hra.liferaft.co Open in urlscan Pro
34.253.101.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHZrUVlEQUszZkNhemZDUUdJSlNveExaYXFIbHlSRGRPa0RLZz0iLCJocmVmIjoiaHR0cHM6...
Effective URL:
https://hra.liferaft.co/webinar/ichra-lr
Submission: On May 16 via api (May 16th 2023, 3:42:12 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 69 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is hra.liferaft.co.
TLS certificate: Issued by R3 on April 8th 2023. Valid for: 3 months.

This is the only time hra.liferaft.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.227.225.220 35.227.225.220	15169 (GOOGLE) (GOOGLE)
1	34.253.101.190 34.253.101.190	16509 (AMAZON-02) (AMAZON-02)
18	2600:9000:223... 2600:9000:223f:4600:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:ba41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.64.142.123 18.64.142.123	16509 (AMAZON-02) (AMAZON-02)
1	143.204.214.217 143.204.214.217	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:d3f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d4f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
69	18

1 35.227.225.220 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com

e.customeriomail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.101.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

hra.liferaft.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:223f:4600:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:ba41 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.142.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-142-123.mct50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-217.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:d3f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	gstatic.com www.gstatic.com fonts.gstatic.com	896 KB
18	website-files.com assets.website-files.com — Cisco Umbrella Rank: 12311	1006 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	113 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4477 forms-na1.hsforms.com — Cisco Umbrella Rank: 7443	9 KB
3	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7079	492 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	249 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5171	563 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	3 KB
2	cloudfront.net d3e54v103j8qbb.cloudfront.net d10lpsik1i8c69.cloudfront.net	33 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 179	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2495	254 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1019	50 KB
1	liferaft.co hra.liferaft.co	9 KB
1	customeriomail.com 1 redirects e.customeriomail.com — Cisco Umbrella Rank: 95209	166 B
0	luckyorange.net Failed settings.luckyorange.net Failed
69	16

	Domain	Requested by
18	assets.website-files.com	hra.liferaft.co assets.website-files.com
11	www.gstatic.com	www.google.com www.gstatic.com
10	www.google.com	1 redirects hra.liferaft.co js.hsforms.net www.gstatic.com www.google.com
9	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	forms.hsforms.com	js.hsforms.net
3	js.hsforms.net	hra.liferaft.co js.hsforms.net
3	www.googletagmanager.com	hra.liferaft.co www.googleoptimize.com
2	fonts.googleapis.com	js.hsforms.net
2	www.google.de	hra.liferaft.co
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
1	forms-na1.hsforms.com
1	www.googleadservices.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	d10lpsik1i8c69.cloudfront.net	hra.liferaft.co
1	d3e54v103j8qbb.cloudfront.net	hra.liferaft.co
1	www.googleoptimize.com	hra.liferaft.co
1	hra.liferaft.co
1	e.customeriomail.com	1 redirects
0	settings.luckyorange.net Failed	d10lpsik1i8c69.cloudfront.net
69	19

This site contains links to these domains. Also see Links.

Domain
www.liferaft.co
www.linkedin.com
drive.google.com
blog.liferaft.co

Subject Issuer	Validity	Valid
hra.liferaft.co R3	`2023-04-08` - `2023-07-07`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M01	`2023-02-23` - `2023-11-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://hra.liferaft.co/webinar/ichra-lr
Frame ID: 2450214BA4258129E39EC7C85C265C85
Requests: 39 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 119657F46D3DBD51712F01EAEB2867CD
Requests: 4 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 3E9C4B5E51255F78AA50FB11BB435039
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ocmEubGlmZXJhZnQuY286NDQz&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&badge=inline&cb=fjohi0uiwwdo
Frame ID: CC8C2492D30D869E705769C7EB9EC01B
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ocmEubGlmZXJhZnQuY286NDQz&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&badge=inline&cb=fjohi0uiwwdo
Frame ID: 499B9F28000ECF7577D90A5B4C2C69C5
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 2FADECCECB5865F7F45F154D4930185A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Join Our Upcoming Webinar to Learn How One Business is Saving $150k

Page URL History Show full URLs

https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHZrUVlEQUszZkNhemZDUUdJSlNveExaYXFIbHlSRGRPa0RLZz0i... HTTP 302
https://hra.liferaft.co/webinar/ichra-lr Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

97 %
HTTPS

72 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

2862 kB
Transfer

6252 kB
Size

5
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liferaft.co/company/employers/

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/pricing/
Title: View Pricing

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/
Title: Visit liferaft.co

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/nimish-shukla-cfa-1112305/
Title: Connect on LinkedIn →

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/about/
Title: Learn more →

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1us6g-f2u4O55EYdfSbPnfoaauhwZVZzc/view?usp=sharing
Title: Download Now

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/accident/
Title: Accident

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/critical/
Title: Critical

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/hospital/
Title: Hospital

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/dental/
Title: Dental

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/vision/
Title: Vision

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/faq/
Title: Product FAQs

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/brokers/
Title: Brokers (Ind.)

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/group-brokers/
Title: Brokers (Group)

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/professional-employment-organization-peo/
Title: PEOs

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/digital-health/
Title: Digital Health Companies

Search URL Search Domain Scan URL

URL: https://blog.liferaft.co/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/licenses/
Title: Licenses

