Submitted URL: https://infb.omeclk.com/portal/wts/uc^cmTmdgqeeqL3^egrw-yc9qHZE20|XL3n
Effective URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Submission Tags: phishing malicious Search All
Submission: On June 28 via api from NL — Scanned from NL

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 204.180.130.190, located in Lincolnshire, United States and belongs to QTS-AS, US. The main domain is inf.dragonforms.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on June 18th 2023. Valid for: a year.
This is the only time inf.dragonforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 205.162.42.171 53866 (QTS-AS)
1 6 204.180.130.190 53866 (QTS-AS)
4 2600:9000:225... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 10
Apex Domain
Subdomains
Transfer
12 dragonforms.com
inf.dragonforms.com
hostedcontent.dragonforms.com — Cisco Umbrella Rank: 63467
static-cdn.dragonforms.com — Cisco Umbrella Rank: 62320
48 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5002
forms.hscollectedforms.net — Cisco Umbrella Rank: 5136
26 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4527
983 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2438
64 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2542
1 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 8679
1 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2425
21 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
29 KB
1 omeda.com
cdn.omeda.com — Cisco Umbrella Rank: 39184
9 KB
1 omeclk.com
infb.omeclk.com
311 B
20 10
Domain Requested by
6 inf.dragonforms.com 1 redirects inf.dragonforms.com
code.jquery.com
3 static-cdn.dragonforms.com inf.dragonforms.com
3 hostedcontent.dragonforms.com inf.dragonforms.com
1 forms.hsforms.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hscollectedforms.net js-na1.hs-scripts.com
1 js.hs-banner.com js-na1.hs-scripts.com
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 js.hs-analytics.net inf.dragonforms.com
1 code.jquery.com inf.dragonforms.com
1 cdn.omeda.com inf.dragonforms.com
1 infb.omeclk.com 1 redirects
20 13

This site contains links to these domains. Also see Links.

Domain
bioprocessintl.com
Subject Issuer Validity Valid
*.omeda.com
SSL.com RSA SSL subCA
2023-06-18 -
2024-06-23
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-14 -
2024-05-13
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2023-02-05 -
2024-02-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Frame ID: 541E591513B4F53BAA03B59E498B938A
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

BioProcess International - Renew

Page URL History Show full URLs

  1. https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3%5Eegrw-yc9qHZE20%7CXL3n HTTP 302
    https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L HTTP 302
    https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL
  2. https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

