16z30l914N37sHrFnPs1TW4bS6jx72rV4RVtQC225bWJ6vf5bQpnd04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ac9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 86766fdb9871a240-YYZ
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 20 Mar 2024 14:36:52 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 18
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-766c7548f4-jjd5v
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: c3581b6e-45c3-41b4-b8f6-82ae3e57d4e9
x-request-id: c3581b6e-45c3-41b4-b8f6-82ae3e57d4e9
x-robots-tag: none

GET
H/1.1

200
OK

Primary Request 1MdE-Wd3NSJGFWt6AFYeylw3jwzl Show response
share.hsforms.com/
Redirect Chain

https://cjwgl04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW18FK848GbytXV7wlK78hqWy1W8dClRx7wfw...
https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&u...

12 KB
5 KB

523ms
161ms

Document
text/html

2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email

Requested by

Host: cjwgl04.na1.hubspotlinks.com
URL: https://cjwgl04.na1.hubspotlinks.com/Ctc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW18FK848GbytXV7wlK78hqWy1W8dClRx7wfwdYW3h9kBv2ZDdFyW37g0Gg85MGFmN4yhJSNXYZ1KW5v4pJz5j4dtfW29S1Ps4v5f28W52_vn14WxhZwW3frndW2Fg3HzN8vHmPCXXtCDW5jh-Fc3-zjNTW6CTM_j8pCz8wW581hHl2VGJBxW8HWzCG6HfghbW9fcZD53FpvzyW4dhQv13hZz8QW72wWWF7hdJJFN6ZNVf966RnKW5KQ16z30l914N37sHrFnPs1TW4bS6jx72rV4RVtQC225bWJ6vf5bQpnd04

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b30cc1ee44b84bb12f489ea03e03960888688b5a4bf23974af6cd6981d06f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cjwgl04.na1.hubspotlinks.com/Ctc/OP+113/cJWGL04/VWBr_k1n1CKlV79Qh79gZt3zW2x7JLQ5bShyHN7WbryH3m2ndW7lCdLW6lZ3lHW33W0yT4_yJ4FW18FK848GbytXV7wlK78hqWy1W8dClRx7wfwdYW3h9kBv2ZDdFyW37g0Gg85MGFmN4yhJSNXYZ1KW5v4pJz5j4dtfW29S1Ps4v5f28W52_vn14WxhZwW3frndW2Fg3HzN8vHmPCXXtCDW5jh-Fc3-zjNTW6CTM_j8pCz8wW581hHl2VGJBxW8HWzCG6HfghbW9fcZD53FpvzyW4dhQv13hZz8QW72wWWF7hdJJFN6ZNVf966RnKW5KQ16z30l914N37sHrFnPs1TW4bS6jx72rV4RVtQC225bWJ6vf5bQpnd04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials: false
Age: 2495
CF-Cache-Status: DYNAMIC
CF-RAY: 86766fe0591a5479-YYZ
Cache-Control: max-age=600
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Mar 2024 14:36:53 GMT
Last-Modified: Wed, 20 Mar 2024 13:55:04 UTC
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: origin
Via: 1.1 05c82d802dd7dc7f98fd5d5083d604ba.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ylRK4wl7Y9axwnoiPxthjorBY2PodC76b3D1_faVLoWnzrKrLOQg5Q==
X-Amz-Cf-Pop: IAD61-P1
X-Cache: Hit from cloudfront
X-Content-Type-Options: nosniff
X-HS-Cache-Status: MISS
X-HS-Target-Asset: forms-submission-pages/static-1.4245/html/share.html
alt-svc: h3=":443"; ma=86400
cache-tag: staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao: {"allowIFrame":"always"}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: qrrxujngd.u3R.uAijDm18EW5ILvJqFN
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-td/envoy-proxy-5f8b87dff4-8r2k8
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 5574cd76-fc36-4550-a481-a510eb84f736
x-request-id: 5574cd76-fc36-4550-a481-a510eb84f736

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 86766fdcda7ca240-YYZ
date: Wed, 20 Mar 2024 14:36:52 GMT
link: <https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email>; rel="canonical"
location: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 46
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-766c7548f4-bf8hq
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: e22380ce-e508-4e4a-b19d-fe2434cf2070
x-request-id: e22380ce-e508-4e4a-b19d-fe2434cf2070
x-robots-tag: none