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/tos/
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/static/banking/LiferaftHSA_DepositAgreement_20211006.pdf
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.liferaft.co/company/hsa/
Title: HSA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHZrUVlEQUszZkNhemZDUUdJSlNveExaYXFIbHlSRGRPa0RLZz0iLCJocmVmIjoiaHR0cHM6Ly9ocmEubGlmZXJhZnQuY28vd2ViaW5hci9pY2hyYS1sciIsImludGVybmFsIjoiZWY5MTA2MDViYzRiYWRkZjA5IiwibGlua19pZCI6MjUwNH0/b93c3ecc4bbe07c5f2045a884cf7deedf9190b2e268556f2a2dc32f53008d652 HTTP 302
https://hra.liferaft.co/webinar/ichra-lr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&label=N2hACPymlP0DEJ7ftaEC&hn=www.googleadservices.com&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&did=dZGVlNj&gdid=dZGVlNj&auid=608945139.1684251728&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=T6RjZLjEK9nBmLAPxqeSgAo&sscte=1&crd=&pscrd=EkxDaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVVBbm5PQWx6T2JkZXZ3T1dvdlp1QVFSd2tfdzV1M2Y1TjAwQzBPS3psd0JHc1BzcWdPGlhDaEVJOE5PTW93WVF3X2FpbnNuanZ0TENBUkl0QUQ0bzhqUHk1OVg1SEdBM0VLTTBaZGR5Y3Ztb0Z4d0tleGF4eF92Sm9XbWpxNXp6dzJpX0VkT3p4bThR HTTP 302
https://www.google.com/pagead/1p-conversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&label=N2hACPymlP0DEJ7ftaEC&hn=www.googleadservices.com&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&did=dZGVlNj&gdid=dZGVlNj&auid=608945139.1684251728&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVVBbm5PQWx6T2JkZXZ3T1dvdlp1QVFSd2tfdzV1M2Y1TjAwQzBPS3psd0JHc1BzcWdPGlhDaEVJOE5PTW93WVF3X2FpbnNuanZ0TENBUkl0QUQ0bzhqUHk1OVg1SEdBM0VLTTBaZGR5Y3Ztb0Z4d0tleGF4eF92Sm9XbWpxNXp6dzJpX0VkT3p4bThR&is_vtc=1&ocp_id=T6RjZLjEK9nBmLAPxqeSgAo&random=2758705969 HTTP 302
https://www.google.de/pagead/1p-conversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&label=N2hACPymlP0DEJ7ftaEC&hn=www.googleadservices.com&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&did=dZGVlNj&gdid=dZGVlNj&auid=608945139.1684251728&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVVBbm5PQWx6T2JkZXZ3T1dvdlp1QVFSd2tfdzV1M2Y1TjAwQzBPS3psd0JHc1BzcWdPGlhDaEVJOE5PTW93WVF3X2FpbnNuanZ0TENBUkl0QUQ0bzhqUHk1OVg1SEdBM0VLTTBaZGR5Y3Ztb0Z4d0tleGF4eF92Sm9XbWpxNXp6dzJpX0VkT3p4bThR&is_vtc=1&ocp_id=T6RjZLjEK9nBmLAPxqeSgAo&random=2758705969&ipr=y

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ichra-lr Show response
hra.liferaft.co/webinar/
Redirect Chain

https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHZrUVlEQUszZkNhemZDUUdJSlNveExaYXFIbHlSRGRPa0RLZz0iLCJocmVmIjoiaHR0cHM6Ly9ocmEubGlmZXJhZnQuY28vd2ViaW5hci9pY2hyYS1sciIsImludGVybmFsIjoiZWY5MTA2...
https://hra.liferaft.co/webinar/ichra-lr

32 KB
9 KB

431ms
254ms

Document
text/html

34.253.101.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 94b2b472fc5d86eab66a228a6e3fe41e1d93337f90ca16eff3fd1cedce29fbb7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1790
content-encoding: gzip
content-length: 8934
content-type: text/html
date: Tue, 16 May 2023 15:42:07 GMT
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: HIT, HIT
x-cache-hits: 17, 1
x-cluster-name: eu-west-1-prod-edge-blue
x-served-by: cache-iad-kjyo7100070-IAD, cache-dub4338-DUB
x-timer: S1684251727.115637,VS0,VE1

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
date: Tue, 16 May 2023 15:42:06 GMT
location: https://hra.liferaft.co/webinar/ichra-lr
via: 1.1 google

GET
H2 200 broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
assets.website-files.com/63c8adf3409f03b3373da62e/css/ 227 KB
33 KB 126ms
27ms Stylesheet
text/css 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d67f8bf70db42b41652b48c0d440d9ccceabf1386bd62f22541d38461bce88d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Sye7L6kyjTV5Wx0AGLc2ErczluRF5eQx
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
date: Tue, 16 May 2023 02:38:04 GMT
age: 47044
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 32933
last-modified: Fri, 12 May 2023 19:25:03 GMT
server: AmazonS3
etag: "c244ca274651a33d78312f4d39de91b2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: nf0j5ef958XpUms1e0w3SJAbcQUmmRBRZvXB2NUzD8ePR3JZ7NapCw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
95 KB 92ms
42ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N285J0XDP0

Requested by

Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68b9061ebd9d49371edb796790152cbb76038cf812f84db1ea93928ca291d440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 May 2023 15:42:07 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 137 KB
50 KB 93ms
41ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WPGVPHM

Requested by

Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

419796381f51ff3aba76457da1a9a93f6f1d9369b3f14f791f545b7fa70a7d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 May 2023 15:42:07 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 526 KB
165 KB 104ms
46ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0f7c014bbd4dd0f3abc8235a35157a73200790718eacddb5594ba76cdea3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-encoding: br
age: 255
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3202/bundles/project-v2.js&cfRay=7c84b4538a541901-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d07db829a87954048c0d456cec9fb1e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3202/bundles/project-v2.js
date: Tue, 16 May 2023 15:42:07 GMT
x-amz-version-id: udk3EHY7yIjYPYvPRnRyxY4K1PpgELTL
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 226fbb07-0647-4b81-9858-3b5c20d0a35b
last-modified: Tue, 16 May 2023 01:56:34 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FLBVb%2FYi2IejqskHfSQlLyZIqDMPdXjavQJYDsAjIlU5A3KHzWKwSpWM0tDH81vbFEV100%2BI270xFSAmPJFo%2FXUC9IAPCDNA5LIzVJKq4OvtPWOUwupMdVHM8K8TiRe8Bo1N33yc57h7Okf"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-5btqh
cf-ray: 7c84ba905adf35fd-FRA
x-amz-cf-id: 6cFncfl4RmgFycvIuLrmK4jP23o8Q8LgbDsL32Ohuh0TDCaDVCofKg==