82 %
IPv6

10
Domains

13
Subdomains

10
IPs

2
Countries

200 kB
Transfer

562 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3%5Eegrw-yc9qHZE20%7CXL3n HTTP 302
    https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L HTTP 302
    https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL
  2. https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3%5Eegrw-yc9qHZE20%7CXL3n HTTP 302
  • https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L HTTP 302
  • https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
init.do
inf.dragonforms.com/
Redirect Chain
  • https://infb.omeclk.com/portal/wts/uc%5EcmTmdgqeeqL3%5Eegrw-yc9qHZE20%7CXL3n
  • https://inf.dragonforms.com/INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
  • https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
301 B
710 B
Document
General
Full URL
https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e6755c3de9501f502e151a6cec906a6b61466f9a0d6c127c4642d390b4349a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
301
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Jun 2023 14:24:59 GMT
Keep-Alive
timeout=5
Server
Apache
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 28 Jun 2023 14:24:59 GMT
Keep-Alive
timeout=5
Location
init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Server
Apache
spinner.gif
cdn.omeda.com/hosted/images/dragon/generic/
9 KB
9 KB
Image
General
Full URL
https://cdn.omeda.com/hosted/images/dragon/generic/spinner.gif
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5600:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:22:28 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
age
148
x-cache
Hit from cloudfront
content-length
8851
x-xss-protection
1; mode=block
last-modified
Mon, 10 Oct 2016 20:45:12 GMT
server
Apache
etag
W/"8851-1476132312178"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
yw2zaNlMf5pO9Tt24NhdUNV194cen92NGU-jns6cQQgm-rTrzwWo5g==
Primary Request loading.do
inf.dragonforms.com/
41 KB
11 KB
Document
General
Full URL
https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
fdd7f20afe6b58f49ff22999c3c1aac93827a7577e9cd4906553f69d32b3fa42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://inf.dragonforms.com/init.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 28 Jun 2023 14:25:00 GMT
Keep-Alive
timeout=5
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
styles-combined_1b.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/1/
22 KB
5 KB
Stylesheet
General
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/1/styles-combined_1b.css
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5600:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
4a880a28034474f5f45eab56cf954b323eae1b9931816e894fe55dee09490a67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
283
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 10 Jan 2020 13:11:00 GMT
server
Apache
etag
W/"23017-1578661860787"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
x-amz-cf-id
Xv0UZM7qmLnmA_3t0o1TjHsci8buELKO37ZwztvEJ2mtU1z9OqJZaA==
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://inf.dragonforms.com/
Origin
https://inf.dragonforms.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:24:56 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx
etag
W/"573f4859-14e4a"
vary
Accept-Encoding
x-hw
1687962296.dop243.am5.t,1687962296.cds004.am5.hn,1687962296.cds218.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
conditional.js
static-cdn.dragonforms.com/js/
35 KB
13 KB
Script
General
Full URL
https://static-cdn.dragonforms.com/js/conditional.js?build=V23.9-20230622
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:fc00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
89e0d5e92136af3c2f1d53d4bd524e308554a0ddf9e44a5bd89ab2e2bdbddd7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 03:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a7bbe4a11b741d7b36ce930a7be4fa36.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
age
40753
x-cache
Hit from cloudfront
content-length
12624
x-xss-protection
1; mode=block
last-modified
Thu, 29 Dec 2022 18:08:56 GMT
server
Apache
etag
W/"35615-1672337336000"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
4kVJz5EXMTIke2CPvF3lj6plDCNFA9QZas3YZYsse6eWcMXGmS5_AA==
dragonCampaign.js
static-cdn.dragonforms.com/js/
13 KB
5 KB
Script
General
Full URL
https://static-cdn.dragonforms.com/js/dragonCampaign.js?build=V23.9-20230622
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:fc00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 03:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a7bbe4a11b741d7b36ce930a7be4fa36.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
age
37650
x-cache
Hit from cloudfront
content-length
4907
x-xss-protection
1; mode=block
last-modified
Tue, 01 Nov 2022 12:59:08 GMT
server
Apache
etag
W/"13287-1667307548000"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Mf0eqTeXcgr7eTTCcqhncABsqbLRQ5Zus0WNVJsmg5pvGAtt_8JJJQ==
generic.css
static-cdn.dragonforms.com/style/
2 KB
1 KB
Stylesheet
General
Full URL
https://static-cdn.dragonforms.com/style/generic.css?build=V23.9-20230622
