urlscan.io logo urlscan.io
SecurityTrails logo

share-eu1.hsforms.com Open in urlscan Pro
172.65.198.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
Effective URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Submission: On May 27 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 18 HTTP transactions. The main IP is 172.65.198.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is share-eu1.hsforms.com. The Cisco Umbrella rank of the primary domain is 507212.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.
This is the only time share-eu1.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.180.174.73 10692 (DLS-LITH)
2 108.138.2.163 16509 (AMAZON-02)
1 1 95.101.23.74 20940 (AKAMAI-ASN1)
1 1 172.67.142.34 13335 (CLOUDFLAR...)
2 172.65.198.19 13335 (CLOUDFLAR...)
1 104.17.175.91 13335 (CLOUDFLAR...)
1 172.65.255.172 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
2 172.65.192.122 13335 (CLOUDFLAR...)
4 172.65.232.43 13335 (CLOUDFLAR...)
3 172.65.240.166 ()
18 10
1    216.180.174.73 (Northbrook, United States)

ASN10692 (DLS-LITH, US)
PTR: mecor.net
enewsletter.paradigmproductions.com
2    108.138.2.163 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-163.fra56.r.cloudfront.net
d2dz026t3wiz78.cloudfront.net
1    95.101.23.74 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-74.deploy.static.akamaitechnologies.com
www.bing.com
1    172.67.142.34 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wbrandplus.shop
2    172.65.198.19 (United States)

ASN13335 (CLOUDFLARENET, US)
share-eu1.hsforms.com
1    104.17.175.91 (None, )

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsforms.net
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
2    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
forms-eu1.hscollectedforms.net
4    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
3    172.65.240.166 (None, )

ASN- ()
track-eu1.hubspot.com
Apex Domain
Subdomains		 Transfer
6 hsforms.com
share-eu1.hsforms.com — Cisco Umbrella Rank: 507212
forms-eu1.hsforms.com — Cisco Umbrella Rank: 28484
18 KB
3 hubspot.com
track-eu1.hubspot.com
3 KB
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 26734
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 27597
25 KB
2 cloudfront.net
d2dz026t3wiz78.cloudfront.net
1 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 15561
24 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 15423
26 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14485
1 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 51913
153 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5709
3 KB
1 wbrandplus.shop
www.wbrandplus.shop
481 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 52
427 B
1 paradigmproductions.com
enewsletter.paradigmproductions.com
501 B
18 12
Domain Requested by
4 forms-eu1.hsforms.com js-eu1.hsforms.net
share-eu1.hsforms.com
3 track-eu1.hubspot.com
2 share-eu1.hsforms.com
2 d2dz026t3wiz78.cloudfront.net
1 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hs-scripts.com share-eu1.hsforms.com
1 js-eu1.hsforms.net share-eu1.hsforms.com
1 static.hsappstatic.net share-eu1.hsforms.com
1 www.wbrandplus.shop 1 redirects
1 www.bing.com 1 redirects
1 enewsletter.paradigmproductions.com 1 redirects
18 14

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
hsforms.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
hsappstatic.net
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
hsforms.net
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
hscollectedforms.net
E1		 2024-05-27 -
2024-08-25		 3 months crt.sh
hubspot.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Frame ID: 7DFC9D761ECF8E1D2F47E50E03CE8800
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Form

Page URL History Show full URLs

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
    http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
    https://d2dz026t3wiz78.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLT... HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0 Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

10
IPs

3
Countries

254 kB
Transfer

720 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
    http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
    https://d2dz026t3wiz78.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa5664c&psq=site%3awbrandplus.shop&u=a1aHR0cHM6Ly93d3cud2JyYW5kcGx1cy5zaG9wL2ZyZWl6ZWl0LXNwb3J0LXJlaXNlbi1jLTMzOTQuaHRt HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
  • http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
  • https://d2dz026t3wiz78.cloudfront.net/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
d2dz026t3wiz78.cloudfront.net/
Redirect Chain
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
  • http://d2dz026t3wiz78.cloudfront.net/
  • https://d2dz026t3wiz78.cloudfront.net/
514 B
883 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d2dz026t3wiz78.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-163.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
514
content-type
text/html
date
Mon, 27 May 2024 13:22:27 GMT
etag
"abc916b4384787333035531b1efef58c"
last-modified
Fri, 17 May 2024 05:53:30 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id
fA7eiDylXR64GgoI1-CYbNzYTVcGxbUHl7WNeQUqGGdQUtCVIpKlHQ==
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront

Redirect headers

Location
https://d2dz026t3wiz78.cloudfront.net/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
share-eu1.hsforms.com/
Redirect Chain
  • https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa...
  • https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm
  • https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31991337caa72127a95526ff2c3b640aeccbb5ecfe67c91c400f2d3ab1dcaf2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://d2dz026t3wiz78.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
false
Age
610
CF-Cache-Status
DYNAMIC
CF-RAY
88a650620b820e6d-MXP
Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Mon, 27 May 2024 13:22:28 GMT
Last-Modified
Mon, 27 May 2024 08:08:34 UTC
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
origin
Via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
TtYWrg57YmOeT5UEo2LG52Ijul0-xzM4NJgw9rEe3Sf1858EcUm5ww==
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-HS-Cache-Status
HIT
X-HS-Target-Asset
forms-submission-pages/static-1.4455/html/share.html
alt-svc
h3=":443"; ma=86400
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
F4LWnBkNLYLz5.P1nhj1etQYzSPJ378q
x-envoy-upstream-service-time
1
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
9fa98691-cc68-4aea-bc82-f0ca22256428
x-request-id
9fa98691-cc68-4aea-bc82-f0ca22256428

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
88a6505fddb639c5-YYZ
content-length
167
content-type
text/html
date
Mon, 27 May 2024 13:22:28 GMT
expires
Mon, 27 May 2024 14:22:28 GMT
location
https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4BJNN4xsZbLPw4mflEpPzq6NbQ0DUV5XR%2FJTeke%2FmZzwFHh93PDZNsUR94N8VsOmA03d5S5eRu7czhlvCTEdv%2Bq1Rmjq49pw1yhLartqRxqLVHOIK7N2efRvGm5XP8a48HOF4xnU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
d2dz026t3wiz78.cloudfront.net/ 		243 B
482 B 		Other
General
Check archive.org
Download Go to
Full URL
https://d2dz026t3wiz78.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-163.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://d2dz026t3wiz78.cloudfront.net/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:27 GMT
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
7IuCiiA3CukYusRnJawXRvl6ZOr69oymnQyFtN89F8TcEYd5n1AU9g==
x-cache
Error from cloudfront
content-type
application/xml
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.4455/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.4455/bundles/share-legacy.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.175.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a6ce2b29b82da182d8a79d5b23b747f9ee3b574507ab81e6c133a458051df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:29 GMT
x-amz-version-id
RSazgVogw4oSxAnOY35o.cHTjYG3zh2B
content-encoding
gzip
cf-cache-status
HIT
via
1.1 dcfd78c05ae02ba7df7f221cacf87f22.cloudfront.net (CloudFront)
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MXP63-P3
age
18753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 24 May 2024 19:27:05 GMT
server
cloudflare
etag
W/"00c9249f598542ac83953f13cdd41a21"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USkC%2FUx06kCIBDL%2F3Zc%2Bcpc%2FWZHHjzL39HbL%2F0aWvaxwWWYHNu%2FxQPKOwDIWFk1Z24D7DoGWhir9BV7S9R%2BfYZ8n%2BXzTXkWo%2BL%2FFo4Eylg6zeOiWkrn3ygO55VMUQ0PwdXrcD8qPYuk%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
88a650666e50ba8b-MXP
x-amz-cf-id
E6BIoFHrKBtcyTCnK-LhtLWEqoVshJm_MXxntPQyaFdLC0bZD0Gn3w==
expires
Tue, 27 May 2025 13:22:29 GMT
v3.js
js-eu1.hsforms.net/forms/embed/ 		472 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsforms.net/forms/embed/v3.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
age
528
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5182/bundles/project-v3.js&cfRay=88a6437fb4e40e5e-MXP
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"dff4ba3711b02da1824149f5b571bb4e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5182/bundles/project-v3.js
date
Mon, 27 May 2024 13:22:29 GMT
x-amz-version-id
xsG5fY3E.Nt_nX1yzNbxZM2eFSp9.4SB
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 337ce1d1833905a0473cbaec913a354c.cloudfront.net (CloudFront)
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
978ffbce-fdc5-4a2a-84b3-603767261609
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
978ffbce-fdc5-4a2a-84b3-603767261609
last-modified