GET
H2 200 643da7491e1a3f9697a366ef_Updated%20Guide%20Waterfall-p-500.jpg
assets.website-files.com/63c8adf3409f03b3373da62e/ 27 KB
28 KB 27ms
26ms Image
image/jpg 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/643da7491e1a3f9697a366ef_Updated%20Guide%20Waterfall-p-500.jpg
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d8ea9e1c11e8b8ca1e5a531afea58034dfdf1da1d47f7a3080abf90fdd0a1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 23:00:47 GMT
x-amz-version-id: byh6yv7Bc2Gqz_.TxMhMfmlL1vkZ2QNL
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 1010481
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27930
last-modified: Mon, 17 Apr 2023 20:08:49 GMT
server: AmazonS3
etag: "8d0e9f45cca94ea4d852a10a2dc0b754"
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: crjufYxQzVmJ-varl1xLC0NNkG6IZLs02yDkuxX_5YFa9jgXukoPGg==

GET
H2 200 63c8adf3409f0315b33da741_liferaft_horizontallogo_pink.svg
assets.website-files.com/63c8adf3409f03b3373da62e/ 3 KB
2 KB 29ms
28ms Image
image/svg+xml 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f0315b33da741_liferaft_horizontallogo_pink.svg
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 118b311844b606d76a14593d3a254fd9c12f19700cb5aefe2422c08484ac8677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:30:30 GMT
x-amz-version-id: 41Mp7dQeE7NUEI9D229Fm_evdovktD3K
content-encoding: br
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 6505898
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 19 Jan 2023 02:41:59 GMT
server: AmazonS3
etag: W/"83471781a773d490ac1359d8ef052598"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: t078cJgMWGwnkiOIgDsCT5qc1C64De--wTBYBwQTwz7HDWWYa15JUQ==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 468ms
165ms Script
application/javascript 18.64.142.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63c8adf3409f03b3373da62e
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.142.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-142-123.mct50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://hra.liferaft.co/
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 12:18:59 GMT
content-encoding: gzip
via: 1.1 26031c09f93c38d6692be2136bd85f06.cloudfront.net (CloudFront)
age: 75543
x-amz-cf-pop: MCT50-P1
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 8PgptEIvTsWEhFGFuBgOunc3oygnwcK867UZ7r1T5ZLLmwuRVcfMKg==

GET
H2 200 broker-template-f5f6cf409bd4efa56b40444.c1f8ff3cb.js Show response
assets.website-files.com/63c8adf3409f03b3373da62e/js/ 379 KB
73 KB 34ms
33ms Script
text/javascript 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/js/broker-template-f5f6cf409bd4efa56b40444.c1f8ff3cb.js
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d12e30bf864b3aab1dd0286338b96ff6371f3636c7d784b37d07cfdbb9964b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 19:38:21 GMT
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-version-id: C4hB_TdMnlNhUSHretx84cC.xs_wjzOj
age: 72227
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 74616
last-modified: Mon, 15 May 2023 18:54:46 GMT
server: AmazonS3
etag: "477cd603814c9f56e2a5a590750eff68"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: v8c6sEsaN0WCHRm12_BCGf4Vhd75RLWXnrEL6Y8UvB1VhFG5ok4BSg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
95 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N285J0XDP0&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WPGVPHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9268ec0b85dd4b7e53aebc6d923db962ee60e320eeb25faca8239cc58ff109e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 May 2023 15:42:07 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 100ms
27ms Script
application/javascript 143.204.214.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-217.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:50:01 GMT
content-encoding: gzip
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3127
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 60-AYb1fHDws8WRQqsh0vJRPe_Yt3bhIp_UqLfLZiwJfGg4yAdPf1g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
59 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXHVT6K

Requested by

Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9075c2023ada73100e6ec14a056fb806ae66faffed00d9c3f58a828ab750de76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59786
x-xss-protection: 0
last-modified: Tue, 16 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 May 2023 15:42:07 GMT

GET
H2 200 63c8adf3409f0359e73da6c6_SharpSans-Semibold.woff2
assets.website-files.com/63c8adf3409f03b3373da62e/ 39 KB
40 KB 76ms
27ms Font
application/octet-stream 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f0359e73da6c6_SharpSans-Semibold.woff2
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de0046ba7a2970b0de198f3ad9f65fd8018d684241348725c6977c396add9241

Request headers

Referer: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 22:19:22 GMT
x-amz-version-id: 85KIVbymd.bvWErssVqFLVJJWfpKm0P6
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 5592166
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40416
last-modified: Thu, 19 Jan 2023 02:41:58 GMT
server: AmazonS3
etag: "95022d0273e879c6892aa3087e12e66d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7YzDV1leNa8ujLhqRN5BolTRUjIIfNWu3dAmWQkSCC71v7Cd9-gmbg==

GET
H2 200 63c8adf3409f0394ce3da726_Mark%20Simonson%20-%20Proxima%20Nova%20Medium.otf
assets.website-files.com/63c8adf3409f03b3373da62e/ 139 KB
140 KB 166ms
118ms Font
application/x-font-otf 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f0394ce3da726_Mark%20Simonson%20-%20Proxima%20Nova%20Medium.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 599d1db28c408992540df12dfd0c528b57c3dc9fe03e83a5e33f99b822596b24

Request headers

Referer: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 22:19:22 GMT
x-amz-version-id: iE1kemxpLi8fIvJL0JMeE4qOjl14TUxN
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 5592166
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142828
last-modified: Thu, 19 Jan 2023 02:41:59 GMT
server: AmazonS3
etag: "1e68345e459d4a8f37b29fcfbb73a3a0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 6fLZ2ZCX5sTXdpKmh7o-ecPBIXkNgQJHX1gbhKEJmzwvjSzN6buMcA==

GET
H2 200 63c8adf3409f03401b3da6ba_SharpSans-Bold.woff2
assets.website-files.com/63c8adf3409f03b3373da62e/ 41 KB
41 KB 99ms
51ms Font
application/octet-stream 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f03401b3da6ba_SharpSans-Bold.woff2
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08660e71fe0ee14afa612eadca2e193acc463e680f0d916c68107b9fd5d79f50