GET
H2 200 share-legacy.js Show response
static.hsappstatic.net/forms-submission-pages/static-1.4245/bundles/ 5 KB
3 KB 537ms
115ms Script
application/javascript 2606:4700::6811:c060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/forms-submission-pages/static-1.4245/bundles/share-legacy.js

Requested by

Host: share.hsforms.com
URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f54ea6bbbccb004aa8ab7f8e0a959919e2722de760816b926da000eacf1516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://share.hsforms.com/
Origin: https://share.hsforms.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:53 GMT
x-amz-version-id: hhYGAg9qUHpjtPIoSMqYDoUvOQt3uyoi
via: 1.1 f084ab450a6c71ebe23f8602cefd27ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YUL62-P1
age: 2498
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 20 Mar 2024 13:33:28 GMT
server: cloudflare
etag: W/"80baa4a2d6d7bbd346a3fe1f799fbdc2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFkHv5tJxhER31WnFxb%2FdUMxmT%2B5drGJ2rzeeBdXiBxYRUs17%2BTa2VrVaatE%2BJe9UTekMk7%2Fc2VGy40XAUsW%2FSRmVLkpzqG3D0r0RTq3mh5DlNpPfM%2Fv7QGQrdEozzOzfi5c%2BybhohLX4zCZ%2BZArbBTbJMw%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 86766fe40f793703-YYZ
x-amz-cf-id: L9UfmsjOQAjVli2-Y5bTbH6xnCHCb0xEFVcYX9aGznJsWs1Ow0t81Q==
expires: Thu, 20 Mar 2025 14:36:53 GMT

GET
H2 200 v3.js Show response
js.hsforms.net/forms/embed/ 472 KB
151 KB 537ms
131ms Script
application/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a46b85b862f2af6db4482ee193acaca31d668e956d248d6837cab12aaa28df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-encoding: br
age: 412
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4937/bundles/project-v3.js&cfRay=867665d0ce76a24c-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"58b1bccb5b18473a271e57782bd62a07"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4937/bundles/project-v3.js
date: Wed, 20 Mar 2024 14:36:53 GMT
x-amz-version-id: wxYcAusaqbJHEOu7QY4Js0dIijGc_QKE
via: 1.1 01b8e3a9ba527e97cf26e596dffabb8e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
x-hubspot-correlation-id: dd8db614-2685-42bf-a971-ff6377359b1b
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: dd8db614-2685-42bf-a971-ff6377359b1b
last-modified: Wed, 13 Mar 2024 10:27:47 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nC9b068o0fjoHP%2BQR8G5UZdh04h5Fwl6hB6nY1T33JC%2F%2FjNjbkINpJJHaiPoWet9OnfNf1PsI4CDgUJwXxWU12vKn%2B1ZYVSHGxrWLoZd%2Bo7Xsi1PlF8VENFtfGM0bi2N1bDRT64kEHCTwl0V"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-f846d4767-zgn9n
cf-ray: 86766fe40fc45425-YYZ
x-amz-cf-id: _sYGt3BduEGwx9ZOY-zsU5QTDUuOg4dHHXxJC1e6QVACOEUxZcJx3A==

GET
H2 200 5968065.js Show response
js.hs-scripts.com/ 2 KB
1 KB 589ms
185ms Script
application/javascript 2606:4700::6810:bc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/5968065.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ac34438ac3392bd4bc50722c20a584ddd9fb513fba84d0f31a9ef75ef046d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 173d6785-8c55-4745-8676-f01888de5a2e
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=1987
age: 36
x-envoy-upstream-service-time: 58
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 173d6785-8c55-4745-8676-f01888de5a2e
cf-bgj: minify
last-modified: Wed, 20 Mar 2024 14:36:17 GMT
server: cloudflare
x-trace: 2B5634A1A84AFA5EA35E07BE1FAE7EE2AD5EBCE532000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.hinrichfoundation.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5cb9c9b4fd-krcjp
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 86766fe3f85136d0-YYZ
expires: Wed, 20 Mar 2024 14:38:23 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5968065/ 70 KB
23 KB 529ms
153ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5968065/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5968065.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af28477bfd4f1ecd8d98d7caf0d0222f9a2e323133864ef348c7e00d510c5823