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:fc00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 03:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a7bbe4a11b741d7b36ce930a7be4fa36.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C2
age
40753
x-cache
Hit from cloudfront
content-length
1056
x-xss-protection
1; mode=block
last-modified
Thu, 10 Jun 2021 15:35:48 GMT
server
Apache
etag
W/"2478-1623339348000"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
nTnjpYAexJFNOWHvkS69WmskIsooOOm3j4vhNrHoIieXARrMZpR7LQ==
24.css
hostedcontent.dragonforms.com/hosted/images/dragon/12272/
332 B
806 B
Stylesheet
General
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12272/24.css
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5600:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e751504c7588359691401b7b55ad80b017f635cc57f0bf1674a10d0a8a7c9fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:22:14 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
age
162
x-cache
Hit from cloudfront
content-length
332
x-xss-protection
1; mode=block
last-modified
Wed, 08 Jul 2020 00:14:55 GMT
server
Apache
etag
W/"332-1594167295646"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
9FgrpviuRuj7z27K4_J-XZzLg0gXgK_FbvJI6VPFG_WJVpAbmvQl8Q==
124.png
hostedcontent.dragonforms.com/hosted/images/dragon/12272/
8 KB
9 KB
Image
General
Full URL
https://hostedcontent.dragonforms.com/hosted/images/dragon/12272/124.png
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5600:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
30d8602ed8d125e3b584c9a0d8bc7ad7bad82bc7328b260279f6600909dc87b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:22:14 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
age
162
x-cache
Hit from cloudfront
content-length
8510
x-xss-protection
1; mode=block
last-modified
Wed, 05 Feb 2020 03:35:28 GMT
server
Apache
etag
W/"8510-1580873728257"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
M3gecgRj_E25otQYjXPYzTxneazQmsbz9XChowKeMaF8gRHKwW_BrA==
1724941.js
js.hs-analytics.net/analytics/1687962300000/
67 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1687962300000/1724941.js
Requested by
Host: inf.dragonforms.com
URL: https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f364371b31599fe9965c44da35f2ebc8d1de244d3381481dd23099ceb87f7cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:24:57 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
ZCFQX68DFMB470G2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
age
228
x-envoy-upstream-service-time
49
x-amz-id-2
Urhu+DWrusFTn741fe6OLs2N0iddB4OKGM/m5QMxm1j0h//OwygMJOMvdUuFDdw00RLEJ17qZeo=
x-evy-trace-listener
listener_https
x-request-id
1993f99d-f7bb-421b-9d8e-23a17f3d27fb
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 15 Jun 2023 14:40:51 GMT
server
cloudflare
etag
W/"5760df9fc352a1ae80ea87cc11675659"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7de698a45af31ebe-AMS
expires
Wed, 28 Jun 2023 14:26:09 GMT
evaluateConditionalContent.do;jsessionid=9EBD83D9C0AA852CF18A76D940B1F745
inf.dragonforms.com/
242 B
542 B
XHR
General
Full URL
https://inf.dragonforms.com/evaluateConditionalContent.do;jsessionid=9EBD83D9C0AA852CF18A76D940B1F745?demo2844=RKN23L&demo2845=1000628601&demo2849=999&demo2851=GIOVANNI&demo2852=FABRIZI&demo2853=DR&demo2854=INAIL&demo2855=DEILA&demo2856=VIA%20FONTANA%20CANDIDA%201&demo2857=MONTE%20PORZIO%20CATONE%20(RM)&demo2858=&demo2859=%2000078&demo2860=196&demo2861=&demo2862=&demo2863=g.fabrizi%40inail.it&demo2864=g.fabrizi%40inail.it&demo2867=1041&demo2868=1051&demo2869=1081&demo2870=1083,1086,1092&demo2871=1113&demo2872=1108&dragon_pagenumber=2&jsessionid=9EBD83D9C0AA852CF18A76D940B1F745&timestemp=1687962296979&omedasite=INF2_BCrenew
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3fe349009c7e888f620c492399e89fe715eafbf7a6b0f2a8bf55679c8e0b28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:25:00 GMT
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
242
X-XSS-Protection
1; mode=block
evaluateConditionalContent.do;jsessionid=9EBD83D9C0AA852CF18A76D940B1F745
inf.dragonforms.com/
242 B
542 B
XHR
General
Full URL
https://inf.dragonforms.com/evaluateConditionalContent.do;jsessionid=9EBD83D9C0AA852CF18A76D940B1F745?demo2844=RKN23L&demo2845=1000628601&demo2849=999&demo2851=GIOVANNI&demo2852=FABRIZI&demo2853=DR&demo2854=INAIL&demo2855=DEILA&demo2856=VIA%20FONTANA%20CANDIDA%201&demo2857=MONTE%20PORZIO%20CATONE%20(RM)&demo2858=&demo2859=%2000078&demo2860=196&demo2861=&demo2862=&demo2863=g.fabrizi%40inail.it&demo2864=g.fabrizi%40inail.it&demo2867=1041&demo2868=1051&demo2869=1081&demo2870=1083,1086,1092&demo2871=1113&demo2872=1108&dragon_pagenumber=2&jsessionid=9EBD83D9C0AA852CF18A76D940B1F745&timestemp=1687962297019&omedasite=INF2_BCrenew
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3fe349009c7e888f620c492399e89fe715eafbf7a6b0f2a8bf55679c8e0b28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:25:00 GMT
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
242
X-XSS-Protection
1; mode=block
1724941.js
js-na1.hs-scripts.com/
1 KB
1 KB
Script
General
Full URL
https://js-na1.hs-scripts.com/1724941.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1687962300000/1724941.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd415419f7ab2db0ce76b8b130b5195e59fb2a4f00f5f002a7909d032ff0c770

