Submitted URL: https://email.qracorp.com/e3t/Ctc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNw...
Effective URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2...
Submission: On March 21 via manual from IN — Scanned from DE

Summary

This website contacted 15 IPs in 2 countries across 13 domains to perform 42 HTTP transactions. The main IP is 2606:4700::6812:a07d, located in United States and belongs to CLOUDFLARENET, US. The main domain is share.hsforms.com. The Cisco Umbrella rank of the primary domain is 282214.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.
This is the only time share.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
42 15
Apex Domain
Subdomains
Transfer
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
768 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 5
115 KB
5 hsforms.com
share.hsforms.com — Cisco Umbrella Rank: 282214
forms.hsforms.com — Cisco Umbrella Rank: 8362
forms-na1.hsforms.com — Cisco Umbrella Rank: 14709
13 KB
4 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 9236
track.hubspot.com — Cisco Umbrella Rank: 4697
27 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 9097
forms.hscollectedforms.net — Cisco Umbrella Rank: 9238
26 KB
2 qracorp.com
email.qracorp.com
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 4649
23 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 9716
25 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 4692
21 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 4992
1 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 13956
151 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 11378
3 KB
42 13
Domain Requested by
9 www.gstatic.com www.google.com
www.gstatic.com
8 www.google.com js.hsforms.net
www.gstatic.com
www.google.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 track.hubspot.com
2 forms-na1.hsforms.com share.hsforms.com
2 forms.hsforms.com js.hsforms.net
share.hsforms.com
2 email.qracorp.com 1 redirects
1 fonts.googleapis.com js.hsforms.net
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hs-banner.com js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-scripts.com share.hsforms.com
1 js.hsforms.net share.hsforms.com
1 static.hsappstatic.net share.hsforms.com
1 share.hsforms.com email.qracorp.com
42 18

This site contains links to these domains. Also see Links.

Domain
qracorp.com
Subject Issuer Validity Valid
email.qracorp.com
GTS CA 1P5
2024-03-16 -
2024-06-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-18 -
2024-05-17
a year crt.sh
hsappstatic.net
E1
2024-03-10 -
2024-06-08
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2024-01-06 -
2024-12-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh

This page contains 3 frames:

Primary Page: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Frame ID: 7C26433E64B913104637E19F08CF2B88
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
Frame ID: 9B250C0C58C47ECCFCAA32E38CD9CBF8
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: CB127F6698833D37E1C6103DB0413814
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Form

Page URL History Show full URLs

  1. https://email.qracorp.com/e3t/Ctc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-... Page URL
  2. https://email.qracorp.com/events/public/v1/encoded/track/tc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PH... HTTP 307
    https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