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:54 GMT
x-amz-version-id: P0VskdVUEur4mNqqZE6JL2jxl_WoPhBq
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Q4GRY32DWNQ1EABK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 24eb8b95-5905-44b4-9fb4-9220f47960cb
age: 276
x-envoy-upstream-service-time: 23
x-amz-id-2: DKUN4OX8ho43Ey6yuJQN65hZUQbIRE7qby5xfp6RuReC7UuCA2cmi6ATKDUrFLg8QXSis0bEs/M=
x-evy-trace-listener: listener_https
x-request-id: 24eb8b95-5905-44b4-9fb4-9220f47960cb
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 06 Mar 2024 15:57:34 GMT
server: cloudflare
etag: W/"4b732bc7447dcfe0c2c930553f7bccba"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.hinrichfoundation.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-hgmm2
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 86766fe78c8aa1f0-YYZ
expires: Wed, 20 Mar 2024 14:37:18 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 529ms
138ms Script
application/javascript 2606:4700::6811:e3a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5968065.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e3a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e2a6446eb5309b1d5446876ef36f49c84a3b20e5ffce99c36870b1d92eb2b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:54 GMT
x-amz-version-id: b0NQpIUVlUAGo5Ulv3397N_drGrf3CDR
via: 1.1 19a26748942db0d3fcb162b26019f692.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD61-P1
age: 207
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.540/bundles/pixels-release.js&cfRay=86766ad7ea7836fa-YYZ
x-cache: Hit from cloudfront
x-hubspot-correlation-id: f37efc82-290d-4ff6-b5a3-5fa739d32964
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f37efc82-290d-4ff6-b5a3-5fa739d32964
last-modified: Wed, 20 Mar 2024 13:53:17 UTC
server: cloudflare
etag: W/"7c74b41aab97d394c4691e874871311f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-f846d4767-c6cr6
cf-ray: 86766fe79a64a205-YYZ
x-amz-cf-id: wHqlahMOpnTeGrh9P3ymcBe-qKuQFd3TnwERhKnPBlLh7zTC-JFhIw==
x-hs-target-asset: adsscriptloaderstatic/static-1.540/bundles/pixels-release.js

GET
H2 200 5968065.js Show response
js.hs-analytics.net/analytics/1710945300000/ 66 KB
21 KB 557ms
154ms Script
text/javascript 2606:4700::6810:50ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1710945300000/5968065.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5968065.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf90114deb149d666527db2777256506e7af90740b40a2e9c938f411ae0c41e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:54 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: SS8V1E0WK3QSKDNZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3688bfae-9649-4e44-b207-58e073111337
age: 36
x-envoy-upstream-service-time: 23
x-amz-id-2: UkF50nRFUyzLK20tKfVzpA1+gQ7ADPyfGDNyZ4HSmi4+t7K3YuXUs++p3tUSyJxIOPWjnlEXkZc=
x-evy-trace-listener: listener_https
x-request-id: 3688bfae-9649-4e44-b207-58e073111337
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 18 Mar 2024 20:34:01 GMT
server: cloudflare
etag: W/"d2080003dcf92aa1092fff0f2281907e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7477b74687-hrsp6
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 86766fe7dfeea1f2-YYZ
expires: Wed, 20 Mar 2024 14:41:18 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 546ms
140ms Script
application/javascript 2606:4700::6812:7e0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5968065.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c32e9ab0ccedf342c2a0e71be3458af47d414cf533782f75089783785c4d4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://share.hsforms.com/
Origin: https://share.hsforms.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-encoding: br
age: 34644
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1329/bundle/main/lead-flows-release.js&cfRay=867322199b6f39c6-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"75205c986afbc5fe9256e7dd487bc55a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1329/bundle/main/lead-flows-release.js
date: Wed, 20 Mar 2024 14:36:54 GMT
x-amz-version-id: aoZ_DtvbO1o7fZaocTkGy0Zb3EXAIY7Q
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 8561a2d3-1b4b-4493-8bf7-cd2c64f6436a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8561a2d3-1b4b-4493-8bf7-cd2c64f6436a
last-modified: Tue, 05 Mar 2024 09:54:53 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-f846d4767-fcq9j
cf-ray: 86766fe7dcdd7119-YYZ
x-amz-cf-id: 1zXUrAkVBkw32TttTTgx3bVXhn0u2xSofEIlO_e2bIRUMTo6MwiTOw==