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:24:57 GMT
content-encoding
br
cf-cache-status
EXPIRED
x-hubspot-correlation-id
15879e22-fe36-41f4-96a8-59bfc35fbc5c
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
f3c0648d-2366-41aa-b8d0-234b8ae6dd94
last-modified
Wed, 28 Jun 2023 14:14:55 GMT
server
cloudflare
x-trace
2BB4A91D78B76100760D14E41D105FDE23F69127FA000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://inf.dragonforms.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=30
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-gh8bb
cf-ray
7de698a53b5fb7a6-AMS
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=windows-1252&ln=en-us&bfp=2241961375&v=1.1&a=1724941&r=https%3A%2F%2Finf.dragonforms.com%2Finit.do%3Fomedasite%3DINF2_BCrenew%26r%3D9231F9860912C0T%26pk%3DRKN23L&pu=https%3A%2F%2Finf.dragonforms.com%2Floading.do%3Fomedasite%3DINF2_BCrenew%26r%3D9231F9860912C0T%26pk%3DRKN23L&t=BioProcess+International+-+Renew&cts=1687962297059&vi=8d039163beb7704b72509b012e450afc&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:24:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d271b9e4-dcb7-4035-beb1-6054c44c26d2
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c3a2fddc-3d1c-4ba9-9869-4fd978dbd302
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mvHwmMTFnX%2BpQXzrnam5SjuUgHv9lJtnMX95zJQsX8wbhMqAr0YIKJ2fMUIM0oBKIJ2lbzmUmzCGmLcd65J%2BIraaBTqE%2BVblg0RtWuIo0cxDABwYqrBU9XG807hAMHvOhNid0XJzx83nV2lkpka"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-z7z79
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7de698a529ab0e39-AMS
x-robots-tag
none
evaluateConditionalContent.do;jsessionid=9EBD83D9C0AA852CF18A76D940B1F745
inf.dragonforms.com/
242 B
542 B
XHR
General
Full URL
https://inf.dragonforms.com/evaluateConditionalContent.do;jsessionid=9EBD83D9C0AA852CF18A76D940B1F745?demo2844=RKN23L&demo2845=1000628601&demo2849=999&demo2851=GIOVANNI&demo2852=FABRIZI&demo2853=DR&demo2854=INAIL&demo2855=DEILA&demo2856=VIA%20FONTANA%20CANDIDA%201&demo2857=MONTE%20PORZIO%20CATONE%20(RM)&demo2858=&demo2859=%2000078&demo2860=196&demo2861=&demo2862=&demo2863=g.fabrizi%40inail.it&demo2864=g.fabrizi%40inail.it&demo2867=1041&demo2868=1051&demo2869=1081&demo2870=1083,1086,1092&demo2871=1113&demo2872=1108&dragon_pagenumber=2&jsessionid=9EBD83D9C0AA852CF18A76D940B1F745&timestemp=1687962297172&omedasite=INF2_BCrenew
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3fe349009c7e888f620c492399e89fe715eafbf7a6b0f2a8bf55679c8e0b28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://inf.dragonforms.com/loading.do?omedasite=INF2_BCrenew&r=9231F9860912C0T&pk=RKN23L
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:25:00 GMT
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/x-json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
242
X-XSS-Protection
1; mode=block
banner.js
js.hs-banner.com/v2/1724941/
209 KB
64 KB
Script
General
Full URL
https://js.hs-banner.com/v2/1724941/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/1724941.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ab8bd6e91789c688dd81ca617027df881282ae705c7619611f11771d7e4796

