hodoffline.com Open in urlscan Pro
199.241.218.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hodoffline.com/
Submission: On March 09 via api (March 9th 2023, 3:42:19 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 50 HTTP transactions. The main IP is 199.241.218.47, located in United States and belongs to CODERO-DFW, US. The main domain is hodoffline.com.

This is the only time hodoffline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.241.218.47 199.241.218.47	18501 (CODERO-DFW) (CODERO-DFW)
1 2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:225... 2600:9000:225e:2e00:2:c605:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:2c00:2:c605:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.18.23.9 104.18.23.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:b958	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:205... 2600:9000:2057:4e00:9:b3c8:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:b200:8:2495:5540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:214... 2600:9000:214f:5c00:4:f6ce:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:9800:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.227.43.255 34.227.43.255	14618 (AMAZON-AES) (AMAZON-AES)
4	44.196.127.9 44.196.127.9	14618 (AMAZON-AES) (AMAZON-AES)
50	21

1 199.241.218.47 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 47-218-241-199.dedicated.codero.net

hodoffline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

babaali.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:2e00:2:c605:29c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

embed.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:2c00:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.23.9 (None, )

ASN13335 (CLOUDFLARENET, US)

form.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b958 (United States)

ASN13335 (CLOUDFLARENET, US)

typeformforms.report-uri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:4e00:9:b3c8:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

font.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:b200:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:5c00:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

renderer-assets.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9800:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.227.43.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-43-255.compute-1.amazonaws.com

rudderstack-control-plane.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.196.127.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-127-9.compute-1.amazonaws.com

rudderstack.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	typeform.com 1 redirects embed.typeform.com — Cisco Umbrella Rank: 22684 form.typeform.com — Cisco Umbrella Rank: 42147 font.typeform.com — Cisco Umbrella Rank: 39999 images.typeform.com — Cisco Umbrella Rank: 35941 renderer-assets.typeform.com — Cisco Umbrella Rank: 31389 rudderstack-control-plane.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 40243 rudderstack.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 38342	729 KB
6	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 58	297 KB
4	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 35348	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	20 KB
3	gstatic.com fonts.gstatic.com	61 KB
2	center.io js.center.io — Cisco Umbrella Rank: 42063	8 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 40240	93 KB
2	lpages.co 1 redirects babaali.lpages.co	25 KB
1	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 12296	133 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	44 KB
1	report-uri.com typeformforms.report-uri.com — Cisco Umbrella Rank: 337132	612 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	17 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 53990	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	hodoffline.com hodoffline.com	549 B
50	15

	Domain	Requested by
6	lh3.googleusercontent.com	babaali.lpages.co hodoffline.com
5	form.typeform.com	embed.typeform.com hodoffline.com form.typeform.com renderer-assets.typeform.com
4	rudderstack.cdp.prod.data.typeform.com	renderer-assets.typeform.com
4	renderer-assets.typeform.com	form.typeform.com renderer-assets.typeform.com
4	api.leadpages.io	js.center.io embed.lpcontent.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	font.typeform.com	form.typeform.com font.typeform.com
3	fonts.gstatic.com	fonts.googleapis.com
3	embed.typeform.com	1 redirects hodoffline.com embed.typeform.com
2	rudderstack-control-plane.cdp.prod.data.typeform.com	renderer-assets.typeform.com
2	js.center.io	hodoffline.com js.center.io
2	static.leadpages.net	babaali.lpages.co static.leadpages.net
2	babaali.lpages.co	1 redirects hodoffline.com
1	cdn.rudderlabs.com	renderer-assets.typeform.com
1	www.googletagmanager.com	form.typeform.com
1	images.typeform.com	form.typeform.com
1	typeformforms.report-uri.com	hodoffline.com
1	cdnjs.cloudflare.com	babaali.lpages.co
1	embed.lpcontent.net	babaali.lpages.co
1	fonts.googleapis.com	babaali.lpages.co
1	hodoffline.com
50	21

This site contains links to these domains. Also see Links.

Domain
www.halfdeen.com

Subject Issuer	Validity	Valid
static.leadpages.net GTS CA 1D4	`2023-02-26` - `2023-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.typeform.com Amazon RSA 2048 M01	`2023-02-24` - `2023-10-29`	8 months	crt.sh
typeform.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-22`	a year	crt.sh
*.report-uri.com E1	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-12`	6 months	crt.sh
cdp.prod.data.typeform.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://hodoffline.com/
Frame ID: 4BE64ACCFA9D724C6196270F84385230
Requests: 24 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 09525D7B45D0361E177F7AD0EADC821F
Requests: 1 HTTP requests in this frame

Frame: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
Frame ID: 8196B5AA44A4FBC8B231CE931F999503
Requests: 20 HTTP requests in this frame

Frame: https://form.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678363200
Frame ID: 9F244440F75621CFE264C08978621A4F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offline

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

50
Requests

92 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

1445 kB
Transfer

3469 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.halfdeen.com/
Title: www.HalfDeen.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://babaali.lpages.co/_/js/offline/ HTTP 301
https://babaali.lpages.co/_/js/offline/