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/5968065/31d13e59-ddcd-4891-855a-de801587b297/ 53 KB
9 KB 605ms
248ms XHR
application/json 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5968065/31d13e59-ddcd-4891-855a-de801587b297/json?hs_static_app=forms-embed&hs_static_app_version=1.4937&X-HubSpot-Static-App-Info=forms-embed-1.4937

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec870e145676797e6f8bdce0e24c7848ae3b7be00d85e5129eaaa6bcacf35e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://share.hsforms.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Wed, 20 Mar 2024 14:36:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: d336f132-ef94-46dd-9a18-741142c90cd6
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 43
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d336f132-ef94-46dd-9a18-741142c90cd6
Server: cloudflare
X-Trace: 2B6E09AC3A1AB6CE4F2CFD3D3989F6EAFE8739E21E000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://share.hsforms.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 86766fe91f7f39f2-YYZ
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-74c94cd679-qnvq7

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 528ms
162ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=760750644&v=1.1&a=5968065&ccu=https%3A%2F%2Fshare.hsforms.com%2F1MdE-Wd3NSJGFWt6AFYeylw3jwzl&pu=https%3A%2F%2Fshare.hsforms.com%2F1MdE-Wd3NSJGFWt6AFYeylw3jwzl%3Futm_medium%3Demail%26_hsmi%3D298814652%26_hsenc%3Dp2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw%26utm_content%3D298814652%26utm_source%3Dhs_email&t=Form&cts=1710945414620&vi=f9f49e944d9432d35759d82dc20b8b1f&nc=true&u=251652889.f9f49e944d9432d35759d82dc20b8b1f.1710945414615.1710945414615.1710945414615.1&b=251652889.1.1710945414615&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b510e826-651e-4d34-a40c-989ac83e5fca
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b510e826-651e-4d34-a40c-989ac83e5fca
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AhzYCyGanu64cc9w1JV%2FgqZPEcEIq3XePY75QgN1d16VA05JLJZyvQEd%2FdOblFapFaVoOgR0nS5vjrQFCY82fNph%2Fc0rNX6mhJ8xOQccqSv8URwhrX2erIVEGd3S6X0nfNB8TqApviRjhfK38Ppb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-77dfdb84c9-rj5pp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 86766febe95fa21d-YYZ
x-robots-tag: none

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
929 B 627ms
220ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hind:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e7e93c4e4e0e3e575427ef2e4e4b0ba4168e814d4439c7e0b7dd0d3c65a9e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Mar 2024 14:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 14:36:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Mar 2024 14:36:55 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 526ms
132ms Script
text/javascript 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_ecc3e8e0_b339_4370_b24a_4dd65b426bf2&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

edda7f2c74b04599492a6c5c28fc6231e4d9920df76a65ac4e89e458bb5cd288

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2024 14:36:55 GMT

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1017 B 562ms
201ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 14:36:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: dcc12e5b-4c5b-4d78-85cd-abe9453628e4
x-envoy-upstream-service-time: 19
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dcc12e5b-4c5b-4d78-85cd-abe9453628e4
Server: cloudflare
X-Trace: 2B0995029D0371001806F3423EFD8DD3EE944C04E2000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-74c94cd679-phdwk
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 86766fed59bd39f6-YYZ