42
Requests

100 %
HTTPS

100 %
IPv6

13
Domains

18
Subdomains

15
IPs

2
Countries

1178 kB
Transfer

2782 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.qracorp.com/e3t/Ctc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNwDW3B4CN93Qwpp9W8HjTWY3d2h3RW8frtXj2ZTYt6W1mC-nD5WyxPCW2q5qNW47NJN5W2t9n0s1PLSx0W5vjrlF5jNCBNW4kMyCn533SM-W6NsGvf5fdR0gN7p7TQFkwfKHW1hs8FM5j4TwWW5h7HnG1f0q4gW1p7DBg1qVQxKW3XRsZJ7cJWCGW6kPjjq5PjnBcMF_L3xBp5K_W2dRQW26LfnWdW2bBhFG49GCpJW5cKkDq5w_ct2W93qsss6Zwpm3W59MVr71Hc0V8W2yx0cG889sxSN56yLbMqZM9RW7tdypz7fp_lRW95PWB68Kd2cPf7l_NFs04 Page URL
  2. https://email.qracorp.com/events/public/v1/encoded/track/tc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNwDW3B4CN93Qwpp9W8HjTWY3d2h3RW8frtXj2ZTYt6W1mC-nD5WyxPCW2q5qNW47NJN5W2t9n0s1PLSx0W5vjrlF5jNCBNW4kMyCn533SM-W6NsGvf5fdR0gN7p7TQFkwfKHW1hs8FM5j4TwWW5h7HnG1f0q4gW1p7DBg1qVQxKW3XRsZJ7cJWCGW6kPjjq5PjnBcMF_L3xBp5K_W2dRQW26LfnWdW2bBhFG49GCpJW5cKkDq5w_ct2W93qsss6Zwpm3W59MVr71Hc0V8W2yx0cG889sxSN56yLbMqZM9RW7tdypz7fp_lRW95PWB68Kd2cPf7l_NFs04?_ud=72720824-1471-4c16-9324-9dca79212acd&_jss=1&_fl=8&_pl=3&_hc=12&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNwDW3B4CN93Qwpp9W8HjTWY3d2h3RW8frtXj2ZTYt6W1mC-nD5WyxPCW2q5qNW47NJN5W2t9n0s1PLSx0W5vjrlF5jNCBNW4kMyCn533SM-W6NsGvf5fdR0gN7p7TQ...
email.qracorp.com/e3t/Ctc/OM+113/ch1W504/
8 KB
4 KB
Document
General
Full URL
https://email.qracorp.com/e3t/Ctc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNwDW3B4CN93Qwpp9W8HjTWY3d2h3RW8frtXj2ZTYt6W1mC-nD5WyxPCW2q5qNW47NJN5W2t9n0s1PLSx0W5vjrlF5jNCBNW4kMyCn533SM-W6NsGvf5fdR0gN7p7TQFkwfKHW1hs8FM5j4TwWW5h7HnG1f0q4gW1p7DBg1qVQxKW3XRsZJ7cJWCGW6kPjjq5PjnBcMF_L3xBp5K_W2dRQW26LfnWdW2bBhFG49GCpJW5cKkDq5w_ct2W93qsss6Zwpm3W59MVr71Hc0V8W2yx0cG889sxSN56yLbMqZM9RW7tdypz7fp_lRW95PWB68Kd2cPf7l_NFs04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
867d04153f079225-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Thu, 21 Mar 2024 09:46:38 GMT
last-modified
Thu, 21 Mar 2024 09:46:38 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MnTl4t3Wb9NtdCffIooMt57M7K4AoMqnuIGPhQl3r0T6oSfUco0OQD%2BnQEv1ShRQjknZ%2BrMcomhEc%2F1CfRWgHMn2h0aoIyyjBs1wi2VsWV5uXkEpNaIRYniA8PjD1FCX8ntmMfOOYi%2BF25UPC6%2Bx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
8
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-766c7548f4-mqbh8
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
f0f897ae-7126-475a-8225-542eea3f5583
x-request-id
f0f897ae-7126-475a-8225-542eea3f5583
x-robots-tag
none
Primary Request 1C1oZ7MXRR0qLpxb59m8WLA1eqr5
share.hsforms.com/
Redirect Chain
  • https://email.qracorp.com/events/public/v1/encoded/track/tc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNwDW3B4CN93Qwpp9W8HjTWY3d2h3RW8frtXj2ZTYt6W1mC-nD5W...
  • https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFa...
12 KB
5 KB
Document
General
Full URL
https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Requested by
Host: email.qracorp.com
URL: https://email.qracorp.com/e3t/Ctc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNwDW3B4CN93Qwpp9W8HjTWY3d2h3RW8frtXj2ZTYt6W1mC-nD5WyxPCW2q5qNW47NJN5W2t9n0s1PLSx0W5vjrlF5jNCBNW4kMyCn533SM-W6NsGvf5fdR0gN7p7TQFkwfKHW1hs8FM5j4TwWW5h7HnG1f0q4gW1p7DBg1qVQxKW3XRsZJ7cJWCGW6kPjjq5PjnBcMF_L3xBp5K_W2dRQW26LfnWdW2bBhFG49GCpJW5cKkDq5w_ct2W93qsss6Zwpm3W59MVr71Hc0V8W2yx0cG889sxSN56yLbMqZM9RW7tdypz7fp_lRW95PWB68Kd2cPf7l_NFs04
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c545493195eeade866c19c1620059801e122af672dd654aee3e8e00bffcb186b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://email.qracorp.com/e3t/Ctc/OM+113/ch1W504/MWxGNf9lZQ9Vk71gy3_3rPFW1PHNH55bXzR-N3tskFz3prCCW7Y8-PT6lZ3mqW1GWgNb5ZJNwDW3B4CN93Qwpp9W8HjTWY3d2h3RW8frtXj2ZTYt6W1mC-nD5WyxPCW2q5qNW47NJN5W2t9n0s1PLSx0W5vjrlF5jNCBNW4kMyCn533SM-W6NsGvf5fdR0gN7p7TQFkwfKHW1hs8FM5j4TwWW5h7HnG1f0q4gW1p7DBg1qVQxKW3XRsZJ7cJWCGW6kPjjq5PjnBcMF_L3xBp5K_W2dRQW26LfnWdW2bBhFG49GCpJW5cKkDq5w_ct2W93qsss6Zwpm3W59MVr71Hc0V8W2yx0cG889sxSN56yLbMqZM9RW7tdypz7fp_lRW95PWB68Kd2cPf7l_NFs04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
false
Age
2191
CF-Cache-Status
DYNAMIC
CF-RAY
867d0417ce869220-FRA
Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Mar 2024 09:46:38 GMT
Last-Modified
Thu, 21 Mar 2024 09:09:59 UTC
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
origin
Via
1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
X-Amz-Cf-Id
j0kZyQQKIFkbt_3uB-GqU5_2SFbKq9AF8X8rTiaJABQDeLQqk51d5A==
X-Amz-Cf-Pop
IAD12-P3
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-HS-Cache-Status
MISS
X-HS-Target-Asset
forms-submission-pages/static-1.4247/html/share.html
alt-svc
h3=":443"; ma=86400
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
51Jdph1.xzetp9ssRd9nzWTpz9gQuoqc
x-envoy-upstream-service-time
3
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/star-td/envoy-proxy-5f8b87dff4-8r2k8
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
d25b2346-1df9-41b6-b521-065f74d2dac4
x-request-id
d25b2346-1df9-41b6-b521-065f74d2dac4