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:24:57 GMT
x-amz-version-id
FWeOBs2916AVya8fnqyyyDK0KAnsChWD
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
J5D8GRJ0FAZFETDW
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
74
x-amz-id-2
87lJ5IXwqCl3dgYUjYL6vzghv/oAfDnyfZdOmjJSGJ3kLa9cEQDHx8iUJO6D5FtzkWV6QvzOyPs=
x-evy-trace-listener
listener_https
x-request-id
9ccfd421-76b2-4050-8fa2-85d641f55d3c
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 22 Jun 2023 15:55:59 GMT
server
cloudflare
etag
W/"ba81c3f8008a612e2ad4c90d6a82abfa"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://bioprocessintl.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7de698a68c7c1b07-AMS
expires
Wed, 28 Jun 2023 14:29:57 GMT
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/1724941.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3

Request headers

Referer
https://inf.dragonforms.com/
Origin
https://inf.dragonforms.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:24:57 GMT
x-amz-version-id
S1jmwKbmrdTaJO._teNI0LpuWSvl4WIJ
via
1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
cf-cache-status
MISS
content-encoding
br
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.378/bundles/project.js&cfRay=7de698a68e171c80-AMS
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d210f79a-0597-46db-a1a3-01ed893ad053
last-modified
Tue, 13 Jun 2023 09:45:35 UTC
server
cloudflare
etag
W/"b19afd994dc32a5784e74169cca8128a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
cf-ray
7de698a68e171c80-AMS
x-amz-cf-id
V8Ea9FuSELIXTUYRFTV6Psz69TbtjLgA1wMBy1DuNAowZ5gmxRsLnA==
x-hs-target-asset
collected-forms-embed-js/static-1.378/bundles/project.js
json
forms.hscollectedforms.net/collected-forms/v1/config/
115 B
452 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=1724941&utk=8d039163beb7704b72509b012e450afc
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b33e5ff2f0f6b397a095d868c4326c0d878d1b2903c35ac140f554fcaa787c

Request headers

Accept
application/json, text/plain, */*
Referer
https://inf.dragonforms.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:24:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
220ebe80-bc2c-4d7c-89e8-a474a88d3d32
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b7e0831f-4b3c-48f4-b213-761989ec6ed9
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://inf.dragonforms.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-nnm64
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7de698a7bfcc1c80-AMS
counters.gif
forms.hsforms.com/embed/v3/
35 B
983 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inf.dragonforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 14:24:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
d2a0e053-42f0-410e-b537-b66d02c91586
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
99b16054-00c3-44fe-9777-c575992fe42c
Server
cloudflare
X-Trace
2B2C7E6004C755A925A63B538D690A30D788F85BAC000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-j4dtm
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7de698a8ee9fb894-AMS