Request Chain 4

http://embed.typeform.com/next/embed.js HTTP 301
https://embed.typeform.com/next/embed.js

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hodoffline.com/ 248 B
549 B 382ms
128ms Document
text/html 199.241.218.47
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL: http://hodoffline.com/
Protocol: HTTP/1.1
Server: 199.241.218.47 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS: 47-218-241-199.dedicated.codero.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 038d9c27483afea31a24f20268362f124fdd9b5088ca02eaab74f13fafe13460

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 255
Content-Type: text/html
Date: Thu, 09 Mar 2023 15:42:12 GMT
ETag: "04ee6e0f3efd71:0"
Last-Modified: Mon, 13 Dec 2021 07:34:36 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Powered-By: ASP.NET

GET
H2

200

/ Show response
babaali.lpages.co/_/js/offline/
Redirect Chain

http://babaali.lpages.co/_/js/offline/
https://babaali.lpages.co/_/js/offline/

143 KB
24 KB

470ms
230ms

Script
application/javascript

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://babaali.lpages.co/_/js/offline/

Requested by

Host: hodoffline.com
URL: http://hodoffline.com/

Protocol

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

bf14adfe98dbc1e79cc2cab2011598e617f2651b051ae415444493a6ed843e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:13 GMT
strict-transport-security: max-age=15768000
content-encoding: br
last-modified: Mon, 06 Feb 2023 06:29:57 GMT
server: Leadpages
etag: W/"7f780b893c4769d1a00d91d76d53f38f"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: application/javascript
cache-control: no-cache

Redirect headers

Location: https://babaali.lpages.co/_/js/offline/
Date: Thu, 09 Mar 2023 15:42:13 GMT
Strict-Transport-Security: max-age=15768000
Server: Leadpages
Connection: keep-alive
Content-Length: 166
Content-Type: text/html

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 66ms
8ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 22:00:48 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 2137285
etag: "rvb96Q"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 44bfb776f476334793daec22d35f55b7
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Mon, 12 Feb 2024 22:00:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 114ms
44ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,700|Rozha+One:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec748faf5f8885cd0a66eb9e81a0c39d159de0f153881183f8622ff9aea13982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 15:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 15:42:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 15:42:13 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 59ms
18ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: hodoffline.com
URL: http://hodoffline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:37:57 GMT
content-encoding: gzip
server: Google Frontend
age: 256
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: ce8d8ee1f1ad9c0d8f8897c29f780da2
cache-control: public, max-age=300
content-length: 5417
expires: Thu, 09 Mar 2023 15:42:57 GMT

GET
H2

200

embed.js Show response
embed.typeform.com/next/
Redirect Chain

http://embed.typeform.com/next/embed.js
https://embed.typeform.com/next/embed.js

50 KB
12 KB

25ms
8ms

Script
application/x-javascript

2600:9000:225e:2c00:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.typeform.com/next/embed.js
Requested by: Host: hodoffline.com
URL: http://hodoffline.com/
Protocol: H2
Server: 2600:9000:225e:2c00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a6616f9856367d025911b62e77b3cf61f7f8139989593c567f9d997eb096389

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: BsI5Szg0J2ickzu3WELMR9knucYQVG0g
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date: Thu, 09 Mar 2023 15:39:47 GMT
x-amz-cf-pop: FRA60-P4
age: 147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Mar 2023 13:50:43 GMT
server: AmazonS3
etag: W/"bbe9b174b99b812be57d44c4b987d1ce"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=0, must-revalidate
x-amz-cf-id: 7QmeoYzLovm6axlaxpTPMJttNJfupnm7_iRudbdvUCmNBfLVj3TQGA==

Redirect headers

Date: Thu, 09 Mar 2023 15:42:13 GMT
Via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://embed.typeform.com/next/embed.js
cache-control: public, max-age=0, must-revalidate
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400
Content-Length: 167
X-Amz-Cf-Id: huXEDdZMP5jMP3IhjzvEBfLPeWkNmMqYe4m6WnijsTJIOD6pLnfmiw==

GET
H2 200 OQhvo35hHrEnpmo2lqcNJ3avcHi-qLNaWCUPRqOYWMyJl3lOT2R17f1h2IWSiqzQ0km7HZJg2ojQ2cuG3yXjFdEJphzzQvrX1fk=s0
lh3.googleusercontent.com/ 39 KB
39 KB 578ms
472ms Image
image/png 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/OQhvo35hHrEnpmo2lqcNJ3avcHi-qLNaWCUPRqOYWMyJl3lOT2R17f1h2IWSiqzQ0km7HZJg2ojQ2cuG3yXjFdEJphzzQvrX1fk=s0

Requested by

Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eee6aab8fb77d1f0b49de6a22b136c9eb090144f5029289a548b9a07ab7f401b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39595
x-xss-protection: 0
expires: Fri, 10 Mar 2023 15:42:14 GMT