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
867d04165fe09225-FRA
content-security-policy
upgrade-insecure-requests
date
Thu, 21 Mar 2024 09:46:38 GMT
link
<https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email>; rel="canonical"
location
https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0odeiKu0Bk6%2B%2FXDHrDLG0zCGaLOmQfFIAHtasF3BdWYVtXmvPxvn4E%2FWVP573k6lR4KThDpMvXzLz67%2FUFnyTaiLdWk5NqDM9hVMUKEYC9ux%2FL6bBt8b0HT3NJeloRHsSsVi3333%2FxhOQAIbCjG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
39
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-766c7548f4-dhs9p
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
a1f9d083-6fac-45d7-b00c-8cd39a6fe411
x-request-id
a1f9d083-6fac-45d7-b00c-8cd39a6fe411
x-robots-tag
none
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.4247/bundles/
5 KB
3 KB
Script
General
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.4247/bundles/share-legacy.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7037c9effa44d5ef7dfb71a0018e9030a227b8257fee4329cdfeee99d9060601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:38 GMT
x-amz-version-id
TvQlyqGoNiyseKCwOwOSKQTCyTnd70O1
via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
age
2188
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 20 Mar 2024 21:38:07 GMT
server
cloudflare
etag
W/"f140c8710ece4aa931f993f3a1e09078"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YB04WI9Ie4Eimk2lGMUrbGLzSXncFt5GVxFMr9M4KJmVD95elzFNADLqBTcoIF06WD47x65V3%2BTMS%2BAMyAaeWEaFNsZ81o45rSZGcsNQIDjfV7%2BIR9ASj%2Fw0gLrcHbLTxEag564tfl2T7ZhDffJjwJZhz6s%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
867d04192d071a7d-FRA
x-amz-cf-id
BHd_ChsNSrFcyS6QdkvbqqKjLw9t8Qmha4eBGyB3ZNmikPHWBbJQVg==
expires
Fri, 21 Mar 2025 09:46:38 GMT
v3.js
js.hsforms.net/forms/embed/
472 KB
151 KB
Script
General
Full URL
https://js.hsforms.net/forms/embed/v3.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a46b85b862f2af6db4482ee193acaca31d668e956d248d6837cab12aaa28df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-encoding
br
age
237
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4937/bundles/project-v3.js&cfRay=867cfe4bedb01bbd-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"58b1bccb5b18473a271e57782bd62a07"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.4937/bundles/project-v3.js
date
Thu, 21 Mar 2024 09:46:38 GMT
x-amz-version-id
wxYcAusaqbJHEOu7QY4Js0dIijGc_QKE
via
1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
29cb1043-39c7-45d4-a1a1-f6d5ea249e96
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
29cb1043-39c7-45d4-a1a1-f6d5ea249e96
last-modified
Wed, 13 Mar 2024 10:27:47 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qAZH0YABMSIeRETsQVTZslkKb9S3dRe%2F39wvtvwmnMAX9ok4P8vfTgTLb5D2Ka5KE49ypx2V3sLO4F8ZA6tYrzs5f1j5l3IZEWMDQ%2FYUnkvoUtVV7QmhJJrEEmj5cPjO4%2BYRe9uymyPwMtlX"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-f846d4767-c6cr6
cf-ray
867d04193a629b94-FRA
x-amz-cf-id
iCph1mH2JiWikmhZTCHpSmGEgyz8h_XXodusiq7v201P8VvoB5Efbg==
2367473.js
js.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/2367473.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88c8613f16ba7708b1abe38207029c6e05ec2c05e5970b7787e2bad6231ae66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9d9bd7fb-ad43-4718-883f-c630feac5ba0
x-envoy-upstream-service-time
13
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9d9bd7fb-ad43-4718-883f-c630feac5ba0
last-modified
Thu, 21 Mar 2024 09:26:14 GMT
server
cloudflare
x-trace
2B7973DF55A9CA92C7DCCEF2B7CB30F9882D5EEDFD000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5cb9c9b4fd-jl2z6
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
867d04194c161daa-FRA
expires
Thu, 21 Mar 2024 09:48:09 GMT
json
forms.hsforms.com/embed/v3/form/2367473/0b5a19ec-c5d1-474a-8ba7-16f9f66f162c/
16 KB
5 KB
XHR
General
Full URL
https://forms.hsforms.com/embed/v3/form/2367473/0b5a19ec-c5d1-474a-8ba7-16f9f66f162c/json?hs_static_app=forms-embed&hs_static_app_version=1.4937&X-HubSpot-Static-App-Info=forms-embed-1.4937
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c27411851c67224fe5618253c137e165db0e15456e640927656d7035aa64f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://share.hsforms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Origin-Hublet
na1
Date
Thu, 21 Mar 2024 09:46:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
24827491-52b4-411e-89ad-f72c5f19b619
Transfer-Encoding
chunked
x-envoy-upstream-service-time
28
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
24827491-52b4-411e-89ad-f72c5f19b619
Server
cloudflare
X-Trace
2B755DD9D4B86C3433FB881E1A3B89A633F877AB6E000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://share.hsforms.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
867d0419da9291db-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-74c94cd679-kgn6f
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2367473.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-encoding
br
age
82
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=867d021bec453aa0-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"0892458d49ed5681928e6be69131caa7"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.468/bundles/project.js
date
Thu, 21 Mar 2024 09:46:39 GMT
x-amz-version-id
VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
1e37b326-71b0-4884-b174-e095b604b978
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
5
x-evy-trace-route-configuration
listener_https/all
x-request-id
1e37b326-71b0-4884-b174-e095b604b978
last-modified
Wed, 21 Feb 2024 09:36:07 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-f846d4767-5s5v4
cf-ray
867d041a5e5a2c63-FRA
x-amz-cf-id
UUbWtmJj96yTSBt5KSEoGUT9cSDrvWpYmKIrOq8wzMWXRs25oKavCg==
web-interactives-embed.js
js.hubspot.com/
84 KB
25 KB
Script
General
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2367473.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65390c3b5e18df070a11dd947ca2f91668714ee2a8575956b93c8b1590b9532c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-encoding