Request headers

Referer: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 19:05:53 GMT
x-amz-version-id: S.av9Zzu.TVTDwFshh_TfmGgXjZ7L6g2
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 1629375
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41572
last-modified: Thu, 19 Jan 2023 02:41:58 GMT
server: AmazonS3
etag: "8519c89fb4c51eb40afe2d178202086f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: dipUYarv2AIpQBbckSHyhqTfbiGWG3pRxiRUEofg9opz6Miv1-WayQ==

GET
H2 200 63c8adf3409f03d12e3da72a_Mark%20Simonson%20-%20Proxima%20Nova%20Semibold.otf
assets.website-files.com/63c8adf3409f03b3373da62e/ 139 KB
140 KB 158ms
110ms Font
application/x-font-otf 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f03d12e3da72a_Mark%20Simonson%20-%20Proxima%20Nova%20Semibold.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e30bebe19805a825e7304d162ab5dbf3b2f2e220c2f6d35e17a4b2367ef06c47

Request headers

Referer: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 20:52:19 GMT
x-amz-version-id: 6LNKc_YlpskgYbHxLg_hvlQcTcpn44AR
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 5338189
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142272
last-modified: Thu, 19 Jan 2023 02:41:59 GMT
server: AmazonS3
etag: "a8b3dfd2ec04160925453645e6ea6830"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: L3Qc8tpX2EdrSAKbS9Gy3X7obdQFxxVZjPbM0WqR3M7uEzlvuSCArQ==

GET
H2 200 63c8adf3409f03bb9c3da72b_Mark%20Simonson%20-%20Proxima%20Nova.otf
assets.website-files.com/63c8adf3409f03b3373da62e/ 139 KB
140 KB 139ms
91ms Font
application/x-font-otf 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f03bb9c3da72b_Mark%20Simonson%20-%20Proxima%20Nova.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cc46693e527678815c105d96b1c81e5719ba21fd60067fbfba89ec17238c16d

Request headers

Referer: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 15:50:15 GMT
x-amz-version-id: XKzS5upKW5k0QmdOCgR7POYK1DBmoLeM
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 6393112
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142416
last-modified: Thu, 19 Jan 2023 02:41:59 GMT
server: AmazonS3
etag: "fbb9573728984c54a8ca446e19d0972a"
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ivlbnlGGzJTgs5PGx75ATB0BrSAOwrRy8XS71ctvFGOxzSjhG5FesA==

GET
H2 200 63c8adf3409f03602a3da71d_Mark%20Simonson%20-%20Proxima%20Nova%20Bold.otf
assets.website-files.com/63c8adf3409f03b3373da62e/ 145 KB
145 KB 115ms
67ms Font
application/x-font-otf 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f03602a3da71d_Mark%20Simonson%20-%20Proxima%20Nova%20Bold.otf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbc39f5f1f1d240162706534efc1b6813576daf3b6e27b6bb2c61f036050b8ba

Request headers

Referer: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 17:06:00 GMT
x-amz-version-id: fd4WTezUVdx38Q1g8w0PiJz09c4VnM0I
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 5265368
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 148236
last-modified: Thu, 19 Jan 2023 02:41:59 GMT
server: AmazonS3
etag: "af77783bfe96ec9acc045a3cc4248846"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-otf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 9rJTw6BPihuJxpB11aQVUHvR1Wz2hsyWwtouB5fYxlYA5wY-_0lRbQ==

GET
H2 200 643dba287e3ad7915867165f_team_nimish_2.png
assets.website-files.com/63c8adf3409f03b3373da62e/ 135 KB
136 KB 34ms
34ms Image
image/png 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/643dba287e3ad7915867165f_team_nimish_2.png
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12876fc4958b0c896812e7766d892015c0e348fc8019a0dd662bb9f5806dd5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 23:00:48 GMT
x-amz-version-id: NsbwUKW42_RsSyiQ8.O9iz8I.1V7SrL2
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 1010480
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 138709
last-modified: Mon, 17 Apr 2023 21:29:14 GMT
server: AmazonS3
etag: "1227fd7995a3a749195060e2de918db1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: g9jYCX6arbC21jijzGir1gFTKhnT3xcN6pcy3FhG7E2rkqdcunrkfg==

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/8767719/1fd2f428-c8ef-4ce0-ac07-802ec52fcc1a/ 18 KB
5 KB 215ms
165ms XHR
application/json 2606:4700::6811:d3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8767719/1fd2f428-c8ef-4ce0-ac07-802ec52fcc1a/json?hs_static_app=forms-embed&hs_static_app_version=1.3202&X-HubSpot-Static-App-Info=forms-embed-1.3202

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeba85df425fd0551802d53a78b73ea75f973142c6ff960132330c5c999624e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://hra.liferaft.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 16 May 2023 15:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 986bed21-e02f-4735-b1ee-40a4942ec6d5
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9baabb51-4d2d-4404-a903-3d4017c327bf
server: cloudflare
x-trace: 2BA8F783A6A9B4892B1E6318C268444DE5881506FD000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://hra.liferaft.co
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7c84ba91ba8a2c45-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-xd5vs

GET
H2 200 645e62c7c11f15c016492365_Frame%201302-p-500.png
assets.website-files.com/63c8adf3409f03b3373da62e/ 20 KB
21 KB 431ms
430ms Image
image/png 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/645e62c7c11f15c016492365_Frame%201302-p-500.png
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 582f60c95de76a59c8fc963e6da5ed6d05c726bc8dee44395afe235e5d2c4e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:08 GMT
x-amz-version-id: TU1_Y22yZPlvXQJiRy9fUv3UzTATezqr
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 16:01:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "87f6e4da81bfbf158d75752db6eef286"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 20706
x-amz-cf-id: wIiqaDiezOXQn53dBjv4BSZV5ury6IeqG8W4zHxlDkrHfwNRArrA6Q==