GET
H2 200 hf%20hubspot%20form%20logo%20-%20resize%20-%20education.png
research.hinrichfoundation.com/hubfs/ 9 KB
11 KB 843ms
445ms Image
image/png 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.hinrichfoundation.com/hubfs/hf%20hubspot%20form%20logo%20-%20resize%20-%20education.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8294e5402bebd0acb43eacc23de69c52db2dc684ff0c96fec1be281453c5799b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-29583946881,P-5968065,FLS-ALL
x-amz-request-id: 7N6TZXD4H0NW4QHT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29583946881,P-5968065,FLS-ALL
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "01450232a92bea6b0081a8e5d9140d11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 20 Mar 2024 14:36:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 7293b56f3a0eb541aadcbcaa0146d528.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 00M0I.yrGLL1R.P4xqI5ZNY2yHuqAVcm
x-amz-cf-pop: YTO50-P2
x-cache: Miss from cloudfront
cache-tag: F-29583946881,P-5968065,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 9725
x-amz-id-2: FtrTR07JLeavSfai2KlmOt7bVHqUqdrN+DCuSckAC2zlL3hzXQi/JWjmS7Ms+2EzwbIWwF5tRY8=
last-modified: Wed, 20 May 2020 10:15:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvgH6e2ABXf40GqpZwxZRlbGgiUO7h4JpGofGLug4mRf05QXBL%2FUQYWxQMBF34lLoZG2cI1fbrrIko3Dxnjb6M21kWjhqV6H7t1tXNtWY3l%2Fq8jESMs16NR7pNe1%2BSMwo0QhH29%2FuvN8GIsnc4QLrCdHdRmULj8oGpFUDw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 86766fed6a1fa1d8-YYZ
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: MTuNT_ss4vbNHP13VPj6T5tCGcy6U4l62rDXe-OWmJORaZhOB4Iszg==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
748 B 319ms
163ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=31d13e59-ddcd-4891-855a-de801587b297&fci=ecc3e8e0-b339-4370-b24a-4dd65b426bf2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=760750644&v=1.1&a=5968065&ccu=https%3A%2F%2Fshare.hsforms.com%2F1MdE-Wd3NSJGFWt6AFYeylw3jwzl&pu=https%3A%2F%2Fshare.hsforms.com%2F1MdE-Wd3NSJGFWt6AFYeylw3jwzl%3Futm_medium%3Demail%26_hsmi%3D298814652%26_hsenc%3Dp2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw%26utm_content%3D298814652%26utm_source%3Dhs_email&t=Form&cts=1710945414794&vi=f9f49e944d9432d35759d82dc20b8b1f&nc=true&u=251652889.f9f49e944d9432d35759d82dc20b8b1f.1710945414615.1710945414615.1710945414615.1&b=251652889.1.1710945414615&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cd930d8c-9973-41ab-b476-06fd975ccfa0
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd930d8c-9973-41ab-b476-06fd975ccfa0
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OAmBq6X8somxvKYoOD%2BTC67cCHGO0ueHh0Y5dSKhKI6zKPLqZHgdWV8AUZVqz4mUmOKqueG2LdEhwChewDeZkKWcz5%2F5vHeNdeIuAvlRrY6Cb25e0z3Y4u9H4MXe9fTZkLeVEM3nTkbZBKL5VNR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-77dfdb84c9-pl756
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 86766febe969a21d-YYZ
x-robots-tag: none

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1017 B 600ms
232ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 20 Mar 2024 14:36:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 170ce0d1-056d-4056-8576-f3d5f57f770b
x-envoy-upstream-service-time: 33
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 170ce0d1-056d-4056-8576-f3d5f57f770b
Server: cloudflare
X-Trace: 2B83C6C8E17DC90E17323CC17CE73F19086A863D4B000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-74c94cd679-f5qgj
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 86766fed69aa542b-YYZ