br
age
362
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.995/bundles/project.js&cfRay=867cfb47eba4694c-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"d838571cd390adf273ef11f2c93c66a2"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.995/bundles/project.js
date
Thu, 21 Mar 2024 09:46:39 GMT
x-amz-version-id
e6CBI7TNV0080vUb0QC9_Ce844NXultr
via
1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
f9e70108-2fcf-4004-a806-a9e1e0838045
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-request-id
f9e70108-2fcf-4004-a806-a9e1e0838045
last-modified
Wed, 20 Mar 2024 13:03:05 UTC
server
cloudflare
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8rzj5eIImVk9DKaoIfANXob3Lzj3%2Ffkrc8u4tIQuUL8opcyAt4%2FtkQROCk71UuD25Y1BBOyj0BqZn5zqEDNo%2BclLJs1oakySFGWcgTWaarR9Q1Am%2BOyfYbMhP%2BD5Pmap8gggsUoFacOlevD"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-f846d4767-hgrc8
cf-ray
867d041a3cbc1915-FRA
x-amz-cf-id
E_9z739uJP1GJ9Mo7ntz2jDtyKVc52K9vo6aOuGELzCxptbk-Y_KFw==
2367473.js
js.hs-analytics.net/analytics/1711014300000/
66 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1711014300000/2367473.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2367473.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba64b9a09d684a6c4240c61423c0fb1264168a593a9a31e97246eaacc5371da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
TNTG3878QCCG076Z
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
d7c4bfa5-60a1-4a69-822a-0a0bea5cf2fd
x-envoy-upstream-service-time
15
x-amz-id-2
f53R0pPRtnUZX17TEBaZ9lgbtU6D5EZohaO7ezLih9PgJ148f9D7oP/9o4oSV7bAXxjhcPXRIGE=
x-evy-trace-listener
listener_https
x-request-id
d7c4bfa5-60a1-4a69-822a-0a0bea5cf2fd
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 18 Mar 2024 20:25:55 GMT
server
cloudflare
etag
W/"540fa29e613dbc8a9f40daf8455a68db"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7477b74687-hrsp6
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
867d041a5d6091e3-FRA
expires
Thu, 21 Mar 2024 09:51:39 GMT
conversations-embed.js
js.usemessages.com/
85 KB
25 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2367473.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150a321d0b442b082a980d825882dbc2763d100c3b38d5f78beee22e957618ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
x-amz-version-id
RZTToSFR6DtQpNVNrfh57NmlHqhtRnaY
via
1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
319
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15832/bundles/project.js&cfRay=867cfc50880c2bac-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
82b52628-d359-463e-8764-25a1e8acba90
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
82b52628-d359-463e-8764-25a1e8acba90
last-modified
Mon, 18 Mar 2024 13:34:23 UTC
server
cloudflare
etag
W/"8010ebd9ea1a81928f81768a16097caa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-f846d4767-5fkcv
cf-ray
867d041a5e8b9022-FRA
x-amz-cf-id
yEzT9RuJBrNvHFQlYtqpeKAlV2ycmidJTGjF7bLk5w3tNriDgr_XxQ==
x-hs-target-asset
conversations-embed/static-1.15832/bundles/project.js
banner.js
js.hs-banner.com/v2/2367473/
70 KB
23 KB
Script
General
Full URL
https://js.hs-banner.com/v2/2367473/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2367473.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5c84d995460426715055a8c20017704747f80a972031d81aed9939ba728d745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
x-amz-version-id
0.gGqWKY0FyDX0MEG9moad_pVIg5nhWy
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
7ASY1HHYQFZ9B898
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
5d66288c-baac-4403-8f61-2f532dd0aa41
x-envoy-upstream-service-time
23
x-amz-id-2
RRQE0Tr/4Y8OCw50kildmYQNcqigpyxrTWwlfYV6I/ZFcnoXGkaUMM6wCt8xnz4ULQpSmYxOta/taqmbODURJ6na9RB+fND5
x-evy-trace-listener
listener_https
x-request-id
5d66288c-baac-4403-8f61-2f532dd0aa41
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 06 Mar 2024 15:24:15 GMT
server
cloudflare
etag
W/"a7855480b113b4cbad1d877ea20df600"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://qracorp.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
867d041a4ccdbbb6-FRA
expires
Thu, 21 Mar 2024 09:51:39 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/
115 B
411 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2367473&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88870d1db73352c33f5efc9d6288624cc1f276d7289e7eadbf0e55c812667491
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://share.hsforms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
db14fe21-e323-4b22-bff1-603dd124db52
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
db14fe21-e323-4b22-bff1-603dd124db52
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-f846d4767-68t7t
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
867d041abe9d2c63-FRA
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d754371d3a7775df0de06ed9e7837e4f46a86b55f8101d62015aba3746ab67a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Mar 2024 09:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 08:42:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Mar 2024 09:46:39 GMT
enterprise.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_9adfd483_5436_4363_adde_bcb6cf06b02d&render=explicit&hl=en
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b268493d1b4ac88d5ba93a29236de272fe4237ad49704b59e276e5e4b5eb4dd3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 09:46:39 GMT
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1016 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 09:46:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
b27ba0b2-b622-4f06-89be-1d2b6b271825
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b27ba0b2-b622-4f06-89be-1d2b6b271825
Server
cloudflare
X-Trace
2B375681C5D934CD6D348851EA6D551FE224F039FF000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-74c94cd679-spvnz
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
867d041b3a1d0493-FRA
