halfourdeen.com Open in urlscan Pro
68.168.108.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.hodoffline.com/x.php?hl4ml7-su7x
Effective URL:
https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy
Submission: On November 16 via api (November 16th 2021, 4:17:37 am UTC) from BE — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 37 HTTP transactions. The main IP is 68.168.108.97, located in United States and belongs to CODERO-DFW, US. The main domain is halfourdeen.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 27th 2020. Valid for: 2 years.

This is the only time halfourdeen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	64.29.151.221 64.29.151.221	30447 (INFB2-AS) (INFB2-AS)
1	68.168.108.97 68.168.108.97	18501 (CODERO-DFW) (CODERO-DFW)
1	35.202.21.90 35.202.21.90	15169 (GOOGLE) (GOOGLE)
2	34.107.203.240 34.107.203.240	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2013	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:2e00:2:c605:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	104.18.27.71 104.18.27.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.192.151.63 35.192.151.63	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:8200:8:2495:5540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:8000:4:f6ce:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	35.167.27.130 35.167.27.130	16509 (AMAZON-02) (AMAZON-02)
37	19

2 64.29.151.221 (United States) 2 redirects

ASN30447 (INFB2-AS, US)
PTR: hostedc40.carrierzone.com

www.hodoffline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.168.108.97 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 68-168-108-97.dedicated.codero.net

halfourdeen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.21.90 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 90.21.202.35.bc.googleusercontent.com

babaali.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:2e00:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.71 (None, )

ASN13335 (CLOUDFLARENET, US)

form.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.192.151.63 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8200:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:8000:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

renderer-assets.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.167.27.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-27-130.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	typeform.com embed.typeform.com form.typeform.com images.typeform.com renderer-assets.typeform.com	460 KB
3	leadpages.io api.leadpages.io	1 KB
3	gstatic.com fonts.gstatic.com	86 KB
3	googleusercontent.com lh3.googleusercontent.com	85 KB
2	segment.io api.segment.io	285 B
2	google-analytics.com www.google-analytics.com	20 KB
2	center.io js.center.io	8 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	hodoffline.com 2 redirects www.hodoffline.com	432 B
1	nr-data.net bam.nr-data.net	322 B
1	segment.com cdn.segment.com	54 KB
1	newrelic.com js-agent.newrelic.com	9 KB
1	cloudflare.com cdnjs.cloudflare.com	17 KB
1	lpcontent.net embed.lpcontent.net	15 KB
1	leadpages.net static.leadpages.net	14 KB
1	lpages.co babaali.lpages.co	24 KB
1	halfourdeen.com halfourdeen.com	524 B
37	17

	Domain	Requested by
4	form.typeform.com	embed.typeform.com form.typeform.com
3	renderer-assets.typeform.com	form.typeform.com renderer-assets.typeform.com
3	api.leadpages.io	js.center.io embed.lpcontent.net
3	fonts.gstatic.com	fonts.googleapis.com
3	lh3.googleusercontent.com	babaali.lpages.co
2	api.segment.io	form.typeform.com
2	www.google-analytics.com	form.typeform.com
2	embed.typeform.com	babaali.lpages.co embed.typeform.com
2	js.center.io	halfourdeen.com js.center.io
2	fonts.googleapis.com	babaali.lpages.co form.typeform.com
2	www.hodoffline.com	2 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	cdn.segment.com	renderer-assets.typeform.com
1	js-agent.newrelic.com	form.typeform.com
1	images.typeform.com	form.typeform.com
1	cdnjs.cloudflare.com	babaali.lpages.co
1	embed.lpcontent.net	babaali.lpages.co
1	static.leadpages.net	babaali.lpages.co
1	babaali.lpages.co	halfourdeen.com
1	halfourdeen.com
37	20

This site contains no links.

