procedureflow.com Open in urlscan Pro
18.64.115.29  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request signup Show response procedureflow.com/	17 KB 5 KB	269ms 195ms	Document text/html	18.64.115.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.115.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-115-29.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash e583dea2829ea70700dbb6f9c8260689f16e942c78635198fef0ef9197f3f20e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html last-modified Wed, 09 Mar 2022 15:07:20 GMT server AmazonS3 content-encoding gzip date Thu, 17 Mar 2022 13:31:41 GMT cache-control max-age=300, no-transform, public etag W/"827c06553be455fcb3bce349a8f4292f" vary Accept-Encoding x-cache RefreshHit from cloudfront via 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront) x-amz-cf-pop TXL50-P4 x-amz-cf-id ptOENwYQt7uKg6tDFlR2Qu8jIMYdvsvy82KY_MSVgPiQ4JisW5D8aw==
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	42ms 16ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700 Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 12:27:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 13:31:40 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 13:31:40 GMT
GET H2	200	bundle-ea4fa8f774.css procedureflow.com/assets/css/	204 KB 28 KB	23ms 21ms	Stylesheet text/css	18.64.115.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://procedureflow.com/assets/css/bundle-ea4fa8f774.css Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.115.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-115-29.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 7c25120f88ce8a6f08337197f6829fbce897ce93d0784b6a000999260bd34fab Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 16:24:43 GMT content-encoding gzip last-modified Wed, 09 Mar 2022 15:08:06 GMT server AmazonS3 age 680818 etag W/"ea4fa8f774404ee0b8121e1f91017934" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=utf-8 via 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront) cache-control max-age=31536000, no-transform, public x-amz-cf-pop TXL50-P4 x-amz-cf-id OV0_lV4ipHSWlmoqEpYO8TElX1VcI7M06GP4ECBgXLJtjdSzR26J7A==
GET H2	200	picturefill.min.js Show response cdnjs.cloudflare.com/ajax/libs/picturefill/2.3.1/	8 KB 3 KB	30ms 13ms	Script application/javascript	104.16.18.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/picturefill/2.3.1/picturefill.min.js Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 13:31:40 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1259823 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2790 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f8b-1e1b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8E9janG7UtlYgRWl6HL8JaQbi7veKils0ICLXeGr1EnL4xCILdMXctkk2qkHilOdeY136a2J7f16HAn6kLV0OdEJsoV7OYvODfPTy7ELLR%2BkY%2BIP11qL79ygipKAsk%2B0n8nR6wuS"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6ed6171c285a92a7-FRA expires Tue, 07 Mar 2023 13:31:40 GMT
GET H2	200	bundle-c211a3c41a.js Show response procedureflow.com/assets/js/	104 KB 36 KB	23ms 23ms	Script application/javascript	18.64.115.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://procedureflow.com/assets/js/bundle-c211a3c41a.js Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.115.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-115-29.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash a833f3b6da5160cb3e8f7fb21b14f6e26310226bc3258ea118478e6843df8e59 Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Feb 2022 18:05:29 GMT content-encoding gzip last-modified Fri, 04 Feb 2022 17:30:53 GMT server AmazonS3 age 3525972 etag W/"eeaf575d20a30a35b99e0dacf5bb588e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront) cache-control max-age=31536000, no-transform, public x-amz-cf-pop TXL50-P4 x-amz-cf-id 3WGPh_40enRue5baRI9TQWFuXBYfTozlnsqn241IoTUap0n1_-XB2g==
GET H2	200	logo-cf01920844.svg procedureflow.com/assets/images/logos/	5 KB 2 KB	26ms 26ms	Image image/svg+xml	18.64.115.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://procedureflow.com/assets/images/logos/logo-cf01920844.svg Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.115.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-115-29.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 06793c71e4c4657ab21eb7e4dac2966c70796119857ede3b31c8acb9676b4963 Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 09 Jan 2022 17:08:33 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 19:01:52 GMT server AmazonS3 age 5775788 etag W/"cf019208443b25cba8861aba187f1ce5" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront) cache-control max-age=31536000, no-transform, public x-amz-cf-pop TXL50-P4 x-amz-cf-id S7nOu5QhcwZExZ3uCCybp94Wb55DRVEAyPXAvIPRjh7ZI8laKxbfpg==