Fri, 03 May 2024 16:00:07 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eaUaEaeOCJNqFMnncveqi67%2F8nIzoJ3IWy7%2ByKBSK8k%2BzRSADcvtnxgCTt1yE67C3%2B6egSYgMd883f7KLUeWUtnBGDwRtoy1ely8Yl8stS%2FlOVHBv0AAlJtDjbTAg6vjGv%2FaXw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
cf-ray
88a650650f9d0e8f-MXP
x-amz-cf-id
8sNm8KZemDRH3gPU0bw-c-x8vBWaHIPYhcqnOpFhKK6Nw7v-_csagw==
144723960.js
js-eu1.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/144723960.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796b26ecbea55911bf325252cacfbeb973dd8f8379fb85a2335443c3fcf1273f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5aba07c1-6bc9-475a-9613-0ac1841c5434
x-envoy-upstream-service-time
63
content-length
609
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5aba07c1-6bc9-475a-9613-0ac1841c5434
last-modified
Mon, 27 May 2024 13:22:29 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-68d6f869c4-wsckk
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
88a65064bb1683a6-MXP
banner.js
js-eu1.hs-banner.com/v2/144723960/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/v2/144723960/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144723960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e29137698517ce6d584de2b15f97e8243c4c24439b2854ab204793300d07a0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:29 GMT
x-amz-version-id
FgR3LKUS9734Z9jIVHQNNyCCWKIb0uMs
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
WXTV1C1D2CAZ2MM4
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
764dd868-f4ce-4533-8787-4b58b9ebcef1
x-envoy-upstream-service-time
87
x-amz-id-2
VGNzqjntLQlbcZAXeMG6ReI4oVrBqmJ+uJ/MKhnKqZ0fxp/gZ14RGzAipyZc2uJcMtDN8jZCoIY=
x-evy-trace-listener
listener_https
x-request-id
764dd868-f4ce-4533-8787-4b58b9ebcef1
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 21 May 2024 10:25:21 GMT
server
cloudflare
etag
W/"5b82c285bba965ba09d823e23f446739"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
88a650674c990e57-MXP
expires
Mon, 27 May 2024 13:27:29 GMT
144723960.js
js-eu1.hs-analytics.net/analytics/1716816000000/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1716816000000/144723960.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144723960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f06f0fc792a7126154d5695e6688bbe4b15c6ac2f61b7344162ce31c3367eb4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:29 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
WXTQBJKHA88CK01R
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
e44c2236-c94c-4712-a725-991cd47012da
x-envoy-upstream-service-time
49
x-amz-id-2
jhQIUzqHq0pHC0/sQnezV6c+0l8qhrNSqAXiNaAStADreEnwAAgJU4JObjOzoZmo7vCfL36WfLw=
x-evy-trace-listener
listener_https
x-request-id
e44c2236-c94c-4712-a725-991cd47012da
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 24 May 2024 17:17:27 GMT
server
cloudflare
etag
W/"f4320e7bb92c784bba47ffd93ea2a9fb"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-tzlhx
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
88a65067191b522c-MXP
expires
Mon, 27 May 2024 13:27:29 GMT
collectedforms.js
js-eu1.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144723960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
age
299
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=88a6491b5bc50e06-MXP
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
date
Mon, 27 May 2024 13:22:29 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
d0c25ec6-3ed8-443f-9bdd-594f44f231ff
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-evy-trace-route-configuration
listener_https/all
x-request-id
d0c25ec6-3ed8-443f-9bdd-594f44f231ff
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
cf-ray
88a650673f720e9f-MXP
x-amz-cf-id
8KQv_F-M0VGOZgBbfM_QEeg_hnJV2_R7Fu-2PRbMYmz02i4JgD3RLQ==
json
forms-eu1.hsforms.com/embed/v3/form/144723960/004736fa-04b8-4eec-90c8-088c41f07943/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/144723960/004736fa-04b8-4eec-90c8-088c41f07943/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182
Requested by
Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/embed/v3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfed65f25805d62238a24d3e10ee8825411147e41f134dec0d47ea033173e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Origin-Hublet
eu1
Date
Mon, 27 May 2024 13:22:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
3b274240-0b16-4fbb-8fd8-4a7c76359db2
Transfer-Encoding