Subject Issuer	Validity	Valid
*.halfourdeen.com Go Daddy Secure Certificate Authority - G2	`2020-07-27` - `2022-09-26`	2 years	crt.sh
*.lpages.co Go Daddy Secure Certificate Authority - G2	`2020-02-24` - `2022-02-24`	2 years	crt.sh
static.leadpages.net GTS CA 1D4	`2021-11-06` - `2022-02-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.center.io Go Daddy Secure Certificate Authority - G2	`2020-01-21` - `2022-01-21`	2 years	crt.sh
*.typeform.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2021-11-04` - `2022-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
typeform.com Cloudflare Inc ECC CA-3	`2021-10-22` - `2022-10-21`	a year	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2021-10-22` - `2022-11-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy
Frame ID: 4807C6A728297A932756E144082335BF
Requests: 17 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 836FB0701DC6C4A9C2C01407859E3C66
Requests: 1 HTTP requests in this frame

Frame: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Frame ID: D505D4AF050C8FC6F4F45C657DB79F0F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offline

Page URL History Show full URLs

https://www.hodoffline.com/x.php?hl4ml7-su7x HTTP 301
https://www.hodoffline.com/?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzso... HTTP 302
https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcr... Page URL

Page Statistics

37
Requests

95 %
HTTPS

47 %
IPv6

17
Domains

20
Subdomains

19
IPs

3
Countries

797 kB
Transfer

2236 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.hodoffline.com/x.php?hl4ml7-su7x HTTP 301
https://www.hodoffline.com/?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy HTTP 302
https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request offline Show response
halfourdeen.com/
Redirect Chain

https://www.hodoffline.com/x.php?hl4ml7-su7x
https://www.hodoffline.com/?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy
https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy

248 B
524 B

721ms
127ms

Document
text/html

68.168.108.97
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL: https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 68.168.108.97 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS: 68-168-108-97.dedicated.codero.net
Software: /
Resource Hash: 038d9c27483afea31a24f20268362f124fdd9b5088ca02eaab74f13fafe13460

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 21:51:35 GMT
Accept-Ranges: bytes
ETag: "1a3ba076fd8d71:0"
Vary: Accept-Encoding
Date: Tue, 16 Nov 2021 04:17:28 GMT
Content-Length: 255

Redirect headers

date: Tue, 16 Nov 2021 04:17:32 GMT
content-type: text/html; charset=iso-8859-1
content-length: 299
location: https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=15768000

GET
H2 200 / Show response
babaali.lpages.co/_/js/offline/ 135 KB
24 KB 511ms
222ms Script
text/html 35.202.21.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://babaali.lpages.co/_/js/offline/

Requested by

Host: halfourdeen.com
URL: https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

69b0b72017e3adb55d53b2bdb88c8f23c2eba7efa7ba852c300d264d2ac9ed4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:17:33 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 04:53:00 GMT
server: Leadpages
etag: W/"316aac6e1dacb26448959e9b12d75b5e"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/html
cache-control: no-cache
strict-transport-security: max-age=15768000

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
14 KB 40ms
8ms Stylesheet
text/css 34.107.203.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 14:26:35 GMT
content-encoding: gzip
server: Google Frontend
age: 395458
etag: "uPB0kA"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: b6d7740fabca6cb6e02212b2a0da78fa
cache-control: public, max-age=31536000
alt-svc: clear
content-length: 14628
via: 1.1 google
expires: Fri, 11 Nov 2022 14:26:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4545357a90ff00a952ca36647aa1eeb2b6c8525be57f152f4cffee198ce1df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:17:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Nov 2021 04:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Nov 2021 04:17:33 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 56ms
16ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: halfourdeen.com
URL: https://halfourdeen.com/offline?poacp=mpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:14:11 GMT
content-encoding: gzip
server: Google Frontend
age: 202
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: e57e540523c02e4bdb326c5d0345f850
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 16 Nov 2021 04:19:11 GMT