GET
H2 200 efAwa8EATIjgB_ls-lOy9M0tXDOwUgXKXiTAXLV4a2UNQtOncRjx6aDemSNuoUUlPsNhSelVLsvi36DlINbpNix15tV0-7a_InI=w16
lh3.googleusercontent.com/ 457 B
760 B 472ms
368ms Image
image/jpeg 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/efAwa8EATIjgB_ls-lOy9M0tXDOwUgXKXiTAXLV4a2UNQtOncRjx6aDemSNuoUUlPsNhSelVLsvi36DlINbpNix15tV0-7a_InI=w16

Requested by

Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b7168633ec72ce551b075e5e293d2542bd70b44c92af37ecdc678aeddc2cea32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 457
x-xss-protection: 0
expires: Fri, 10 Mar 2023 15:42:14 GMT

GET
H2 200 j_UhZGMi_FXNajbYhoMs-Kmnvy_NFyCgIYwRxSrigO0WLM29ghB5q_QDLJAsN77l3i5Ov0pt-f-QJ5E4VVPy-Oe-4xfgf3t83sxi=s0
lh3.googleusercontent.com/ 48 KB
48 KB 581ms
478ms Image
image/png 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/j_UhZGMi_FXNajbYhoMs-Kmnvy_NFyCgIYwRxSrigO0WLM29ghB5q_QDLJAsN77l3i5Ov0pt-f-QJ5E4VVPy-Oe-4xfgf3t83sxi=s0

Requested by

Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

040cf1b18817b573c86d8b980f9cf4fede1d53d90b6def0608c59ada152dc4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49209
x-xss-protection: 0
expires: Fri, 10 Mar 2023 15:42:14 GMT

GET
H2 200 6qMd6RL51gVXOINyIUp8heT2iDj2Lumpkl6nTXvIyIlQYfw6XFcchROE0JJ65tHgaScMo92p8FJLqNHSXJjWRC39HeUFqrll0g=s0
lh3.googleusercontent.com/ 25 KB
25 KB 617ms
513ms Image
image/jpeg 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6qMd6RL51gVXOINyIUp8heT2iDj2Lumpkl6nTXvIyIlQYfw6XFcchROE0JJ65tHgaScMo92p8FJLqNHSXJjWRC39HeUFqrll0g=s0

Requested by

Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

139d74568f4dbf74ad6cac131d427a310f2609fe2110db214f277482b9dfc29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25818
x-xss-protection: 0
expires: Fri, 10 Mar 2023 15:42:14 GMT

GET
H2 200 EyZjDIyWBTTTLPZOHrplpJMJZpJdTg1zMkFJlL8ad1VLf0-gD6BWe54Xkg7DnIQLjaMZ0GOakhHPtukkFMJfR-xUQsb2ut78dmfV=s0
lh3.googleusercontent.com/ 20 KB
20 KB 683ms
585ms Image
image/jpeg 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EyZjDIyWBTTTLPZOHrplpJMJZpJdTg1zMkFJlL8ad1VLf0-gD6BWe54Xkg7DnIQLjaMZ0GOakhHPtukkFMJfR-xUQsb2ut78dmfV=s0

Requested by

Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e318b1f90fac6502b3ca918d840d05bfaac3fdd13baf4df8ffcb3e80c398cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20647
x-xss-protection: 0
expires: Fri, 10 Mar 2023 15:42:14 GMT

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 34ms
7ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:39:45 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 148
etag: "FTvmgg"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 2e789189d88bc79b1dbb534fff55b34a
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Thu, 09 Mar 2023 15:44:45 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/ 57 KB
17 KB 42ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js

Requested by

Host: babaali.lpages.co
URL: http://babaali.lpages.co/_/js/offline/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://hodoffline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 09 Mar 2023 15:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5338713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16963
last-modified: Wed, 20 May 2020 06:50:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ec4d334-e5ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0Eg2Z9pvWcenb3Vf5I%2BNKONGBNSK8w8w4ZfaFc7wWrnfgZx2m6UGGwBnrgeo%2BPfVTEIkVol2m12xw0p%2BjoY10%2BgBhTaxXMUk17MV8Yun%2FMvcYPQC0UZo%2BDudWHP2BKlAo6imc0FkbjfBXlnJybVUnzq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a546d3788509094-FRA
expires: Tue, 27 Feb 2024 15:42:13 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 0952 4 KB
2 KB 16ms
15ms Document
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: http://hodoffline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Thu, 09 Mar 2023 15:41:10 GMT
etag: "OMWYXg"
expires: Thu, 09 Mar 2023 15:46:10 GMT
server: Google Frontend
x-cloud-trace-context: 4e0eda1111de4b8b2b8746e2403c2fa7

GET
H2 200 fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 27ms
11ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: http://hodoffline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:46:37 GMT
via: 1.1 google
server: Google Frontend
age: 1868136
etag: "rvb96Q"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: cfdac832d3759dd7fb79d689fedd96fe
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80148
expires: Fri, 16 Feb 2024 00:46:37 GMT

GET
H2 200 widget.css
embed.typeform.com/next/css/ 977 B
1 KB 11ms
9ms Stylesheet
text/css 2600:9000:225e:2c00:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.typeform.com/next/css/widget.css
Requested by: Host: embed.typeform.com
URL: http://embed.typeform.com/next/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2c00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 339f82086eb610c04641daa0f9ae1a81c438fd8b0e985704032ed98ee6f5f224