GET
H2 200 63fe5236ae944c19b3009f64_down_arrow_2.svg
assets.website-files.com/63c8adf3409f03b3373da62e/ 212 B
671 B 24ms
23ms Image
image/svg+xml 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63fe5236ae944c19b3009f64_down_arrow_2.svg
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a86b225c59641f64d3dfe2ee8d3bc7be9c8de9f4d364d6487ec9efff03c62b3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 22:19:21 GMT
x-amz-version-id: abppQ6bc8WQ0WWVDtM1wvxJwGCTDZPAE
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 5592167
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 212
last-modified: Tue, 28 Feb 2023 19:12:55 GMT
server: AmazonS3
etag: "7bec1b715a3bfdd055609126c1aa6bce"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 8bsDJGA9tsSChM8E-CAPazP6u8v408KYX1CJZX9rqkSJqDQRCSYHcg==

GET
H2 200 643db6298472a43c34df1841_Full_Lockup-Green%20Black-p-500.png
assets.website-files.com/63c8adf3409f03b3373da62e/ 9 KB
10 KB 25ms
24ms Image
image/png 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/643db6298472a43c34df1841_Full_Lockup-Green%20Black-p-500.png
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abc8aa6cae34d567cb7ee1c0f04a6061d3cdebac092a2776e4602c76797d4880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 23:00:51 GMT
x-amz-version-id: xX92zxRjrNH4zm0g2UpgPvnRE9xn7tNJ
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 1010477
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9513
last-modified: Mon, 17 Apr 2023 21:12:12 GMT
server: AmazonS3
etag: "fa865eb0d6deeef514bf73fe356c412c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: bgeagE4kwaS8bovilI2QplJtkFExtU4joS1LEie2NQmnxvJijhwY8g==

GET
H2 200 643db656830a0db47665ecd5_Oceans_FullLogo_Black-p-500.png
assets.website-files.com/63c8adf3409f03b3373da62e/ 12 KB
12 KB 24ms
24ms Image
image/png 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/643db656830a0db47665ecd5_Oceans_FullLogo_Black-p-500.png
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5de0dfc5ff2278230e997adc44e5852fb94ef8bc12e5cda855d982a2c01c1f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 23:00:51 GMT
x-amz-version-id: iiyX6B0u9gBL59FFl8D19ezMMF52bozg
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 1010477
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12225
last-modified: Mon, 17 Apr 2023 21:13:03 GMT
server: AmazonS3
etag: "1ab8285f687f6ab830f3d59c5d4607cc"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Yleytre-65gTmzXhr7Px2pdz4sz2rw4Lljyfhb0pJ5ajnz_dsjZ-FA==

GET
H2 200 643db582cdba5126dea2614a_xyz-p-500.png
assets.website-files.com/63c8adf3409f03b3373da62e/ 9 KB
9 KB 27ms
26ms Image
image/png 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/643db582cdba5126dea2614a_xyz-p-500.png
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c39dd216396bb2f53d09c599f3c1ab7b8d8cfc1391bf8075c76a2a45f9fcca97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 23:00:51 GMT
x-amz-version-id: YIcgNb7TurwXl2H3RS_HYh.ejiGW4Hvb
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 1010477
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9037
last-modified: Mon, 17 Apr 2023 21:09:24 GMT
server: AmazonS3
etag: "b0298ed8025e859c45ea98f533103336"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ITBUxgA8PjWs4pzl43yAG4zEw-OB23qQBZD80gYrE6LKMTeML3lR1g==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/606957470/ 3 KB
2 KB 132ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/606957470/?random=1684251727612&cv=11&fst=1684251727612&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&hn=www.googleadservices.com&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&did=dZGVlNj&gdid=dZGVlNj&auid=608945139.1684251728&uamb=0&uaw=0&data=event%3Dgtag.config%3Boptimize_id%3DOPT-WPGVPHM&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N285J0XDP0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eede01ec08ef334bbf2a0ce20978536e57ae711b8fd1ca67df98bd2df259176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 15:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 83ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N285J0XDP0&gtm=45je35a0&_p=1816484410&gdid=dZGVlNj&cid=1429301310.1684251728&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684251727&sct=1&seg=0&dl=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&dt=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-WPGVPHM
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N285J0XDP0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 15:42:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hra.liferaft.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/606957470/ 3 KB
2 KB 95ms
36ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/606957470/?random=1684251727640&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&label=N2hACPymlP0DEJ7ftaEC&hn=www.googleadservices.com&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&did=dZGVlNj&gdid=dZGVlNj&auid=608945139.1684251728&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N285J0XDP0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

3b9f33724dec57ada3622ba986dbf3f08cd27a57769ebecb901c2dfcaa4c45a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 15:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1594
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/8767719/67a2e850-93fb-46ab-b850-76134060090c/ 10 KB
3 KB 167ms
167ms XHR
application/json 2606:4700::6811:d3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8767719/67a2e850-93fb-46ab-b850-76134060090c/json?hs_static_app=forms-embed&hs_static_app_version=1.3202&X-HubSpot-Static-App-Info=forms-embed-1.3202

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a7bf5ae032aa271c0b133d3fe65500fc7f6b9be2dcb4e634c086267e1bee9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://hra.liferaft.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 16 May 2023 15:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 8fcd508d-9963-4462-82d3-fe4e730be766
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4046c45c-8146-416c-bb12-1b1cdf6890c6
server: cloudflare
x-trace: 2B64BDCA4DB72747D44AE0673AD950139A811B50DF000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://hra.liferaft.co
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7c84ba91daa12c45-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-ftx6m

GET
H2 200 643dbc4adeeaf25ab6ce7980_pink-logo-bg.png
assets.website-files.com/63c8adf3409f03b3373da62e/ 2 KB
3 KB 23ms
23ms Image
image/png 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/643dbc4adeeaf25ab6ce7980_pink-logo-bg.png
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a6ce5ea756ecb31f9b2745d4aa90baeb7b6e9c151cdfed4c3b6c53edc10c943

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/63c8adf3409f03b3373da62e/css/broker-template-f5f6cf409bd4efa56b40444.68e02ec3f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 23:00:54 GMT
x-amz-version-id: myvQVLKTKxzhzq2u77KekOxIcEVJI6Ml
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 1010473
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2183
last-modified: Mon, 17 Apr 2023 21:38:20 GMT
server: AmazonS3
etag: "63e77efde02beedc7711e1e4760936d7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: DCBO6V5hHl986TcKRLMPIYiNqQoAJzePDHXeBMbxDBsETm4oWQuEgA==