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1016 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 09:46:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
8653bbe7-5a72-4c72-b085-f38d78d0554b
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8653bbe7-5a72-4c72-b085-f38d78d0554b
Server
cloudflare
X-Trace
2BA851833EA503A5EBA58F9CB8E91064F3DD4EF759000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-74c94cd679-zrdpf
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
867d041b2c51bbbb-FRA
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://share.hsforms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:44:56 GMT
x-content-type-options
nosniff
age
180103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:44:56 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/
496 KB
198 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_9adfd483_5436_4363_adde_bcb6cf06b02d&render=explicit&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202152
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 09:10:20 GMT
counters.gif
forms.hsforms.com/embed/v3/
35 B
625 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
7acde5d4-443b-45df-8ac3-feffc0bcb515
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7acde5d4-443b-45df-8ac3-feffc0bcb515
server
cloudflare
x-trace
2BA296BCEA0AEBC11F1A9A52C6248C31EC6F614105000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-74c94cd679-jtx94
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
867d041b98264d74-FRA
anchor
www.google.com/recaptcha/enterprise/ Frame 9B25
46 KB
29 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0f2100471b92165301b5c2b14368a989cdb04f8974945fa3aded4f224050ece
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jWJpL4CDJiuQxo9HWAxjAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://share.hsforms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jWJpL4CDJiuQxo9HWAxjAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Mar 2024 09:46:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 9B25
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 09:10:20 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 9B25
496 KB
197 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202152
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 09:10:20 GMT
zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js
www.google.com/js/bg/ Frame 9B25
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd87cc2685d0e1376334e9ae6d61c5eed7c1f948f6edde61be229124d2bfaf11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 08:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
178620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7358
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 08:09:39 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9B25
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 03:45:28 GMT
x-content-type-options
nosniff
age
194471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 26 Mar 2024 03:45:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B25
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:32:19 GMT
x-content-type-options
nosniff
age
224060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 19:32:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B25
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:26:30 GMT
x-content-type-options
nosniff
age
588009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Mar 2025 14:26:30 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 9B25
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e218317cb912f66558792d0563e846a889f26258b7d564bcd24c3f02a7dbccaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9zaGFyZS5oc2Zvcm1zLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&badge=inline&cb=xo7xrusbxtst
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 09:46:39 GMT
__ptq.gif
track.hubspot.com/
45 B
750 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=554772544&v=1.1&a=2367473&ccu=https%3A%2F%2Fshare.hsforms.com%2F1C1oZ7MXRR0qLpxb59m8WLA1eqr5&pu=https%3A%2F%2Fshare.hsforms.com%2F1C1oZ7MXRR0qLpxb59m8WLA1eqr5%3Futm_campaign%3DNewsletters%26utm_medium%3Demail%26_hsmi%3D299130637%26_hsenc%3Dp2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4%26utm_content%3D299131086%26utm_source%3Dhs_email&t=Form&cts=1711014399541&vi=007a588cbbc84ebaf4c85a10ac87fb50&nc=true&u=251652889.007a588cbbc84ebaf4c85a10ac87fb50.1711014399538.1711014399538.1711014399538.1&b=251652889.1.1711014399538&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
b94c1b6a-9e70-45b1-8fc1-593a2714d98a
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
14
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b94c1b6a-9e70-45b1-8fc1-593a2714d98a
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymiH13ZFRQdxODFKcyX0obywnzp4pJRgetuxmJeC%2FgDdRwuTcMEMZx4G7zhbYw5REpC6O5zkoW9dl1DZevPbhOiKam%2FDy6VP449wWkMzMQt%2Bzc2K42zD8LJ8R4FpK0CKrtqAaM%2FuFVyqLDhvgWCM"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-77dfdb84c9-z4rch
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
867d041d6e41bc04-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=0b5a19ec-c5d1-474a-8ba7-16f9f66f162c&fci=9adfd483-5436-4363-adde-bcb6cf06b02d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=554772544&v=1.1&a=2367473&ccu=https%3A%2F%2Fshare.hsforms.com%2F1C1oZ7MXRR0qLpxb59m8WLA1eqr5&pu=https%3A%2F%2Fshare.hsforms.com%2F1C1oZ7MXRR0qLpxb59m8WLA1eqr5%3Futm_campaign%3DNewsletters%26utm_medium%3Demail%26_hsmi%3D299130637%26_hsenc%3Dp2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4%26utm_content%3D299131086%26utm_source%3Dhs_email&t=Form&cts=1711014399542&vi=007a588cbbc84ebaf4c85a10ac87fb50&nc=true&u=251652889.007a588cbbc84ebaf4c85a10ac87fb50.1711014399538.1711014399538.1711014399538.1&b=251652889.1.1711014399538&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ade9fdb3-b54b-40d5-b070-f3401bca5851
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
9
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ade9fdb3-b54b-40d5-b070-f3401bca5851