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:37:34 GMT
x-amz-version-id: 09B7EiHktcy702FsmYA5yt5Pb9p6p9sO
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 280
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 977
last-modified: Tue, 07 Mar 2023 13:50:43 GMT
server: AmazonS3
etag: "bfa88540583875439d081b2da923623c"
content-type: text/css
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
x-amz-cf-id: mjwfHwFNXaCQJCOGMKAxibkKKpUYVt4AUXcIvKForWB2CwYvpgPafQ==

GET
H2 200 cNWRNo Show response
form.typeform.com/to/ Frame 8196 128 KB
42 KB 445ms
388ms Document
text/html 104.18.23.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next

Requested by

Host: embed.typeform.com
URL: http://embed.typeform.com/next/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / 7719-7.34.0

Resource Hash

184d29cc17c3fd82da983426f99356cd2d8432ea6bbd1c9c60aceec83d1fc646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://hodoffline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers: Location, X-Request-Id
age: 256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a546d38cfa73803-FRA
content-encoding: gzip
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 15:42:14 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvMF2OzYFq78aecOZPtGRQwYga%2BMmSjGulKjRQfd%2BB0uqhjZcSB3i5%2Bt0Ru%2FsFYceBXaoQf5hgRuELAYjbgcx76lIz3oS9u6eMPYLPzb7ABQZqgTYl1oy8lKb7DJwh8WKuWR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-cache-lookup: HIT
x-envoy-upstream-service-time: 1
x-powered-by: 7719-7.34.0
x-varnish: 392082101 392502555

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 56ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,700|Rozha+One:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://hodoffline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 310387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 47ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,700|Rozha+One:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://hodoffline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 16:31:08 GMT
x-content-type-options: nosniff
age: 601865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:31:08 GMT

GET
H2 200 AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v13/ 18 KB
18 KB 53ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rozhaone/v13/AlZy_zVFtYP12Zncg2kRcn35.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,700|Rozha+One:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://hodoffline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:51:29 GMT
x-content-type-options: nosniff
age: 535844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18176
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:29:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 10:51:29 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
660 B 407ms
127ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=PeVHHvK5Yt5EULcSPo7WM6&v=&e=&st=&lc=en-US&pid=bRQzdAnZQQoAhuvvyLZKsh&uid=6uV8fVGoqTPL5Nu5wfdcYg&sid=KGP8T5goLFemkjYSJcrQv6&cid=lp-PeVHHvK5Yt5EULcSPo7WM6&uri=http%3A%2F%2Fhodoffline.com%2F&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 15:42:14 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: http://hodoffline.com
X-Forwarded-For: 217.64.151.3
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 07eq26vtp96obqcm6l7g

GET
H2 200 efAwa8EATIjgB_ls-lOy9M0tXDOwUgXKXiTAXLV4a2UNQtOncRjx6aDemSNuoUUlPsNhSelVLsvi36DlINbpNix15tV0-7a_InI=w1040
lh3.googleusercontent.com/ 164 KB
164 KB 213ms
212ms Image
image/jpeg 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/efAwa8EATIjgB_ls-lOy9M0tXDOwUgXKXiTAXLV4a2UNQtOncRjx6aDemSNuoUUlPsNhSelVLsvi36DlINbpNix15tV0-7a_InI=w1040

Requested by

Host: hodoffline.com
URL: http://hodoffline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

695157fba203db1f44a35f035495aef767ad6b96b7aed79bc5990fcedce0ede1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168026
x-xss-protection: 0
expires: Fri, 10 Mar 2023 15:42:14 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
435 B 369ms
119ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=pNgK4cvEKP9dZzsaQ57wgs&kind=timer&label=lb_embed_embed_script_load&value=44.5
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 15:42:14 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: http://hodoffline.com
X-Forwarded-For: 217.64.151.3
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 07eq272toi22tlall6j0

POST
H2 201 reportOnly
typeformforms.report-uri.com/r/t/csp/ 0
612 B 59ms
23ms Other
text/plain 2606:4700::6811:b958
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://typeformforms.report-uri.com/r/t/csp/reportOnly

Requested by

Host: hodoffline.com
URL: http://hodoffline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b958 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer: http://hodoffline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 7a546d3b79ab3660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 index.css
font.typeform.com/dist/google/open-sans/ Frame 8196 5 KB
1 KB 82ms
6ms Stylesheet
text/css 2600:9000:2057:4e00:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/open-sans/index.css
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4e00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9f81b332d2b8436a201e1006ad457d38956073d1c5b5c5acca6004488b10386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:08:37 GMT
x-amz-version-id: 5zbvo9IotZ.YcerNr4DYy8I831GCZuLr
content-encoding: gzip
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 30818
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Mar 2023 02:08:43 GMT
server: AmazonS3
etag: W/"87d65271196ec69bb443d88084f34c34"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
x-amz-cf-id: dBac_XZrAq-WbSkY-qQ5Wx9JPS40OafNPL1CTxzWwVJJH4gC_qT5qA==