GET
H2 200 embed.js Show response
embed.typeform.com/next/ 37 KB
9 KB 51ms
11ms Script
application/x-javascript 2600:9000:2156:2e00:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.typeform.com/next/embed.js
Requested by: Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2e00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc0d442f28da3787d907f6c3db490fca6dcd323c6b78f82ec97b8e7f1b0dd29a

Request headers

Referer: https://halfourdeen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 16 Nov 2021 04:15:31 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 16:40:06 GMT
server: AmazonS3
age: 395
etag: W/"7d79e29c65852be2824ee54c589bc2af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 22LOWSSBKZdLsQ1lbHrH8-507gICL3brdPSpybht0vDMNUn5mAk9Sw==

GET
H2 200 6qMd6RL51gVXOINyIUp8heT2iDj2Lumpkl6nTXvIyIlQYfw6XFcchROE0JJ65tHgaScMo92p8FJLqNHSXJjWRC39HeUFqrll0g=s0
lh3.googleusercontent.com/ 25 KB
25 KB 49ms
25ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6qMd6RL51gVXOINyIUp8heT2iDj2Lumpkl6nTXvIyIlQYfw6XFcchROE0JJ65tHgaScMo92p8FJLqNHSXJjWRC39HeUFqrll0g=s0

Requested by

Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

139d74568f4dbf74ad6cac131d427a310f2609fe2110db214f277482b9dfc29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:17:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25818
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:37:27 GMT

GET
H2 200 EyZjDIyWBTTTLPZOHrplpJMJZpJdTg1zMkFJlL8ad1VLf0-gD6BWe54Xkg7DnIQLjaMZ0GOakhHPtukkFMJfR-xUQsb2ut78dmfV=s0
lh3.googleusercontent.com/ 20 KB
21 KB 47ms
23ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EyZjDIyWBTTTLPZOHrplpJMJZpJdTg1zMkFJlL8ad1VLf0-gD6BWe54Xkg7DnIQLjaMZ0GOakhHPtukkFMJfR-xUQsb2ut78dmfV=s0

Requested by

Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e318b1f90fac6502b3ca918d840d05bfaac3fdd13baf4df8ffcb3e80c398cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:17:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20647
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Nov 2021 10:37:28 GMT

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 40ms
7ms Script
application/javascript 34.107.203.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:13:26 GMT
content-encoding: gzip
server: Google Frontend
age: 247
etag: "uPB0kA"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 885e88aa4a42d72d8f749ef4e8afc85b
cache-control: public, max-age=300
alt-svc: clear
content-length: 14811
via: 1.1 google
expires: Tue, 16 Nov 2021 04:18:26 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/ 57 KB
17 KB 76ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js

Requested by

Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://halfourdeen.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 16 Nov 2021 04:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 638908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16963
timing-allow-origin: *
last-modified: Wed, 20 May 2020 06:50:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ec4d334-e5ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HQu7%2FPkg%2BhJSg%2FLYK45Wbj5Qaqj%2FILGVeAD3SPdcIxD0ZPfz6jAUcv7T6Ww1FLmOwnaQvcQO%2BMEMSxHdSF3cEvsC0T5Ald%2FfyrgVOOBVRyuF8zezqc43pQi97Yp2F%2BqsRwReUpprtyWUAj%2FV0YyviHM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6aede90838bf3755-MXP
expires: Sun, 06 Nov 2022 04:17:33 GMT

GET
H2 200 OQhvo35hHrEnpmo2lqcNJ3avcHi-qLNaWCUPRqOYWMyJl3lOT2R17f1h2IWSiqzQ0km7HZJg2ojQ2cuG3yXjFdEJphzzQvrX1fk=s0
lh3.googleusercontent.com/ 39 KB
39 KB 55ms
33ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/OQhvo35hHrEnpmo2lqcNJ3avcHi-qLNaWCUPRqOYWMyJl3lOT2R17f1h2IWSiqzQ0km7HZJg2ojQ2cuG3yXjFdEJphzzQvrX1fk=s0