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=laVCwrDqyRzYNmiLt6a9LrmBsVAgwu0XGA7SaigVqvhu%2FNIercb1RhRvaZWg3hS6m5wvjbXk5H%2BW9XRje2w3je%2BwyHC1q8TDN%2Ffvcd3MGYbw0R8hL%2F9xNjeA98wuJWP8CnrTT93I5Z1hgwOii%2Ffc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-77dfdb84c9-w7wlq
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
867d041d6e3fbc04-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
749 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=0b5a19ec-c5d1-474a-8ba7-16f9f66f162c&fci=9adfd483-5436-4363-adde-bcb6cf06b02d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=554772544&v=1.1&a=2367473&ccu=https%3A%2F%2Fshare.hsforms.com%2F1C1oZ7MXRR0qLpxb59m8WLA1eqr5&pu=https%3A%2F%2Fshare.hsforms.com%2F1C1oZ7MXRR0qLpxb59m8WLA1eqr5%3Futm_campaign%3DNewsletters%26utm_medium%3Demail%26_hsmi%3D299130637%26_hsenc%3Dp2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4%26utm_content%3D299131086%26utm_source%3Dhs_email&t=Form&cts=1711014399543&vi=007a588cbbc84ebaf4c85a10ac87fb50&nc=true&u=251652889.007a588cbbc84ebaf4c85a10ac87fb50.1711014399538.1711014399538.1711014399538.1&b=251652889.1.1711014399538&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
7c8537bd-4ddf-48c9-9246-9ef2e2b42250
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
10
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7c8537bd-4ddf-48c9-9246-9ef2e2b42250
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTpCDv3sAngkwQTce7lqvymdg0pS6bR8HMUzXmprU3bBiVGt%2BeQ458M9Mrz1l1bW4eTjDt4XMOZSgobApcsrSDgec9gdqV4wyJ45%2FVoBcgr3tmNuDYYEU1jGvofJCzP%2FGRXIL1KqgB%2BV6NedsMzG"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-77dfdb84c9-v4shv
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
867d041d6e43bc04-FRA
x-robots-tag
none
bframe
www.google.com/recaptcha/enterprise/ Frame CB12
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
46974236dc3e24520cfeed650e9bf1909a2df8d29814cbccb122c97f8752acc1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XrPfxILlzAHXn8DbUMVs4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://share.hsforms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XrPfxILlzAHXn8DbUMVs4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Mar 2024 09:46:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame CB12
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 09:10:20 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame CB12
496 KB
197 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202152
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Mar 2025 09:10:20 GMT
reload
www.google.com/recaptcha/enterprise/ Frame CB12
21 KB
16 KB
XHR
General
Full URL
https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c5592bb28aa66c13d6bebe2a0e7befdcc6ae169eb5a0efa7a5e336ff5e3001ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 09:46:39 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame CB12
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 18:30:13 GMT
x-content-type-options
nosniff
age
227786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 25 Mar 2024 18:30:13 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame CB12
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:17:32 GMT
x-content-type-options
nosniff
age
224947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 25 Mar 2024 19:17:32 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame CB12
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 11:42:02 GMT
x-content-type-options
nosniff
age
597877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 21 Mar 2024 11:42:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB12
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 19:32:19 GMT
x-content-type-options
nosniff
age
224060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 19:32:19 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB12
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 17:34:06 GMT
x-content-type-options
nosniff
age
231153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 17:34:06 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB12
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:26:30 GMT
x-content-type-options
nosniff
age
588009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Mar 2025 14:26:30 GMT
zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js
www.google.com/js/bg/ Frame CB12
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/zYfMJoXQ4TdjNOmubWHF7tfB-Uj27d5hviKRJNK_rxE.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd87cc2685d0e1376334e9ae6d61c5eed7c1f948f6edde61be229124d2bfaf11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 08:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
178620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7358
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Mar 2025 08:09:39 GMT
payload
www.google.com/recaptcha/enterprise/ Frame CB12
53 KB
53 KB
Image
General
Full URL
https://www.google.com/recaptcha/enterprise/payload?p=06AFcWeA5gp2if-6HjwXvYnPGHMUIzbK1knHnwhRF4XjRzBwK1Y6NXKj0ANTJ4d1MmVNBl5QCf7MfUIudnk7NHwJDbjmYYCmPkcnYufR3fZ4ue9y2IHpWS1Yw6lM7cDBcAVnkJ8ee3TYcuYfDkIUcyJZwQSNviaLWw1Mkr-K1id3yTXZoEBczayFSGdeE1mfdSv2fsVpAWzg1i&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8b37591457f5458190c5f10f14b58a709d8fea8759d84a58ccc496a9a2586d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 09:46:39 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 09:46:39 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| isQa object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isLocal string| apiHubspotUrl string| formsHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| hubspot object| HubSpotForms object| hbspt object| _hsp object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance boolean| hubspot_live_messages_running object| __hsCollectedFormsDebug function| hsRecaptchaLoaded_9adfd483_5436_4363_adde_bcb6cf06b02d object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _paq function| sanitizeKey boolean| _hstc_loaded object| closure_lm_184785 object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