GET
H2 200 default
images.typeform.com/images/bL4hzPcmrzfJ/image/ Frame 8196 108 KB
109 KB 942ms
842ms Image
image/png 2600:9000:223f:b200:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/bL4hzPcmrzfJ/image/default

Requested by

Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:b200:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ecc061b2781bb938964265be4c65cd9fa462efdfebea688f084b20ddd9b12268

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:15 GMT
content-security-policy: script-src 'self'
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1, FRA56-P5
x-amzn-requestid: ccfa7362-49ce-4918-be5a-87ef97a2c109
x-amzn-trace-id: Root=1-6409fe56-718bdd2e403e8ae119457343;Sampled=0
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-apigw-id: BhStlGt6IAMFY2Q=
content-length: 110657
x-amz-cf-id: BHwXA-btc7c5cLoLAEFVRfdcgz0kSjZ0p5OPFC2US-KWLozlzXULCw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8196 112 KB
44 KB 113ms
49ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9415994-7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6dd7f8566b5dbc6b436faeddb396781bef90e8261a70e1ecd842f6a9c2544191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44770
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 15:42:14 GMT

GET
H2 200 modern-renderer.e3542c267e115d214072.js Show response
renderer-assets.typeform.com/ Frame 8196 771 KB
228 KB 105ms
11ms Script
application/x-javascript 2600:9000:214f:5c00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/modern-renderer.e3542c267e115d214072.js
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5c00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34c4f24fba2c7a09c280aa2440e19b64abd4bcaa9d5c35d3c0cbff4f9fd95e46

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
Origin: https://form.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 11:22:50 GMT
x-amz-version-id: wgpop79fVIZfIrZWBwOd1h99wutd2Joi
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 15564
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 10:16:52 GMT
server: AmazonS3
etag: W/"7b1f9be55b882ff936bd123bc43a9cbc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=2419200
x-amz-cf-id: d5nvIiFTbSuchnE0YJihO8BUcL275mEgkyLACu9Xjp_ONYIs4gFl1Q==

GET
H2 200 invisible.js Show response
form.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 9F24 25 KB
13 KB 19ms
17ms Script
application/javascript 104.18.23.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678363200

Requested by

Host: hodoffline.com
URL: http://hodoffline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6e6b376ec59fa6040357fe265ff7a02a8f3c5469190f3230c10a25df212e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PzYdce2FxhUSXLSjvscIlf4u5W6V8YzuzEQy0UJDkRtTpN%2FW4W9MTy9kG1t5iqvxqRRhzP12%2B9DDLjp766cSqF8IAyjR%2FgZOFH%2FXKECZRZIy2fBm1Jw0rgvXa8B0wxQV3El"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a546d3c1c613803-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
form.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 9F24 7 KB
4 KB 14ms
13ms Other
application/javascript 104.18.23.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a104a4b11e8259c325389acb274af2bc83c9ab1562cdd6b2e9a5c75df0045fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90n1d7iUQACam88cxZqGuST%2FxEBofa4L10xOtiDuxuGkdYplTX7YqxfvWhwbzlMMGJ0EiFGw5StQoFz5ULkiq8v1vgIH1jMhROooqZrgOXGdEoswDvkN4a4Tj1CVNZ%2FbRrbw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a546d3c4b2ebb32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7a546d38cfa73803 Show response
form.typeform.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 9F24 2 B
726 B 32ms
30ms XHR
text/plain 104.18.23.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/cdn-cgi/challenge-platform/h/g/cv/result/7a546d38cfa73803

Requested by

Host: form.typeform.com
URL: https://form.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678363200

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 15:42:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl0F8TVzjGvu9nku35f1NJikJKJI2C6vIEwF8PJNPKIAkxJkPdcm1z3ovXqtxTT6w6%2BVe%2B2Yx4U0p04wv016cJ7L4yAFNXn453PFi80AbIBySsOja1OuC%2B2vhXtF9G1wfJ4e"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a546d3e3e03bb32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8196 49 KB
20 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9415994-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 15:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1484
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 17:17:30 GMT

GET
H3 200 vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js Show response
renderer-assets.typeform.com/ Frame 8196 107 KB
28 KB 23ms
11ms Script
application/x-javascript 2600:9000:214f:5c00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.e3542c267e115d214072.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:5c00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Bl2yKtaI9m2Ques5NOZXqHojzo17vlZ7
content-encoding: gzip
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
date: Thu, 09 Mar 2023 02:27:19 GMT
age: 47696
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Mar 2023 11:40:28 GMT
server: AmazonS3
etag: W/"84ed4a4c21dda7b34914967639b12068"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Ey816wIs7PY8CicKqIkP1oFovxeRfSAfL7yZUGFZtNX2wWEU6qinQg==