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
749 B 327ms
184ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=31d13e59-ddcd-4891-855a-de801587b297&fci=ecc3e8e0-b339-4370-b24a-4dd65b426bf2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=760750644&v=1.1&a=5968065&ccu=https%3A%2F%2Fshare.hsforms.com%2F1MdE-Wd3NSJGFWt6AFYeylw3jwzl&pu=https%3A%2F%2Fshare.hsforms.com%2F1MdE-Wd3NSJGFWt6AFYeylw3jwzl%3Futm_medium%3Demail%26_hsmi%3D298814652%26_hsenc%3Dp2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw%26utm_content%3D298814652%26utm_source%3Dhs_email&t=Form&cts=1710945414846&vi=f9f49e944d9432d35759d82dc20b8b1f&nc=true&u=251652889.f9f49e944d9432d35759d82dc20b8b1f.1710945414615.1710945414615.1710945414615.1&b=251652889.1.1710945414615&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://share.hsforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0d164482-3cf6-4232-90f8-04f67f30b7de
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 19
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0d164482-3cf6-4232-90f8-04f67f30b7de
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RASlxID%2FLZKatf4RUp%2FUKCvnUdOdZFi%2BGinfZyLVDse3UcG3vvb9LD2x7vTYgIqWT6MwPBwZuDTgvxso5ZyB7mT9GhE2g6%2BvwkcEterPAsMVeW46wk5gvKWe3tszJ5L1t2WzsiohOvALBHLgJnbT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-77dfdb84c9-w7wlq
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 86766febe966a21d-YYZ
x-robots-tag: none

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ 492 KB
197 KB 570ms
144ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_ecc3e8e0_b339_4370_b24a_4dd65b426bf2&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://share.hsforms.com/
Origin: https://share.hsforms.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 12:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200837
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 12:51:21 GMT

GET
H2 200 5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
16 KB 550ms
151ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://share.hsforms.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:05:10 GMT
x-content-type-options: nosniff
age: 513105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16216
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:05:10 GMT

GET
H2 200 5aU19_a8oxmIfNJdERySjQ.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
16 KB 536ms
137ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfNJdERySjQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aed4a8f357d7edc1ac50eb4de07867c83e69a10a1711e10053bddce99294b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://share.hsforms.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 15:14:21 GMT
x-content-type-options: nosniff
age: 170554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16268
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 15:14:21 GMT

GET
H2 200 5aU19_a8oxmIfJpbERySjQ.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
17 KB 598ms
200ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://share.hsforms.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:19:58 GMT
x-content-type-options: nosniff
age: 512217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16788
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:19:58 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 7940 46 KB
29 KB 147ms
146ms Document
text/html 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&badge=inline&cb=oyhp4qa1gzzw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0e087baf3f5d2e4557f7a06cf629316ed3262c2f7afe2b7fdac238c285bc7c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xBwSWwg_tOpIqENSpFq-4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.hsforms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xBwSWwg_tOpIqENSpFq-4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 14:36:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame 7940 55 KB
25 KB 550ms
139ms Stylesheet
text/css 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&badge=inline&cb=oyhp4qa1gzzw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 12:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 12:51:17 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame 7940 492 KB
196 KB 614ms
204ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 12:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200837
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 12:51:21 GMT

GET
H3 200 aczUY4RjooCOJhduSGOgZIptSUq0McxgcoTPQeOupCI.js Show response
www.google.com/js/bg/ Frame 7940 17 KB
7 KB 117ms
116ms Script
text/javascript 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/aczUY4RjooCOJhduSGOgZIptSUq0McxgcoTPQeOupCI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69ccd4638463a2808e26176e4863a0648a6d494ab431cc607284cf41e3aea422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&badge=inline&cb=oyhp4qa1gzzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7362
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 13:16:57 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7940 2 KB
2 KB 117ms
116ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:01:43 GMT
x-content-type-options: nosniff
age: 513314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Mar 2024 16:01:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7940 15 KB
15 KB 117ms
116ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 03:06:05 GMT
x-content-type-options: nosniff
age: 214252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 03:06:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7940 15 KB
15 KB 124ms
124ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:14:49 GMT
x-content-type-options: nosniff
age: 512528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:14:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 7940 102 B
135 B 128ms
128ms Other
text/javascript 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca815ec6737d0c4bc1e16779dfdbb8241fb7ad898e6459db9d399435125ab515

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&badge=inline&cb=oyhp4qa1gzzw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2024 14:36:57 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame C6A2 7 KB
1 KB 163ms
162ms Document
text/html 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20566c562e63d44cbd5ae1ffc24fcaf5140af71ef63e989b09c81e1aa6582678