10 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AH1nMHK4fYgQ6mt4tCiQKzugUmLCiFrlCkE1yItMsRyT9tqna4fGXoy8Dsk9jepjf0vySKr-_2JqGQOk2Oc-zBI
.email.qracorp.com/ Name: __cf_bm
Value: OGmL7KkH2CbvGMd1E8zQrq8hdaI_JlnciQnTDOqpgrc-1711014398-1.0.1.1-NmKnDeWRdmRUCa.lya47wwzaI4EDw57_0vXDxz._QmgPUF1TIzEiMBlI9SGn1Z7ovHks3ZLOVtU8o2LXQ1fHcg
.email.qracorp.com/ Name: __cfruid
Value: d8bc22374d1a3b3b1b4676c2b5898a3bf5b5f8ef-1711014398
.hsforms.com/ Name: _cfuvid
Value: cLGJME.D8ngRpAsdq_LKaD6G414UtZHf8iMhittkwjM-1711014398816-0.0.1.1-604800000
.hsforms.com/ Name: __hstc
Value: 251652889.007a588cbbc84ebaf4c85a10ac87fb50.1711014399538.1711014399538.1711014399538.1
.hsforms.com/ Name: hubspotutk
Value: 007a588cbbc84ebaf4c85a10ac87fb50
.hsforms.com/ Name: __hssrc
Value: 1
.hsforms.com/ Name: __hssc
Value: 251652889.1.1711014399538
.hubspot.com/ Name: __cf_bm
Value: v4c6anPJi2EOzVEBXzbfRQHIMvQJyTgNv33ezTFoA14-1711014399-1.0.1.1-RQzmKNxrA0JJAa3LcJr_AhreXQmpyAUzFFtwoUHcJngcvB_yzac4Q2u2a7AbRyf8LDCz6FIy.TMkKwLby_5mfw
.hubspot.com/ Name: _cfuvid
Value: kv9l73B8GsssnIDTie2BBShbLh40akH1ly.mw4zRXWY-1711014399719-0.0.1.1-604800000