GET
H3 200 vendors~form.6dd7e207d39a606f6065.renderer.js Show response
renderer-assets.typeform.com/ Frame 8196 620 KB
188 KB 20ms
9ms Script
application/x-javascript 2600:9000:214f:5c00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/vendors~form.6dd7e207d39a606f6065.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.e3542c267e115d214072.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:5c00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7c28b233ae5e11aef66dad040b69dff6905bd6f8821bc9d44449c1c9a46d094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: sGF8GkvMd0jM1aRMhIADuty7MHslBP2A
content-encoding: gzip
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
date: Thu, 09 Mar 2023 15:38:53 GMT
age: 202
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Mar 2023 14:57:19 GMT
server: AmazonS3
etag: W/"7dee4d2627dad3f02b953b39fe54c8c1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: SPEqwQiL4B40mO79otxOGG-2YUF6OJDwjAXDkdwtxXcQyONRVomevA==

GET
H3 200 form.f932455499d14dc34585.renderer.js Show response
renderer-assets.typeform.com/ Frame 8196 229 KB
67 KB 23ms
11ms Script
application/x-javascript 2600:9000:214f:5c00:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://renderer-assets.typeform.com/form.f932455499d14dc34585.renderer.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.e3542c267e115d214072.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:5c00:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2899669b54d7b4a29ce0a4d5c561b3f37b78db6ffe09237f28f78f5aee3595e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 11:22:52 GMT
x-amz-version-id: cd35ZEDzUB53fweGqi0m2K_.SYL_dGkK
content-encoding: gzip
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
age: 15563
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 10:38:21 GMT
server: AmazonS3
etag: W/"1309aae30a13bdc88b2e256f7b832c98"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Cuzo54RYHnQo2g2WQd-ErK1OX4gIgTuIzdyUVtWhsFoKEG9p9VRYWA==

GET default-firstframe.png
images.typeform.com/images/bL4hzPcmrzfJ/image/ Frame 8196 0
0

GET
H3 200 open-sans-latin-400-normal.woff2
font.typeform.com/dist/google/open-sans/files/ Frame 8196 16 KB
17 KB 24ms
12ms Font
binary/octet-stream 2600:9000:2057:4e00:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/open-sans/files/open-sans-latin-400-normal.woff2
Requested by: Host: font.typeform.com
URL: https://font.typeform.com/dist/google/open-sans/index.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:4e00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Request headers

Referer: https://font.typeform.com/dist/google/open-sans/index.css
Origin: https://form.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 00:29:05 GMT
x-amz-version-id: 9QmX5PIaLF0Xqadf0.lY99UdmcfpGnmz
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
age: 400390
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 16692
last-modified: Tue, 28 Feb 2023 00:26:01 GMT
server: AmazonS3
etag: "d65113b6da7ba4bd0a59dbda5a7e24d4"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=432000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: mfo5dz017-r2240b-dTh8wyVtJ7Xwa0BJnDDuINWohiE4YSUFRLZ8w==

GET
H3 200 open-sans-latin-700-normal.woff2
font.typeform.com/dist/google/open-sans/files/ Frame 8196 16 KB
16 KB 23ms
11ms Font
binary/octet-stream 2600:9000:2057:4e00:9:b3c8:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://font.typeform.com/dist/google/open-sans/files/open-sans-latin-700-normal.woff2
Requested by: Host: font.typeform.com
URL: https://font.typeform.com/dist/google/open-sans/index.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:4e00:9:b3c8:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

Request headers

Referer: https://font.typeform.com/dist/google/open-sans/index.css
Origin: https://form.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 3aOLzs7X7oDPjxkAPzR8TK6YaDxA4rNe
date: Wed, 08 Mar 2023 19:10:34 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
age: 73959
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 16408
last-modified: Tue, 28 Feb 2023 00:26:01 GMT
server: AmazonS3
etag: "875ba54801f7cf83ea70abf613fab665"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=432000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 48d6fkOnkzxjuYQ1o_8Cdvbp8krzs82giw1JtZxH2a7PRgbpwXs7sQ==

GET
DATA 200
OK truncated
/ Frame 8196 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 8196 1 B
207 B 42ms
42ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=651804447&t=pageview&_s=1&dl=https%3A%2F%2Fform.typeform.com%2Fto%2FcNWRNo%3Ftypeform-embed-id%3D5114723397236776%26typeform-embed%3Dembed-widget%26typeform-source%3Dhodoffline.com%26typeform-medium%3Dembed-sdk%26typeform-medium-version%3Dnext&dr=http%3A%2F%2Fhodoffline.com%2F&ul=en-us&de=UTF-8&dt=Offline%20Registration%20Form&sd=24-bit&sr=1600x1200&vp=1085x800&je=0&_u=YEBAAUABAAAAACAAMC~&jid=732351891&gjid=1132949149&cid=1773762783.1678376535&tid=UA-9415994-7&_gid=1074805946.1678376535&_r=1&gtm=457e3360&z=2080711690

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 15:42:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://form.typeform.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ Frame 8196 35 B
111 B 41ms
41ms Ping
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 15:42:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://form.typeform.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view-form-open Show response
form.typeform.com/forms/cNWRNo/insights/events/v3/ Frame 8196 2 B
1 KB 142ms
140ms Fetch
application/json 104.18.23.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/forms/cNWRNo/insights/events/v3/view-form-open