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OLAfT236myvCc7oO2dUsvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://share.hsforms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OLAfT236myvCc7oO2dUsvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 14:36:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame C6A2 55 KB
24 KB 117ms
116ms Stylesheet
text/css 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 12:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 12:51:17 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame C6A2 492 KB
196 KB 152ms
152ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 12:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200837
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 12:51:21 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame C6A2 21 KB
16 KB 209ms
208ms XHR
application/json 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c136eed0d4c189c4b6e51d9f83239d037c71e46fc9cc5fb366d2f84862b5e3c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 20 Mar 2024 14:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2024 14:36:58 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame C6A2 600 B
624 B 124ms
123ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:12:31 GMT
x-content-type-options: nosniff
age: 512667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Mar 2024 16:12:31 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame C6A2 530 B
554 B 129ms
127ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 00:15:58 GMT
x-content-type-options: nosniff
age: 224460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 00:15:58 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame C6A2 665 B
689 B 129ms
127ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:04:28 GMT
x-content-type-options: nosniff
age: 513150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Mar 2024 16:04:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C6A2 15 KB
15 KB 127ms
126ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 03:06:05 GMT
x-content-type-options: nosniff
age: 214253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 03:06:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C6A2 15 KB
15 KB 162ms
161ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:07:38 GMT
x-content-type-options: nosniff
age: 512960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:07:38 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C6A2 15 KB
15 KB 127ms
126ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:14:49 GMT
x-content-type-options: nosniff
age: 512529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:14:49 GMT

GET
H3 200 aczUY4RjooCOJhduSGOgZIptSUq0McxgcoTPQeOupCI.js Show response
www.google.com/js/bg/ Frame C6A2 17 KB
7 KB 127ms
126ms Script
text/javascript 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/aczUY4RjooCOJhduSGOgZIptSUq0McxgcoTPQeOupCI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69ccd4638463a2808e26176e4863a0648a6d494ab431cc607284cf41e3aea422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 13:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7362
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 13:16:57 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame C6A2 30 KB
30 KB 137ms
137ms Image
image/jpeg 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AFcWeA5zyeX6jdjyZkdk2inQ1P6_aQqCZ5i9H1VIwstI-eUYix_fRAx5diQcBsgk6WPrC25e26s9zNbAMv2U0za3Zl1BNCOOFqlLr1IkQ9ck3nDpT7XIznypfnThdvBVMOmXSGVfFvlj4QuOdMNvOHPxuPm07etnbVRVL66NuEDfWUTjzLf_32u_e9Ob7zjML2Z5DGXPI7KfTqibo9Ar0xya4R-0lmzqDQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81cf3a3de7c68310a06f87ae4f930e3409a5bbf22d796e5c45a9c2191da7fedd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:36:58 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 20 Mar 2024 14:36:58 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:34:57	Name: _GRECAPTCHA Value: 09AH1nMHIthEC0_G26_dZidKC8wak-nWdejvtomNz0wnJwkVqBpWCBg2fF2TwpDaNUWoAqDLa-FKu9KyXCQklPcV0
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: SIbzyFpCdyaIJvdl2xEOtJ6vaXW9lLKIEWWm.cNMEp4-1710945413234-0.0.1.1-604800000
.hsforms.com/	1970-01-20 23:34:57	Name: __hstc Value: 251652889.f9f49e944d9432d35759d82dc20b8b1f.1710945414615.1710945414615.1710945414615.1
.hsforms.com/	1970-01-20 23:34:57	Name: hubspotutk Value: f9f49e944d9432d35759d82dc20b8b1f
.hsforms.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hsforms.com/	1970-01-20 19:15:47	Name: __hssc Value: 251652889.1.1710945414615
.hubspot.com/	1970-01-20 19:15:47	Name: __cf_bm Value: PtwZXLkWY0ciXyPa0IPC.zy4wVX1R3xg1HXZnJFWi3U-1710945415-1.0.1.1-Dgroscc3zj.GTm6PXt52cj3ABl8emvYX_hf4ZWheqnhTPqgoE0MDwghEQFX_3gA4e1HJzc2LvmsGYbemjRTA9Q
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: wJqnEfK5dteV.AiALGtBdlXb8ZDiEmT.9yDoO7iphIk-1710945415102-0.0.1.1-604800000
.research.hinrichfoundation.com/	1970-01-20 19:15:47	Name: __cf_bm Value: E4QZ1q0Jcn.SdmAXiBLQIobrOqsfKkX9qgsDlgTtcjo-1710945415-1.0.1.1-s9tBmhpgb1LjDspEFF2w2cusdytDslB44SM1fPMa3kvgeKXKEs4EKHsDdgdMKRtfX30rCUyvutbaGBPUciOC6w
.research.hinrichfoundation.com/	1969-12-31 23:59:59	Name: __cfruid Value: 856b1078ade2f5e4502605db1eda8604f32870da-1710945415