Requested by

Host: babaali.lpages.co
URL: https://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eee6aab8fb77d1f0b49de6a22b136c9eb090144f5029289a548b9a07ab7f401b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:17:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39595
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 12:09:20 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v7/ 27 KB
27 KB 38ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://halfourdeen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:36:12 GMT
x-content-type-options: nosniff
age: 384081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27240
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:06:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 17:36:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://halfourdeen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 600332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:01 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 836F 4 KB
2 KB 15ms
15ms Document
text/html 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/

Response headers

date: Tue, 16 Nov 2021 04:14:53 GMT
expires: Tue, 16 Nov 2021 04:19:53 GMT
etag: "OMWYXg"
x-cloud-trace-context: c7967eaeb551203d80d5adab41fc2c91
content-type: text/html
content-encoding: gzip
server: Google Frontend
content-length: 2016
age: 160
cache-control: public, max-age=300

GET
H2 200 widget.css
embed.typeform.com/next/css/ 806 B
1 KB 10ms
10ms Stylesheet
text/css 2600:9000:2156:2e00:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.typeform.com/next/css/widget.css
Requested by: Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2e00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f8c22aeb94863184836c92494486b8b9f0d1c4ceaef01304cdc8cd136936898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:17:01 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 16:40:06 GMT
server: AmazonS3
age: 86
etag: "8d921c17a9dcd54084b6b4ef21d7fc12"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 806
x-amz-cf-id: MN7xo5LIoqV9K4n_UnPLPmz8jio0L4p2OcfmOih9M_YECDlChIpBHg==

GET
H2 200 cNWRNo Show response
form.typeform.com/to/ Frame D505 140 KB
49 KB 555ms
470ms Document
text/html 104.18.27.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next

Requested by

Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 5815-3.280.1

Resource Hash

61b9a6a2aa096c8c7f42748c3fb005ca9d550ec121cffc73ff40b868cccaf24b

Security Headers

Name	Value
Content-Security-Policy	report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors http://localhost:* https:;
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/

Response headers

date: Tue, 16 Nov 2021 04:17:34 GMT
content-type: text/html; charset=utf-8
age: 6309
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-security-policy: report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' ; frame-ancestors http://localhost:* https:;
pragma: no-cache
vary: Accept-Encoding
x-cache: HIT
x-cache-lookup: HIT
x-envoy-upstream-service-time: 1
x-powered-by: 5815-3.280.1
x-varnish: 993291031 992476444
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers: Location, X-Request-Id
strict-transport-security: max-age=63072000; includeSubDomains
x-newp: Yes
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMneMr2PbMzJadlzdSMIn89FwNYIc%2BMMeLYaxveU05SUZuSCt%2F4Tgxa5gXaMurayxvVUg7AkaqC37LWeKurd1Cq4AFYjtMyvgrMBiUL%2BJEgeutceYaCZ7zrLq0tdZw9V%2B%2BXB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aede9092fb93622-MAN
content-encoding: gzip

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
662 B 370ms
124ms XHR
image/gif 35.192.151.63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=PeVHHvK5Yt5EULcSPo7WM6&v=&e=&st=&lc=en-US&pid=bRQzdAnZQQoAhuvvyLZKsh&uid=xBL7xYatMR9W5Q8hYhvY94&sid=RhQj6xxPis78aRQPmgDsqp&cid=lp-PeVHHvK5Yt5EULcSPo7WM6&uri=https%3A%2F%2Fhalfourdeen.com%2Foffline%3Fpoacp%3Dmpmjuvjqhhisrqdoxzvdsewcrfpjvvbsfsqycvcffinxbvhzykrtpfbgjztmcrxwyvzsozfyakziy&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 04:17:33 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 193.27.14.10
Content-Type: image/gif
access-control-allow-origin: https://halfourdeen.com
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
Connection: keep-alive
x-request-id: 00uj4lqhgc7ou4qhkejg