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.6dd7e207d39a606f6065.renderer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Mar 2023 15:42:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-release: 4375702692
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
x-build-date: 2023-03-09T15:52:10+01:00
server: cloudflare
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://form.typeform.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4eSIGkOZfwHII8ygwhNv3GxrjkZMxT3hqHVBt1TOIMqVefYyGm%2FMfX7cKODpgNQooudCZujgeIhFflwCS1XYVkaV9pI0%2FDiXJnOb%2B6SUfz0QP8rhl6aK%2B7yl6ZGyM82eGb1"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Location, X-Request-Id
x-service: insights-2.0
x-commit-sha: 8b3b937caec409f9d576865dee15450d0b463c34
cf-ray: 7a546d40ca6dbb32-FRA
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1/ Frame 8196 459 KB
133 KB 465ms
417ms Script
text/javascript 2600:9000:214f:9800:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.6dd7e207d39a606f6065.renderer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9800:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29abc0ced159dd0cd79de50a96fadb71029bf9d7489abfba36b6845178bc31aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:42:16 GMT
content-encoding: gzip
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 11:25:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"29e4b57ca016da0573705dd33ce7e939"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: xc_Hh7uMBYWSwZpwyg8qOXpsEqTlU3mYMW1_JJxxkMYYB32cYUklhQ==

OPTIONS
H2 200 /
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 0
0 484ms
98ms Preflight
text/plain 34.227.43.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.26.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.43.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-43-255.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 09 Mar 2023 15:42:16 GMT
server: uvicorn
vary: Origin

GET
H2 200 / Show response
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 8196 610 B
744 B 102ms
102ms XHR
application/json 34.227.43.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.26.0
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.6dd7e207d39a606f6065.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.43.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-43-255.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash: 1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 15:42:16 GMT
access-control-allow-credentials: true
server: uvicorn
content-length: 610
content-type: application/json

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
354 B 119ms
118ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=126,127,128,382,1,386,1303,1312,3536,3536
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 15:42:16 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 217.64.151.3
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 07eq27eqpuoph2q4p1j0

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 8196 2 B
157 B 110ms
110ms XHR
text/plain 44.196.127.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.6dd7e207d39a606f6065.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-127-9.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
AnonymousId: YTI0NzQ2ZTQtZDE2My00MjE3LWFjMTYtMzg3NzMyYzA3Mjg2
Content-Type: application/json

Response headers

access-control-allow-origin: https://form.typeform.com
date: Thu, 09 Mar 2023 15:42:17 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 365ms
97ms Preflight 44.196.127.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-127-9.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
content-length: 0
date: Thu, 09 Mar 2023 15:42:16 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 98ms
97ms Preflight 44.196.127.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-127-9.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
content-length: 0
date: Thu, 09 Mar 2023 15:42:17 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 8196 2 B
157 B 103ms
103ms XHR
text/plain 44.196.127.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.6dd7e207d39a606f6065.renderer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.127.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-127-9.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://form.typeform.com/to/cNWRNo?typeform-embed-id=5114723397236776&typeform-embed=embed-widget&typeform-source=hodoffline.com&typeform-medium=embed-sdk&typeform-medium-version=next
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
AnonymousId: YTI0NzQ2ZTQtZDE2My00MjE3LWFjMTYtMzg3NzMyYzA3Mjg2
Content-Type: application/json

Response headers

access-control-allow-origin: https://form.typeform.com
date: Thu, 09 Mar 2023 15:42:17 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
435 B 119ms
119ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=AaeqXQN3Yws4WUKKRXhzTR&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=60.5,112.70000076293945,1,414.6000003814697
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hodoffline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 15:42:18 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: http://hodoffline.com
X-Forwarded-For: 217.64.151.3
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 07eq2805s90v4lg5voe0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.typeform.com
URL: https://images.typeform.com/images/bL4hzPcmrzfJ/image/default-firstframe.png

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 10:14:22	Name: view.bRQzdAnZQQoAhuvvyLZKsh.PeVHHvK5Yt5EULcSPo7WM6 Value: 1678376534000
js.center.io/	1970-01-20 19:48:56	Name: centerVisitorId Value: 6uV8fVGoqTPL5Nu5wfdcYg
.typeform.com/	1970-01-20 10:12:58	Name: __cf_bm Value: 96ilT9iMbejopHB7UIgUrD.yf4PqR1DJiHgMFIBiLIU-1678376534-0-AShpiJ5ZPDlytOlaCvKHLkVLYZBt4We5a42RBtdjTVeo+gF15Zu5ug4RChIMbsOpBO+cojKKbuwDa944e3CNv9bCl17jlvOdc5GR0ugwDk+5SFln7jSaQoiyvn1Ii2QrrDOpzmxgfblB+jaqZV7u03j4cFZm4KPWKlgKtnkQ9I7A
.typeform.com/	1970-01-20 19:48:56	Name: form.typeform.com_ga Value: GA1.2.1773762783.1678376535
.typeform.com/	1970-01-20 10:14:22	Name: form.typeform.com_ga_gid Value: GA1.2.1074805946.1678376535
.typeform.com/	1970-01-20 10:12:56	Name: _gat_gtag_UA_9415994_7 Value: 1
.typeform.com/	1970-01-20 14:36:27	Name: tf_respondent_cc Value: {%22groups%22:[%222%22]%2C%22timestamp%22:%222023-03-09T15:42:15.086Z%22%2C%22implicitConsent%22:true}
.typeform.com/	1970-01-20 18:58:32	Name: attribution_user_id Value: 98ebf47a-207b-4bbe-ba3a-688c1d9b9119
form.typeform.com/	1970-01-20 10:23:01	Name: AWSALBTGCORS Value: FJGTyAVH05N4gZ7GuuEyOsNeiEGFTQ9NU3XtcKVLRIv43/ZFB5jAIASdQzlFYcrhrI96rs36anx9a8upRv9/4VkuhUAhDhLhSHICmw0vaKD00ql1/nLVtU4egVGmCwJtDId46rDE/G/IcmGXIwYhA4tuVP/yS8Hp3NL8ekgty1EK