GET
H2 200 63c8adf3409f0358c63da71a_soc2.png
assets.website-files.com/63c8adf3409f03b3373da62e/ 33 KB
33 KB 24ms
23ms Image
image/png 2600:9000:223f:4600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/63c8adf3409f03b3373da62e/63c8adf3409f0358c63da71a_soc2.png
Requested by: Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aaebd39e4fa4fa30809af15e04daac0985035a8ee7864f3921d63517cf84d551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 17:05:26 GMT
x-amz-version-id: AHS9gHUG56okU7bg93oYNHSCq2yL5jcw
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
age: 5265402
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33592
last-modified: Thu, 19 Jan 2023 02:41:59 GMT
server: AmazonS3
etag: "66933e610a8fce7fdb0e0c5a51be0194"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 74pfC9on9E5As34sTCYwuRBL2bYGCxR7VXxpc2Osm4ehgZVnLoivhQ==

GET /
settings.luckyorange.net/ 0
0

GET
H2

200

/
www.google.de/pagead/1p-conversion/606957470/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.l...
https://www.google.com/pagead/1p-conversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%...
https://www.google.de/pagead/1p-conversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2...

42 B
108 B

37ms
36ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&label=N2hACPymlP0DEJ7ftaEC&hn=www.googleadservices.com&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&did=dZGVlNj&gdid=dZGVlNj&auid=608945139.1684251728&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVVBbm5PQWx6T2JkZXZ3T1dvdlp1QVFSd2tfdzV1M2Y1TjAwQzBPS3psd0JHc1BzcWdPGlhDaEVJOE5PTW93WVF3X2FpbnNuanZ0TENBUkl0QUQ0bzhqUHk1OVg1SEdBM0VLTTBaZGR5Y3Ztb0Z4d0tleGF4eF92Sm9XbWpxNXp6dzJpX0VkT3p4bThR&is_vtc=1&ocp_id=T6RjZLjEK9nBmLAPxqeSgAo&random=2758705969&ipr=y

Requested by

Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 15:42:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 15:42:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/606957470/?random=545442342&cv=11&fst=1684251727640&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&label=N2hACPymlP0DEJ7ftaEC&hn=www.googleadservices.com&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&did=dZGVlNj&gdid=dZGVlNj&auid=608945139.1684251728&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE5PTW93WVFoclNaaEtpTzlic3NFaVVBbm5PQWx6T2JkZXZ3T1dvdlp1QVFSd2tfdzV1M2Y1TjAwQzBPS3psd0JHc1BzcWdPGlhDaEVJOE5PTW93WVF3X2FpbnNuanZ0TENBUkl0QUQ0bzhqUHk1OVg1SEdBM0VLTTBaZGR5Y3Ztb0Z4d0tleGF4eF92Sm9XbWpxNXp6dzJpX0VkT3p4bThR&is_vtc=1&ocp_id=T6RjZLjEK9nBmLAPxqeSgAo&random=2758705969&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/606957470/ 42 B
108 B 93ms
38ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/606957470/?random=1684251727612&cv=11&fst=1684249200000&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&data=event%3Dgtag.config%3Boptimize_id%3DOPT-WPGVPHM&fmt=3&is_vtc=1&random=551664194&rmt_tld=0&ipr=y

Requested by

Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 15:42:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/606957470/ 42 B
455 B 90ms
35ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/606957470/?random=1684251727612&cv=11&fst=1684249200000&bg=ffffff&guid=ON&async=1&gtm=45je35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&frm=0&tiba=Join%20Our%20Upcoming%20Webinar%20to%20Learn%20How%20One%20Business%20is%20Saving%20%24150k&data=event%3Dgtag.config%3Boptimize_id%3DOPT-WPGVPHM&fmt=3&is_vtc=1&random=551664194&rmt_tld=1&ipr=y

Requested by

Host: hra.liferaft.co
URL: https://hra.liferaft.co/webinar/ichra-lr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 15:42:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame 1196 526 KB
164 KB 54ms
53ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0f7c014bbd4dd0f3abc8235a35157a73200790718eacddb5594ba76cdea3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-encoding: br
age: 256
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3202/bundles/project-v2.js&cfRay=7c84b4538a541901-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d07db829a87954048c0d456cec9fb1e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3202/bundles/project-v2.js
date: Tue, 16 May 2023 15:42:08 GMT
x-amz-version-id: udk3EHY7yIjYPYvPRnRyxY4K1PpgELTL
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 226fbb07-0647-4b81-9858-3b5c20d0a35b
last-modified: Tue, 16 May 2023 01:56:34 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JXDa%2B72CYtkAbLoN%2FVcDgiMrK1ayRDxumlc32g3FEOMPubNseBA3FMHkWgvhqP0GHKTa%2FKgUEXNwRXSEgA5gJC%2FdMJ5ZvM1w9Eq4aY5Ytsm0dc3DngiKuyfAsNlbeFYq8oPD1%2BCJhD%2BCc%2FK"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-5btqh
cf-ray: 7c84ba94490835fd-FRA
x-amz-cf-id: 6cFncfl4RmgFycvIuLrmK4jP23o8Q8LgbDsL32Ohuh0TDCaDVCofKg==

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ Frame 3E9C 526 KB
164 KB 45ms
45ms Script
application/javascript 2606:4700::6810:ba41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ba41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0f7c014bbd4dd0f3abc8235a35157a73200790718eacddb5594ba76cdea3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-encoding: br
age: 256
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3202/bundles/project-v2.js&cfRay=7c84b4538a541901-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d07db829a87954048c0d456cec9fb1e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3202/bundles/project-v2.js
date: Tue, 16 May 2023 15:42:08 GMT
x-amz-version-id: udk3EHY7yIjYPYvPRnRyxY4K1PpgELTL
via: 1.1 cf7e8b3887a490b60a55be14eb004b54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 226fbb07-0647-4b81-9858-3b5c20d0a35b
last-modified: Tue, 16 May 2023 01:56:34 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoQGvlOjkBE%2F1dHjUtyKpChabE20%2FAKm3%2FwV6ChKji3797S8%2BNGYbFKN%2FzAj4epBnrXiRlO3OzdE8%2BvP9QdPWLFTAL16M2KL2%2B5ll3Qej7gnsPFPLy2Kjl9NFc9vP96zJ9eh3mHgguTQcfpZ"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-5btqh
cf-ray: 7c84ba94591735fd-FRA
x-amz-cf-id: 6cFncfl4RmgFycvIuLrmK4jP23o8Q8LgbDsL32Ohuh0TDCaDVCofKg==