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
437 B 353ms
128ms XHR
image/gif 35.192.151.63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=PKXVaj2q4zJgZxbNdpjN8U&kind=timer&label=lb_embed_embed_script_load&value=49.59999942779541
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 04:17:34 GMT
Server: Stargate
access-control-max-age: 600
X-Forwarded-For: 193.27.14.10
Content-Type: image/gif
access-control-allow-origin: https://halfourdeen.com
access-control-expose-headers: LP-Security-Token
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 00ujnr1idup32qpe83sg

GET
H2 200 css
fonts.googleapis.com/ Frame D505 5 KB
772 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Nov 2021 04:17:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Nov 2021 04:17:34 GMT

GET
H2 200 default
images.typeform.com/images/bL4hzPcmrzfJ/image/ Frame D505 93 KB
94 KB 73ms
16ms Image
image/png 2600:9000:2156:8200:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/bL4hzPcmrzfJ/image/default

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:8200:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f5f76a901a8d0579e183db05eaf6154192794672000d88c70ab6a976966a0f6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:58:10 GMT
via: 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
age: 364764
x-amzn-requestid: 52358f5b-c37d-48c1-806d-d9b21de411d0
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amzn-trace-id: Root=1-618da001-3448c9d22ec17ba373d76925;Sampled=0
content-security-policy: script-src 'self'
x-amz-cf-pop: FRA56-P5, FRA50-C1
x-amz-apigw-id: IqXwREAcoAMFvtg=
content-length: 95475
x-amz-cf-id: 37z4PExvM7Dm-IVuJSCN4Ee7Zh_OS7TAxQxxCuLXoztZvMiPtgwAbQ==

GET
H2 200 api.js Show response
form.typeform.com/cdn-cgi/bm/cv/669835187/ Frame D505 35 KB
9 KB 34ms
34ms Script
text/javascript 104.18.27.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2F%2FRzzrq1V98nhvcBS9puIVnR6WeQpTkqn2nVJUdPll%2FmXmKV9W3zqOgIELiz7u3BulP11cyoDenBRH7z4R9wiPa0y5ugYJcmLQXqNc6UL%2F%2FvXSYnUZedMAs%2FlGop4TY3I6s"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6aede90c28f23622-MAN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D505 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 988
date: Tue, 16 Nov 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Nov 2021 06:01:06 GMT

GET
H2 200 modern-renderer.18a613e6ff959ce42fe0.js Show response
renderer-assets.typeform.com/ Frame D505 507 KB
148 KB 76ms
10ms Script
application/x-javascript 2600:9000:2156:8000:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-renderer.18a613e6ff959ce42fe0.js
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1d3f4d4c6e641425f1ebaeb972e930427f65bcc891867b425e69e28225b9a37

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin: https://form.typeform.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 13:55:13 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 11:38:55 GMT
server: AmazonS3
age: 51742
etag: W/"0207dd190295db8208786f5d982592f8"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OzZVHJgoSL3imYc0hQQd9wlP84X4bfcXEshF1H6x79nzx8D5RvK0tQ==
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame D505 1 B
21 B 33ms
16ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1162052573&t=pageview&_s=1&dl=https%3A%2F%2Fform.typeform.com%2Fto%2FcNWRNo%3Ftypeform-embed-id%3D7519237826103022%26typeform-embed%3Dembed-widget%26typeform-source%3Dhalfourdeen.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext&dr=https%3A%2F%2Fhalfourdeen.com%2F&ul=en-us&de=UTF-8&dt=Offline%20Registration%20Form&sd=24-bit&sr=1600x1200&vp=1085x800&je=0&_u=YGBAAAABAAAAAC~&jid=492243912&gjid=213293225&cid=465167481.1637036254&tid=UA-9415994-7&_gid=810297362.1637036254&_r=1&z=1247530428