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://babaali.lpages.co/_/js/offline/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://embed.typeform.com/next/embed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://babaali.lpages.co/_/js/offline/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://embed.typeform.com/next/embed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://babaali.lpages.co/_/js/offline/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	Message: [Report Only] Refused to frame 'https://form.typeform.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' http://localhost:* capacitor: iconic: https:".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
babaali.lpages.co
cdn.rudderlabs.com
cdnjs.cloudflare.com
embed.lpcontent.net
embed.typeform.com
font.typeform.com
fonts.googleapis.com
fonts.gstatic.com
form.typeform.com
hodoffline.com
images.typeform.com
js.center.io
lh3.googleusercontent.com
renderer-assets.typeform.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
static.leadpages.net
typeformforms.report-uri.com
www.google-analytics.com
www.googletagmanager.com
images.typeform.com
104.18.23.9
199.241.218.47
2001:4860:4802:32::15
2600:9000:2057:4e00:9:b3c8:b180:93a1
2600:9000:214f:5c00:4:f6ce:61c0:93a1
2600:9000:214f:9800:16:a497:9700:93a1
2600:9000:223f:b200:8:2495:5540:93a1
2600:9000:225e:2c00:2:c605:29c0:93a1
2600:9000:225e:2e00:2:c605:29c0:93a1
2606:4700::6811:180e
2606:4700::6811:b958
2a00:1450:4001:80e::2003
2a00:1450:400d:803::2008
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::200a
34.107.203.240
34.227.43.255
35.192.151.63
35.202.21.90
44.196.127.9
038d9c27483afea31a24f20268362f124fdd9b5088ca02eaab74f13fafe13460
040cf1b18817b573c86d8b980f9cf4fede1d53d90b6def0608c59ada152dc4df
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
139d74568f4dbf74ad6cac131d427a310f2609fe2110db214f277482b9dfc29c
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
184d29cc17c3fd82da983426f99356cd2d8432ea6bbd1c9c60aceec83d1fc646
1a6e6b376ec59fa6040357fe265ff7a02a8f3c5469190f3230c10a25df212e66
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2899669b54d7b4a29ce0a4d5c561b3f37b78db6ffe09237f28f78f5aee3595e4
29abc0ced159dd0cd79de50a96fadb71029bf9d7489abfba36b6845178bc31aa
2a104a4b11e8259c325389acb274af2bc83c9ab1562cdd6b2e9a5c75df0045fd
339f82086eb610c04641daa0f9ae1a81c438fd8b0e985704032ed98ee6f5f224
34c4f24fba2c7a09c280aa2440e19b64abd4bcaa9d5c35d3c0cbff4f9fd95e46
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
695157fba203db1f44a35f035495aef767ad6b96b7aed79bc5990fcedce0ede1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd7f8566b5dbc6b436faeddb396781bef90e8261a70e1ecd842f6a9c2544191
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a6616f9856367d025911b62e77b3cf61f7f8139989593c567f9d997eb096389
8e318b1f90fac6502b3ca918d840d05bfaac3fdd13baf4df8ffcb3e80c398cb3
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
b7168633ec72ce551b075e5e293d2542bd70b44c92af37ecdc678aeddc2cea32
b7c28b233ae5e11aef66dad040b69dff6905bd6f8821bc9d44449c1c9a46d094
bf14adfe98dbc1e79cc2cab2011598e617f2651b051ae415444493a6ed843e1c
c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7
e9f81b332d2b8436a201e1006ad457d38956073d1c5b5c5acca6004488b10386
ec748faf5f8885cd0a66eb9e81a0c39d159de0f153881183f8622ff9aea13982
ecc061b2781bb938964265be4c65cd9fa462efdfebea688f084b20ddd9b12268
eee6aab8fb77d1f0b49de6a22b136c9eb090144f5029289a548b9a07ab7f401b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

hodoffline.com Open in urlscan Pro 199.241.218.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

67 %IPv6

15 Domains

21 Subdomains

21 IPs

4 Countries

1445 kBTransfer

3469 kBSize

9 Cookies

1 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hodoffline.com Open in urlscan Pro
199.241.218.47 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

1445 kB
Transfer

3469 kB
Size

9
Cookies

50 HTTP transactions
1 data transactions