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
645 B 172ms
146ms Image
image/gif 2606:4700::6811:d3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: b9a0bc35-f719-4728-9069-45a4d846b936
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7a22a7fd-610f-42d4-8159-f3d45e081016
server: cloudflare
x-trace: 2B3092EA7D217A3D85D6B9F419583BB3A55033D757000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-tlszw
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7c84ba952e2091ef-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 3E9C 1 KB
495 B 88ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 15:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 14:29:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 15:42:08 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
831 B 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_26203631_0950_47a5_b007_e03e5c7379b0&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fd0bf8a3ad8319a289a1997c36868a528542835477308b60d3735c33ed7b756

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 639
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2023 15:42:08 GMT

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
688 B 193ms
143ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hra.liferaft.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: b85bb1d9-f978-4ba9-a548-160444c2f077
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 19d7549c-78e3-4645-ac2b-8f8dabae8a2a
server: cloudflare
x-trace: 2B4648B22D9A59C3FB80CA17049AEAE287E3322D06000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-9sl45
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7c84ba959aee3604-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 1196 1 KB
831 B 58ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 15:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 14:43:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 15:42:08 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ 408 KB
163 KB 80ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_26203631_0950_47a5_b007_e03e5c7379b0&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hra.liferaft.co/
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166792
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 14:48:17 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 1196 23 KB
24 KB 75ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 315324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 00:06:44 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 1196 23 KB
23 KB 91ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 11:05:17 GMT
x-content-type-options: nosniff
age: 275811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 11:05:17 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3E9C 23 KB
23 KB 102ms
51ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 315324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 00:06:44 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3E9C 23 KB
23 KB 111ms
61ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hra.liferaft.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 11:05:17 GMT
x-content-type-options: nosniff
age: 275811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 11:05:17 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame CC8C 51 KB
28 KB 48ms
47ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ocmEubGlmZXJhZnQuY286NDQz&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&badge=inline&cb=fjohi0uiwwdo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a12642cb766dd427e4e853644a78de7cbebc5286a28fb1f7997d1ca311f511c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cjHpNRwhMgrpv_byUWiyhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hra.liferaft.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28249
content-security-policy: script-src 'report-sample' 'nonce-cjHpNRwhMgrpv_byUWiyhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 15:42:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 499B 51 KB
28 KB 54ms
53ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1910fe3bfa4c6aa03ae91fe6a865018d1dbeb2b503eb400a2bee4159b0a46ef9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_I6iN7JDky9bHd4ysRYT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28277
content-security-policy: script-src 'report-sample' 'nonce-_I6iN7JDky9bHd4ysRYT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 15:42:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame CC8C 55 KB
24 KB 70ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ocmEubGlmZXJhZnQuY286NDQz&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&badge=inline&cb=fjohi0uiwwdo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 14:48:18 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame CC8C 408 KB
163 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166792
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 14:48:17 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 499B 55 KB
24 KB 74ms
33ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 14:48:18 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 499B 408 KB
163 KB 89ms
48ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166792
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 14:48:17 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 499B 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:52:14 GMT
x-content-type-options: nosniff
age: 229794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 23:52:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 499B 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 235085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:24:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 499B 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 234037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:41:31 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 499B 102 B
133 B 35ms
34ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a829b0f3b44df96f46b9162da8116c6f4fe878febdaab9f92916251951b00d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ocmEubGlmZXJhZnQuY286NDQz&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&badge=inline&cb=fjohi0uiwwdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2023 15:42:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame CC8C 102 B
133 B 31ms
31ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a829b0f3b44df96f46b9162da8116c6f4fe878febdaab9f92916251951b00d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9ocmEubGlmZXJhZnQuY286NDQz&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&badge=inline&cb=fjohi0uiwwdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2023 15:42:08 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 2FAD 7 KB
1 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

082b9cbcd68df4cd0719582f96582bf8cc28a900eccf7fdb200eb2f4f151ae27

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0QSQ-HzGqLllqWsc8bVm4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hra.liferaft.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1161
content-security-policy: script-src 'report-sample' 'nonce-0QSQ-HzGqLllqWsc8bVm4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 15:42:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 2FAD 55 KB
24 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 14:48:18 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 2FAD 408 KB
163 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166792
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 14:48:17 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 2FAD 40 KB
24 KB 66ms
65ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52b719e229cf6c75aaca2e26bfe799c4f663e59ee4bf8d92739b7d804d861a93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 16 May 2023 15:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24323
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2023 15:42:08 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2FAD 600 B
624 B 23ms
23ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:09:35 GMT
x-content-type-options: nosniff
age: 232354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 23:09:35 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2FAD 530 B
554 B 27ms
26ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:21:51 GMT
x-content-type-options: nosniff
age: 260418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 15:21:51 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2FAD 665 B
689 B 28ms
27ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:02:00 GMT
x-content-type-options: nosniff
age: 261609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 15:02:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FAD 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 235086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:24:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FAD 15 KB
15 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:03:22 GMT
x-content-type-options: nosniff
age: 243527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 20:03:22 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FAD 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 234038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:41:31 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 2FAD 30 KB
30 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AL8dmw9jyDdKrp2r3ShZdm7hDK45qqo0Rfn6ZeQAvsoMLIuX-OaDAaOv8BByRz3CDcGBlYltUqsTcGvhDUrQ1fEf2VI6pLzRzQ2LxOwqqtBts6ORc8oXHRSyivhEILWVWe4qFWApS-X6Y9aVTHGl6Ajcj0CcsaER2ESGz7lrUhNZLifpbyrTjsb8gmR6GYN15mvAyhqVCk6CJwK2sjjohTIhO2DOWTLZxA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90b3687758d2790c56e0db6b7be965d25db44c57b93878bcc92e5155d0ef5c94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 15:42:09 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31137
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2023 15:42:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: settings.luckyorange.net
URL: https://settings.luckyorange.net/?u=https%3A%2F%2Fhra.liferaft.co%2Fwebinar%2Fichra-lr&s=329126