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:17:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://form.typeform.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 result Show response
form.typeform.com/cdn-cgi/bm/cv/ Frame D505 0
512 B 31ms
30ms XHR
text/plain 104.18.27.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://form.typeform.com/cdn-cgi/bm/cv/result?req_id=6aede9092fb93622
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Nov 2021 04:17:34 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aede90d39fc3622-MAN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF%2BrtP28YC5HlqDnNUNpbVIOOHlNGMfYsQ1JHoRnb8cHnQ99OI3cfrjSgTg4mUZGVrkWpKivp6d0EeYpBxbss1m5xieLuxCgcuc2CYYElLz7qgXf%2BKOPqiW6hJ%2FzwM1B43x4"}],"group":"cf-nel","max_age":604800}

GET
H2 200 modern-vendors~form.ecf989b48d848f592877.js Show response
renderer-assets.typeform.com/ Frame D505 306 KB
92 KB 13ms
12ms Script
application/x-javascript 2600:9000:2156:8000:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-vendors~form.ecf989b48d848f592877.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.18a613e6ff959ce42fe0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b05aeafdcb748b418d8abc8291d4514ab279473ef2568a2769f2a6830c4f91b8

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin: https://form.typeform.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 13:55:14 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 11:38:55 GMT
server: AmazonS3
age: 51741
etag: W/"b291ecc27d227911190393303edcbff2"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9dg8YsR_8OUX_rxIwmiRCU18VQra7iXk_N0z_ar4PJ0Dkk_A18NcNg==
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)

GET
H2 200 modern-form.d7013f2fe3daddc2a1e3.js Show response
renderer-assets.typeform.com/ Frame D505 200 KB
56 KB 22ms
21ms Script
application/x-javascript 2600:9000:2156:8000:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-form.d7013f2fe3daddc2a1e3.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.18a613e6ff959ce42fe0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19e23033821c7cad8852e95614f638eb8f0e77bef4603e3c89e47bb0bbdbbf1f

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin: https://form.typeform.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 13:55:14 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 11:38:55 GMT
server: AmazonS3
age: 51741
etag: W/"985af5e9e801b1defe552546582d7e21"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3WU3vdT2On3IfeyD2gXkYvh6LEju5dtTK2qYq5NMceemnYpNm_x4HQ==
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)

GET default-firstframe.png
images.typeform.com/images/bL4hzPcmrzfJ/image/ Frame D505 0
0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame D505 44 KB
44 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form.typeform.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 16:21:35 GMT
x-content-type-options: nosniff
age: 388559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 16:21:35 GMT

GET
DATA 200
OK truncated
/ Frame D505 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nr-1123.min.js Show response
js-agent.newrelic.com/ Frame D505 24 KB
9 KB 38ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1123.min.js
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "7ffb242072196e9db5f4f1bfbfa2ed7d"
x-amz-request-id: KXJRBSR3FTKVVXGY
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9288
x-amz-id-2: yTP3Uf3RvixyO4WlOnndGCVFVCEH7OL8arUSKY4QzYqjfzEGF/Gs2lou5U4dmfVnCjqNJkIjbLA=
x-served-by: cache-hhn4070-HHN
last-modified: Fri, 22 Mar 2019 14:06:15 GMT
server: AmazonS3
x-timer: S1637036254.480511,VS0,VE0
date: Tue, 16 Nov 2021 04:17:34 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 156

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
354 B 116ms
115ms Image
image/gif 35.192.151.63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=201,393,127,722,1,725,1385,1389,2309,2309
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://halfourdeen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 04:17:34 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 193.27.14.10
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00uj4lvm82r66du62cmg

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/ Frame D505 349 KB
54 KB 53ms
14ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/analytics.min.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-vendors~form.ecf989b48d848f592877.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 980cbfa6a09d2dadbfd6546931e8b5613c21b8c3bdbea8fc7a5088a9e5d19365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: CR.86nkOvInq6Cggg3qVZFjzuB7824wx
content-encoding: br
etag: W/"dc873290f82c3f41a0cfd8343453f007"
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 04:32:40 GMT
server: AmazonS3
date: Tue, 16 Nov 2021 04:17:34 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: 0lXNZ8wTAJ3JU8sYqk1_GKfO4QnrZnkRXHljkVa-46O3qa0U3s89-A==