GET H2	200	v2.js Show response js.hsforms.net/forms/	567 KB 145 KB	52ms 24ms	Script application/javascript	104.17.186.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/v2.js Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.186.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 948088d74dec6cf384fa0fcaebbe08c20ede10564e187997ac32b89095f9150e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 13:31:40 GMT via 1.1 dfbe3a6f5b354f9a5f95a5a6814ce14e.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 201 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 07 Mar 2022 11:59:17 UTC server cloudflare etag W/"78240565d16652c4c9338bc5bc32cf68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRW9%2FnVntR4y4XL7xMvypRQ3e0sWhiMumsdDKxfMtrziw3FrvKSd2eqzpZLTrBxynzEQL4G%2Bj%2Frj4UqqOv2hDfFpDyYeDJtTzBi3H%2Fb481zqRWDh3Kp6ZRjgpkaok03t"}],"group":"cf-nel","max_age":604800} x-amz-version-id SyiyAaSIpp.sXoj6AkXcBFvt313OidF0 access-control-allow-origin * cache-control s-maxage=600, max-age=0 x-hs-cache-status HIT x-amz-cf-pop IAD89-P2 cf-ray 6ed6171c2d819231-FRA x-amz-cf-id i7g1rgCuvvdd84wU_5UXqh7S44dTMfdyu0B-xamETuZbBOKn6frzMQ== x-hs-target-asset FormsNext/static-5.458/bundles/project_with_deps.js
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	51ms 21ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5214 date Thu, 17 Mar 2022 12:04:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 17 Mar 2022 14:04:46 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	23ms 7ms	Script application/x-javascript	157.240.20.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-frt3.fbcdn.net Software / Resource Hash 3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26320 x-xss-protection 0 pragma public x-fb-debug nkavi2KwNb6cnVnG5l2gPkVdaxTz9aCSc2tbE+pAlO8BweCTk+zNT5Du6qzMn0lf9krLeJF49SL1wT54LnXOJg== x-fb-trip-id 686109401 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 17 Mar 2022 13:31:40 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v28/	44 KB 44 KB	46ms 21ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://procedureflow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 22:45:30 GMT x-content-type-options nosniff age 139570 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Tue, 01 Mar 2022 22:03:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 15 Mar 2023 22:45:30 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 210 B	15ms 14ms	XHR text/plain	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1491765180&t=pageview&_s=1&dl=https%3A%2F%2Fprocedureflow.com%2Fsignup%3Futm_source%3Dsignature%26utm_medium%3Demail%26utm_campaign%3Demail_signature_signup&ul=en-us&de=UTF-8&dt=Request%20a%20demo%20%7C%20ProcedureFlow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABQAAAAC~&jid=418660279&gjid=1596958270&cid=492230198.1647523901&tid=UA-42450269-4&_gid=456670689.1647523901&_r=1&_slc=1&z=146679635 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://procedureflow.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 17 Mar 2022 13:31:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://procedureflow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.google-analytics.com/gtm/	98 KB 38 KB	26ms 26ms	Script application/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-NH8XCMS&cid=492230198.1647523901 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software Google Tag Manager / Resource Hash 52b280a6b4395c132ae4f37997dc023f9f07d8353b6b62adc4784bb8637b400d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 13:31:40 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38517 x-xss-protection 0 expires Thu, 17 Mar 2022 13:31:40 GMT
GET H2	200	1544d10c-8d25-44c6-a707-12844c2c9c03 Show response forms.hsforms.com/embed/v3/form/8992808/	64 KB 9 KB	280ms 181ms	Script application/javascript	104.16.89.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/8992808/1544d10c-8d25-44c6-a707-12844c2c9c03?callback=hs_reqwest_0&hutk= Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a5f604d67c679a1e0ed3a0eddd3dfb0ca2af678091b8178ac6c2336b9109eaf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 13:31:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-hubspot-correlation-id 1f8c39d9-99d2-4f94-be02-332dba8fe53d cf-ray 6ed6171d79ca9b95-FRA content-disposition attachment; filename=no-rfd.txt alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-trace 2B4D125F0ED199BB2709175FCC227DED42FCD86544000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript;charset=utf-8 vary Accept-Encoding cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	90ms 30ms	XHR text/plain	142.250.13.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42450269-4&cid=492230198.1647523901&jid=418660279&gjid=1596958270&_gid=456670689.1647523901&_u=IEBAAEAAQAAAAC~&z=1250023962 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.13.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS we-in-f155.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://procedureflow.