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery string| AUTO_LOOKUP_MULTIPLE_FOUND string| AUTO_LOOKUP_MULTIPLE_FOUND_WITH_SECONDARY_KEY string| STANDARD_FIELD_PAYMENT_METHOD string| PAYMENT_METHOD_PAY_WITH_CREDIT_CARD string| PAYMENT_METHOD_PAY_WITH_PAYPAL string| totalPrice string| payPalPlanId boolean| exportUrlExecuted function| verifyConsole function| hideEmailLookupScrim function| showEmailLookupScrim function| toggleDisplay boolean| keepSubmitDisabled function| disableSubmit function| enableSubmit boolean| initialized boolean| lookupEmailCalled object| conditionalHandlers boolean| conditionalHandlersCalled function| registerConditionalHandler function| callConditionalHandlers function| toggleOther function| genericValidation function| checkConditions function| checkConditionsPart2 function| stopIframePolling function| applyConditionalResponses function| generateRepeatedGroup function| checkOtherFillinCheckbox function| checkOtherFillinRadio function| hideOtherFillin function| getFormData function| lookupByEmail function| lookupFreshAddress function| checkPayment function| clickBehavior function| entriesPolyFill function| httpPostWithFormData boolean| formInitialLoad boolean| formSubmitErrorOccurred string| submitButtonSelector function| calculatePaymentMethod function| clearOtherPaidElements function| getSiteContextParameter string| shippingAddressCountry string| requestedVersionId string| campaignRequestedVersionId string| billMeLaterResponse boolean| campaigElementExists function| campaignPromocodeChanged function| campaignCountryOrRequestedVersionChanged function| getPromoContentAndPrices function| hidePromoPrices function| showDragonPaidContent function| hideDragonPaidContent function| showHidePromoPrices undefined| display object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime object| e object| __hsCollectedFormsDebug boolean| _hspb_loaded boolean| _hspb_ran

6 Cookies

Domain/Path Name / Value
inf.dragonforms.com/ Name: JSESSIONID
Value: 9EBD83D9C0AA852CF18A76D940B1F745
.hubspot.com/ Name: __cf_bm
Value: Kg19yyNuDjjTEmrQ1JzfbcldWpzVzkJcZYj8fMBgV1Q-1687962297-0-AeQyDvxWiJI/PjcAeECuEU1jMVrHo0L+x7eM/qmZmP2PE9P5ymJqc9052QW53ry1Mi0/0lf9uZnzXYSDkCVW0YQ=
inf.dragonforms.com/ Name: __hstc
Value: 180648248.8d039163beb7704b72509b012e450afc.1687962297056.1687962297056.1687962297056.1
inf.dragonforms.com/ Name: hubspotutk
Value: 8d039163beb7704b72509b012e450afc
inf.dragonforms.com/ Name: __hssrc
Value: 1
inf.dragonforms.com/ Name: __hssc
Value: 180648248.1.1687962297056

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.omeda.com
code.jquery.com
forms.hscollectedforms.net
forms.hsforms.com
hostedcontent.dragonforms.com
inf.dragonforms.com
infb.omeclk.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
static-cdn.dragonforms.com
track.hubspot.com
2001:4de0:ac18::1:a:3b
204.180.130.190
205.162.42.171
2600:9000:20e1:fc00:0:d27a:1440:93a1
2600:9000:2251:5600:c:860d:a440:93a1
2606:4700::6810:8cce
2606:4700::6811:6dc7
2606:4700::6811:d6f3
2606:4700::6812:19c4
2606:4700::6812:873b
2606:4700::6813:9a53
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
30d8602ed8d125e3b584c9a0d8bc7ad7bad82bc7328b260279f6600909dc87b2
4a880a28034474f5f45eab56cf954b323eae1b9931816e894fe55dee09490a67
5f364371b31599fe9965c44da35f2ebc8d1de244d3381481dd23099ceb87f7cc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3
89e0d5e92136af3c2f1d53d4bd524e308554a0ddf9e44a5bd89ab2e2bdbddd7a
96ab8bd6e91789c688dd81ca617027df881282ae705c7619611f11771d7e4796
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd415419f7ab2db0ce76b8b130b5195e59fb2a4f00f5f002a7909d032ff0c770
e1b33e5ff2f0f6b397a095d868c4326c0d878d1b2903c35ac140f554fcaa787c
e3fe349009c7e888f620c492399e89fe715eafbf7a6b0f2a8bf55679c8e0b28e
e6755c3de9501f502e151a6cec906a6b61466f9a0d6c127c4642d390b4349a40
e751504c7588359691401b7b55ad80b017f635cc57f0bf1674a10d0a8a7c9fc7
f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738
fdd7f20afe6b58f49ff22999c3c1aac93827a7577e9cd4906553f69d32b3fa42