POST
H2 200 view-form-open Show response
form.typeform.com/forms/cNWRNo/insights/events/ Frame D505 2 B
423 B 393ms
393ms XHR
application/json 104.18.27.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/forms/cNWRNo/insights/events/view-form-open

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Nov 2021 04:17:34 GMT
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-release: 1453370206
x-envoy-upstream-service-time: 20
content-length: 2
x-build-date: 2021-11-12T14:07:37+0000
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZIxCjLj5iRrQGcVqb1azCQWkWvDwvVsrgm7tCjIxR0gdexpJM0SdqT0CHA5zwzvWfpdS4TvOXni7EHyzgZ0xtxOWHmk7HF5k5C38qMmA8uZfwdtc4IO9XZ9Y9ItSffe6mpg"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://form.typeform.com
x-newp: Yes
access-control-expose-headers: Location, X-Request-Id
x-service: insights-2.0
x-commit-sha: 57fe7ed0b92072d8ddc21ca94f8b1b8148f07aa5
cf-ray: 6aede90e9abc3622-MAN
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version

GET
H/1.1 200
OK aa6e0ec721 Show response
bam.nr-data.net/1/ Frame D505 57 B
322 B 443ms
109ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/aa6e0ec721?a=14390211&sa=1&v=1123.df1c7f8&t=Unnamed%20Transaction&rst=971&ref=https://form.typeform.com/to/cNWRNo&be=587&fe=920&dc=661&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1637036253527,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:22,%22c%22:22,%22s%22:53,%22ce%22:85,%22rq%22:85,%22rp%22:555,%22rpe%22:639,%22dl%22:559,%22di%22:661,%22ds%22:661,%22de%22:661,%22dc%22:919,%22l%22:919,%22le%22:920%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22formUid%22:%22cNWRNo%22,%22accountLimitName%22:%22undefined%22,%22rendererVersion%22:%223.280.1%22,%22isTouch%22:%22false%22,%22sessionId%22:%22xAAtIEdXFakw%22,%22planName%22:%22pro_plus%22,%22embeddingMode%22:%22standard%22%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1123.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 i Show response
api.segment.io/v1/ Frame D505 21 B
142 B 565ms
181ms XHR
application/json 35.167.27.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/i
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.27.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-27-130.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://form.typeform.com
date: Tue, 16 Nov 2021 04:17:35 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ Frame D505 21 B
143 B 260ms
181ms XHR
application/json 35.167.27.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.27.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-27-130.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=7519237826103022&typeform-embed=embed-widget&typeform-source=halfourdeen.com&typeform-medium=embed-sdk&typeform-medium-version=next
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://form.typeform.com
date: Tue, 16 Nov 2021 04:17:35 GMT
content-length: 21
vary: Origin
content-type: application/json

POST i
api.segment.io/v1/ Frame D505 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.typeform.com
URL: https://images.typeform.com/images/bL4hzPcmrzfJ/image/default-firstframe.png

Domain: api.segment.io
URL: https://api.segment.io/v1/i

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-19 22:45:22	Name: view.bRQzdAnZQQoAhuvvyLZKsh.PeVHHvK5Yt5EULcSPo7WM6 Value: 1637036254000
js.center.io/	1978-01-11 21:31:40	Name: centerVisitorId Value: xBL7xYatMR9W5Q8hYhvY94
.form.typeform.com/	1970-01-20 16:15:08	Name: _ga Value: GA1.3.465167481.1637036254
.form.typeform.com/	1970-01-19 22:45:22	Name: _gid Value: GA1.3.810297362.1637036254
.form.typeform.com/	1970-01-19 22:43:56	Name: _gat Value: 1
.typeform.com/	1970-01-19 22:43:58	Name: __cf_bm Value: NKWxVp37gbZx08kfn93jHAMHYb7UM645UBZ1QaSvUFM-1637036254-0-AQnegB9FJwPJua2HL5ZNU3ujcAEHT0L5zmmCPoOpo+cwpFg8TnLBpRTkYKzI1z+pNu2bKOcRf67NhWD30ppH0PXgicVkCk/qi8vYuW8Dc8pMdPAZKDzJw9X8jI3mIXCxcvvI4N3LG/iib2aOJGqdmU7mUfmxzdmsyJjKGLhbx2Z3
.typeform.com/	1970-01-20 07:29:32	Name: attribution_user_id Value: 9f8d9b44-72c6-4bf4-9d92-0af82640a204
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7655d90dc06e9ea7