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share.hsforms.com/1MdE-Wd3NSJGFWt6AFYeylw3jwzl?utm_medium=email&_hsmi=298814652&_hsenc=p2ANqtz-84_noMFliSBvgKBskdne3fwhtv8k7go4WQGGEanhzS3QGBhIM4NCd2xyUgkRMbhDcYtTcHSan3XlYRYyPJHOeutFCvNw&utm_content=298814652&utm_source=hs_email Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cjwgl04.na1.hubspotlinks.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
research.hinrichfoundation.com
share.hsforms.com
static.hsappstatic.net
track.hubspot.com
www.google.com
www.gstatic.com
2606:2c40::c73c:67e1
2606:4700:4400::ac40:991b
2606:4700::6810:50ba
2606:4700::6810:8cce
2606:4700::6810:bc59
2606:4700::6811:c060
2606:4700::6811:e3a3
2606:4700::6811:eff9
2606:4700::6812:7e0c
2606:4700::6812:ac9
2606:4700::6812:b07d
2606:4700::6813:9a53
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1d::6a
0e2a6446eb5309b1d5446876ef36f49c84a3b20e5ffce99c36870b1d92eb2b1e
0e7e93c4e4e0e3e575427ef2e4e4b0ba4168e814d4439c7e0b7dd0d3c65a9e6f
0ec870e145676797e6f8bdce0e24c7848ae3b7be00d85e5129eaaa6bcacf35e4
16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20566c562e63d44cbd5ae1ffc24fcaf5140af71ef63e989b09c81e1aa6582678
3c32e9ab0ccedf342c2a0e71be3458af47d414cf533782f75089783785c4d4d1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aed4a8f357d7edc1ac50eb4de07867c83e69a10a1711e10053bddce99294b7e
69ccd4638463a2808e26176e4863a0648a6d494ab431cc607284cf41e3aea422
69f54ea6bbbccb004aa8ab7f8e0a959919e2722de760816b926da000eacf1516
6ac34438ac3392bd4bc50722c20a584ddd9fb513fba84d0f31a9ef75ef046d3d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
81cf3a3de7c68310a06f87ae4f930e3409a5bbf22d796e5c45a9c2191da7fedd
8294e5402bebd0acb43eacc23de69c52db2dc684ff0c96fec1be281453c5799b
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a46b85b862f2af6db4482ee193acaca31d668e956d248d6837cab12aaa28df0
926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
af28477bfd4f1ecd8d98d7caf0d0222f9a2e323133864ef348c7e00d510c5823
c0e087baf3f5d2e4557f7a06cf629316ed3262c2f7afe2b7fdac238c285bc7c0
c136eed0d4c189c4b6e51d9f83239d037c71e46fc9cc5fb366d2f84862b5e3c9
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca815ec6737d0c4bc1e16779dfdbb8241fb7ad898e6459db9d399435125ab515
cf90114deb149d666527db2777256506e7af90740b40a2e9c938f411ae0c41e8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
edda7f2c74b04599492a6c5c28fc6231e4d9920df76a65ac4e89e458bb5cd288
f0b30cc1ee44b84bb12f489ea03e03960888688b5a4bf23974af6cd6981d06f1

share.hsforms.com Open in urlscan Pro 2606:4700::6811:eff9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

100 %IPv6

14 Domains

17 Subdomains

16 IPs

1 Countries

1183 kBTransfer

3112 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

share.hsforms.com Open in urlscan Pro
2606:4700::6811:eff9 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

100 %
IPv6

14
Domains

17
Subdomains

16
IPs

1
Countries

1183 kB
Transfer

3112 kB
Size

10
Cookies

42 HTTP transactions
0 data transactions