8 Console Messages

Source Level URL
Text
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share.hsforms.com/1C1oZ7MXRR0qLpxb59m8WLA1eqr5?utm_campaign=Newsletters&utm_medium=email&_hsmi=299130637&_hsenc=p2ANqtz-8JkdJDTPxl8mg8CmJ2CdOf-8YMXik30l3RlYFVilEFuDf5bhl34blI2n10NhyiPaleeFas8uWOXo6QahQ1n34CsAmtr7TZ8dMjy359wcjLUoOg4W4&utm_content=299131086&utm_source=hs_email
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.qracorp.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hubspot.com
js.usemessages.com
share.hsforms.com
static.hsappstatic.net
track.hubspot.com
www.google.com
www.gstatic.com
2606:2c40::c73c:67fe
2606:4700:4400::ac40:991b
2606:4700::6810:4dba
2606:4700::6810:89ce
2606:4700::6810:bb59
2606:4700::6811:599a
2606:4700::6811:f8a8
2606:4700::6812:a07d
2606:4700::6812:b05d
2606:4700::6812:c07d
2606:4700::6813:9a53
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:82f::2003
150a321d0b442b082a980d825882dbc2763d100c3b38d5f78beee22e957618ca
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3
46974236dc3e24520cfeed650e9bf1909a2df8d29814cbccb122c97f8752acc1
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d754371d3a7775df0de06ed9e7837e4f46a86b55f8101d62015aba3746ab67a
65390c3b5e18df070a11dd947ca2f91668714ee2a8575956b93c8b1590b9532c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7037c9effa44d5ef7dfb71a0018e9030a227b8257fee4329cdfeee99d9060601
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
88870d1db73352c33f5efc9d6288624cc1f276d7289e7eadbf0e55c812667491
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a46b85b862f2af6db4482ee193acaca31d668e956d248d6837cab12aaa28df0
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
b268493d1b4ac88d5ba93a29236de272fe4237ad49704b59e276e5e4b5eb4dd3
bba64b9a09d684a6c4240c61423c0fb1264168a593a9a31e97246eaacc5371da
c0f2100471b92165301b5c2b14368a989cdb04f8974945fa3aded4f224050ece
c545493195eeade866c19c1620059801e122af672dd654aee3e8e00bffcb186b
c5592bb28aa66c13d6bebe2a0e7befdcc6ae169eb5a0efa7a5e336ff5e3001ad
c88c8613f16ba7708b1abe38207029c6e05ec2c05e5970b7787e2bad6231ae66
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cd87cc2685d0e1376334e9ae6d61c5eed7c1f948f6edde61be229124d2bfaf11
d5c84d995460426715055a8c20017704747f80a972031d81aed9939ba728d745
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e218317cb912f66558792d0563e846a889f26258b7d564bcd24c3f02a7dbccaf
f6c27411851c67224fe5618253c137e165db0e15456e640927656d7035aa64f1
f8b37591457f5458190c5f10f14b58a709d8fea8759d84a58ccc496a9a2586d5