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://babaali.lpages.co/_/js/offline/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://embed.typeform.com/next/embed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://babaali.lpages.co/_/js/offline/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://babaali.lpages.co/_/js/offline/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://embed.typeform.com/next/embed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://babaali.lpages.co/_/js/offline/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
api.segment.io
babaali.lpages.co
bam.nr-data.net
cdn.segment.com
cdnjs.cloudflare.com
embed.lpcontent.net
embed.typeform.com
fonts.googleapis.com
fonts.gstatic.com
form.typeform.com
halfourdeen.com
images.typeform.com
js-agent.newrelic.com
js.center.io
lh3.googleusercontent.com
renderer-assets.typeform.com
static.leadpages.net
www.google-analytics.com
www.hodoffline.com
api.segment.io
images.typeform.com
104.18.27.71
143.204.99.83
151.101.2.137
162.247.242.21
2600:9000:2156:2e00:2:c605:29c0:93a1
2600:9000:2156:8000:4:f6ce:61c0:93a1
2600:9000:2156:8200:8:2495:5540:93a1
2606:4700::6810:135e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2013
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
34.107.203.240
35.167.27.130
35.192.151.63
35.202.21.90
64.29.151.221
68.168.108.97
038d9c27483afea31a24f20268362f124fdd9b5088ca02eaab74f13fafe13460
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
139d74568f4dbf74ad6cac131d427a310f2609fe2110db214f277482b9dfc29c
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
19e23033821c7cad8852e95614f638eb8f0e77bef4603e3c89e47bb0bbdbbf1f
3f8c22aeb94863184836c92494486b8b9f0d1c4ceaef01304cdc8cd136936898
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61b9a6a2aa096c8c7f42748c3fb005ca9d550ec121cffc73ff40b868cccaf24b
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
69b0b72017e3adb55d53b2bdb88c8f23c2eba7efa7ba852c300d264d2ac9ed4e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8e318b1f90fac6502b3ca918d840d05bfaac3fdd13baf4df8ffcb3e80c398cb3
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82
980cbfa6a09d2dadbfd6546931e8b5613c21b8c3bdbea8fc7a5088a9e5d19365
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4545357a90ff00a952ca36647aa1eeb2b6c8525be57f152f4cffee198ce1df3
b05aeafdcb748b418d8abc8291d4514ab279473ef2568a2769f2a6830c4f91b8
bc0d442f28da3787d907f6c3db490fca6dcd323c6b78f82ec97b8e7f1b0dd29a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1d3f4d4c6e641425f1ebaeb972e930427f65bcc891867b425e69e28225b9a37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7
eee6aab8fb77d1f0b49de6a22b136c9eb090144f5029289a548b9a07ab7f401b
f5f76a901a8d0579e183db05eaf6154192794672000d88c70ab6a976966a0f6a
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

halfourdeen.com Open in urlscan Pro 68.168.108.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

37 Requests

95 %HTTPS

47 %IPv6

17 Domains

20 Subdomains

19 IPs

3 Countries

797 kBTransfer

2236 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

halfourdeen.com Open in urlscan Pro
68.168.108.97 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

95 %
HTTPS

47 %
IPv6

17
Domains

20
Subdomains

19
IPs

3
Countries

797 kB
Transfer

2236 kB
Size

8
Cookies

37 HTTP transactions
1 data transactions