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 16:10:03	Name: _GRECAPTCHA Value: 09AArpWtkPmkAzeHePSy2d8NOy6-e8qZKJLCmOTCBzea-Fg2DHVUjDvceF62wfiMLmhfehj96NwKgDGDIRU0CHTLA
.liferaft.co/	1970-01-20 14:00:27	Name: _gcl_au Value: 1.1.608945139.1684251728
.liferaft.co/	1970-01-20 21:26:51	Name: _ga_N285J0XDP0 Value: GS1.1.1684251727.1.0.1684251727.0.0.0
.liferaft.co/	1970-01-20 21:26:51	Name: _ga Value: GA1.1.1429301310.1684251728
.doubleclick.net/	1970-01-20 11:50:52	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.website-files.com
d10lpsik1i8c69.cloudfront.net
d3e54v103j8qbb.cloudfront.net
e.customeriomail.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
googleads.g.doubleclick.net
hra.liferaft.co
js.hsforms.net
region1.google-analytics.com
settings.luckyorange.net
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
settings.luckyorange.net
143.204.214.217
172.217.18.2
18.64.142.123
2001:4860:4802:32::36
2600:9000:223f:4600:11:3b84:d200:93a1
2606:4700::6810:ba41
2606:4700::6811:d3f3
2606:4700::6811:d4f3
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
34.253.101.190
35.227.225.220
082b9cbcd68df4cd0719582f96582bf8cc28a900eccf7fdb200eb2f4f151ae27
08660e71fe0ee14afa612eadca2e193acc463e680f0d916c68107b9fd5d79f50
118b311844b606d76a14593d3a254fd9c12f19700cb5aefe2422c08484ac8677
12876fc4958b0c896812e7766d892015c0e348fc8019a0dd662bb9f5806dd5ba
1910fe3bfa4c6aa03ae91fe6a865018d1dbeb2b503eb400a2bee4159b0a46ef9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d67f8bf70db42b41652b48c0d440d9ccceabf1386bd62f22541d38461bce88d
353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3a829b0f3b44df96f46b9162da8116c6f4fe878febdaab9f92916251951b00d6
3b0f7c014bbd4dd0f3abc8235a35157a73200790718eacddb5594ba76cdea3db
3b9f33724dec57ada3622ba986dbf3f08cd27a57769ebecb901c2dfcaa4c45a6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
419796381f51ff3aba76457da1a9a93f6f1d9369b3f14f791f545b7fa70a7d8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4eede01ec08ef334bbf2a0ce20978536e57ae711b8fd1ca67df98bd2df259176
4fd0bf8a3ad8319a289a1997c36868a528542835477308b60d3735c33ed7b756
52b719e229cf6c75aaca2e26bfe799c4f663e59ee4bf8d92739b7d804d861a93
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
582f60c95de76a59c8fc963e6da5ed6d05c726bc8dee44395afe235e5d2c4e54
599d1db28c408992540df12dfd0c528b57c3dc9fe03e83a5e33f99b822596b24
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cc46693e527678815c105d96b1c81e5719ba21fd60067fbfba89ec17238c16d
5de0dfc5ff2278230e997adc44e5852fb94ef8bc12e5cda855d982a2c01c1f1e
68b9061ebd9d49371edb796790152cbb76038cf812f84db1ea93928ca291d440
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a6ce5ea756ecb31f9b2745d4aa90baeb7b6e9c151cdfed4c3b6c53edc10c943
8d8ea9e1c11e8b8ca1e5a531afea58034dfdf1da1d47f7a3080abf90fdd0a1ff
9075c2023ada73100e6ec14a056fb806ae66faffed00d9c3f58a828ab750de76
90b3687758d2790c56e0db6b7be965d25db44c57b93878bcc92e5155d0ef5c94
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94b2b472fc5d86eab66a228a6e3fe41e1d93337f90ca16eff3fd1cedce29fbb7
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9d12e30bf864b3aab1dd0286338b96ff6371f3636c7d784b37d07cfdbb9964b8
a12642cb766dd427e4e853644a78de7cbebc5286a28fb1f7997d1ca311f511c3
a86b225c59641f64d3dfe2ee8d3bc7be9c8de9f4d364d6487ec9efff03c62b3e
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
aaebd39e4fa4fa30809af15e04daac0985035a8ee7864f3921d63517cf84d551
abc8aa6cae34d567cb7ee1c0f04a6061d3cdebac092a2776e4602c76797d4880
c39dd216396bb2f53d09c599f3c1ab7b8d8cfc1391bf8075c76a2a45f9fcca97
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9268ec0b85dd4b7e53aebc6d923db962ee60e320eeb25faca8239cc58ff109e
cbc39f5f1f1d240162706534efc1b6813576daf3b6e27b6bb2c61f036050b8ba
dbeba85df425fd0551802d53a78b73ea75f973142c6ff960132330c5c999624e
de0046ba7a2970b0de198f3ad9f65fd8018d684241348725c6977c396add9241
e1a7bf5ae032aa271c0b133d3fe65500fc7f6b9be2dcb4e634c086267e1bee9a
e30bebe19805a825e7304d162ab5dbf3b2f2e220c2f6d35e17a4b2367ef06c47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

hra.liferaft.co Open in urlscan Pro 34.253.101.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

97 %HTTPS

72 %IPv6

16 Domains

19 Subdomains

18 IPs

3 Countries

2862 kBTransfer

6252 kBSize

5 Cookies

24 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hra.liferaft.co Open in urlscan Pro
34.253.101.190 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

97 %
HTTPS

72 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

2862 kB
Transfer

6252 kB
Size

5
Cookies

69 HTTP transactions
0 data transactions