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 17 Mar 2022 13:31:41 GMT content-type text/plain access-control-allow-origin https://procedureflow.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	76ms 35ms	Image image/gif	142.250.186.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42450269-4&cid=492230198.1647523901&jid=418660279&_u=IEBAAEAAQAAAAC~&z=1199131557 Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Thu, 17 Mar 2022 13:31:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	77ms 36ms	Image image/gif	172.217.168.227 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42450269-4&cid=492230198.1647523901&jid=418660279&_u=IEBAAEAAQAAAAC~&z=1199131557 Requested by Host: procedureflow.com URL: https://procedureflow.com/signup?utm_source=signature&utm_medium=email&utm_campaign=email_signature_signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.168.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s40-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://procedureflow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Thu, 17 Mar 2022 13:31:41 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	v2.js Show response js.hsforms.net/forms/ Frame 9FDE	567 KB 145 KB	52ms 37ms	Script application/javascript	104.17.186.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/v2.js Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.186.73 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 948088d74dec6cf384fa0fcaebbe08c20ede10564e187997ac32b89095f9150e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 13:31:41 GMT via 1.1 0459f0f7053eeb224fd9fe0f5db5970a.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 276 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 07 Mar 2022 11:59:17 UTC server cloudflare etag W/"78240565d16652c4c9338bc5bc32cf68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NT98TjCeQa4eOTojExU6ygI9Zm5f6qWpx2MU1jCVYu1Ywjy7SO%2Fc%2BE4LWl3Psm8jM1Nf%2BABun74alZZKVVtdGJ0xxx8OSKAa2ApQRDT01jmTkF7VNLyb8%2BfGPzFWDOUs"}],"group":"cf-nel","max_age":604800} x-amz-version-id SyiyAaSIpp.sXoj6AkXcBFvt313OidF0 access-control-allow-origin * cache-control s-maxage=600, max-age=0 x-hs-cache-status HIT x-amz-cf-pop IAD89-P2 cf-ray 6ed6171edb7f694c-FRA x-amz-cf-id sl7B1JLxA_7-r9S-7yjKCSYSFokQKjIbeWPVZY8uTmBjEmsrU6eaKQ== x-hs-target-asset FormsNext/static-5.458/bundles/project_with_deps.js
GET H3	200	css fonts.googleapis.com/ Frame 9FDE	3 KB 627 B	33ms 18ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 12:26:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 13:31:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 13:31:41 GMT
GET H3	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v28/ Frame 9FDE	16 KB 16 KB	28ms 12ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://procedureflow.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 22:45:44 GMT x-content-type-options nosniff age 139557 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16692 x-xss-protection 0 last-modified Tue, 01 Mar 2022 22:06:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 15 Mar 2023 22:45:44 GMT

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| GoogleAnalyticsScriptLoadError string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| jQuery object| dataLayer function| require function| picturefill object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq function| hs_reqwest_0 object| drift object| driftt object| PAGE_MODULES object| google_tag_manager object| google_optimize

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.procedureflow.com/	1970-01-20 19:09:55	Name: _ga Value: GA1.2.492230198.1647523901
			.procedureflow.com/	1970-01-20 01:40:10	Name: _gid Value: GA1.2.456670689.1647523901
			.procedureflow.com/	1970-01-20 01:38:43	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
js.hsforms.net
procedureflow.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
104.16.18.94
104.16.89.5
104.17.186.73
142.250.13.155
142.250.184.202
142.250.185.131
142.250.186.164
157.240.20.19
172.217.16.142
172.217.168.227
18.64.115.29
06793c71e4c4657ab21eb7e4dac2966c70796119857ede3b31c8acb9676b4963
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
52b280a6b4395c132ae4f37997dc023f9f07d8353b6b62adc4784bb8637b400d
7c25120f88ce8a6f08337197f6829fbce897ce93d0784b6a000999260bd34fab
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
948088d74dec6cf384fa0fcaebbe08c20ede10564e187997ac32b89095f9150e
9a5f604d67c679a1e0ed3a0eddd3dfb0ca2af678091b8178ac6c2336b9109eaf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a833f3b6da5160cb3e8f7fb21b14f6e26310226bc3258ea118478e6843df8e59
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d402b35e6e0d996cc57dfb1f40a87b672f1eb4dfe0744da6d9c40b0d26592815
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
e583dea2829ea70700dbb6f9c8260689f16e942c78635198fef0ef9197f3f20e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3