chunked
x-envoy-upstream-service-time
27
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3b274240-0b16-4fbb-8fd8-4a7c76359db2
Server
cloudflare
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
88a650681af44c62-MXP
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-mxfm6
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 		135 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=144723960&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a923b7f00478f03c9afb97cd29a80961dced7d0460b4f043807b8734abea855e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
15606957-d7ed-478b-b497-76d5ff9bb209
x-envoy-upstream-service-time
16
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
15606957-d7ed-478b-b497-76d5ff9bb209
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
88a6506859340e9f-MXP
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 13:22:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
52ec2bfb-4a46-44b0-b484-fd6da12e2a14
x-envoy-upstream-service-time
6
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
52ec2bfb-4a46-44b0-b484-fd6da12e2a14
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-nmd4m
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
88a6506a0ff44c43-MXP
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 13:22:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
998fb226-4b44-467b-bb7e-500a6664bad3
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
998fb226-4b44-467b-bb7e-500a6664bad3
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-zbnpp
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
88a6506a2e545258-MXP
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 27 May 2024 13:22:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
ede0bac4-0372-4ccd-8b0f-30eacf088237
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ede0bac4-0372-4ccd-8b0f-30eacf088237
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-nmd4m
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
88a6506a491b0e95-MXP
__ptq.gif
track-eu1.hubspot.com/ 		45 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=972734694&v=1.1&a=144723960&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&t=Form&cts=1716816150204&vi=f8e65fa76750d5b11124d92277cff75d&nc=true&u=251652889.f8e65fa76750d5b11124d92277cff75d.1716816150201.1716816150201.1716816150201.1&b=251652889.1.1716816150201&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
739f65fc-3590-4e80-b3de-06dca9676d42
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
739f65fc-3590-4e80-b3de-06dca9676d42
last-modified
Mon, 27 May 2024 13:22:30 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbZ8zzSBBVwy%2BwKfeTzvqRJ%2Fu%2FU%2F3syuC%2BYmZieSOZkLeP0a4pDagHnMu2EizKXbAweprNosUwWrbWvj8aIIArn7aOShQcTreF2v%2BkApM036Kf0qfDhk4y%2BnwZL1mAPzjxELcTqe7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-hgcrf
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
88a6506c4e714c4e-MXP
x-robots-tag
none
__ptq.gif
track-eu1.hubspot.com/ 		45 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=004736fa-04b8-4eec-90c8-088c41f07943&fci=1850d97f-bd98-4dd0-a3f6-f98e70a1b2b7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=972734694&v=1.1&a=144723960&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&t=Form&cts=1716816150205&vi=f8e65fa76750d5b11124d92277cff75d&nc=true&u=251652889.f8e65fa76750d5b11124d92277cff75d.1716816150201.1716816150201.1716816150201.1&b=251652889.1.1716816150201&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c86d0787-c8eb-49fb-955d-67062adfb7ab
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c86d0787-c8eb-49fb-955d-67062adfb7ab
last-modified
Mon, 27 May 2024 13:22:30 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IS4MBovCSzSr9A1SYpO2pL%2FTYpTt5hdD2IZFYNCyJcaJDmkQX5rJTwJK43Y4tvmC50cnmXx7rZUCLPtPtd55k4uisYRoTdOHm%2BL2%2FI3m%2BtqQr%2FtOsQ1jfsrbhKXfqp4JZwSYKO%2FiuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-9g2jt
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
88a6506c4e754c4e-MXP
x-robots-tag
none
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=004736fa-04b8-4eec-90c8-088c41f07943&fci=1850d97f-bd98-4dd0-a3f6-f98e70a1b2b7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=972734694&v=1.1&a=144723960&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&t=Form&cts=1716816150205&vi=f8e65fa76750d5b11124d92277cff75d&nc=true&u=251652889.f8e65fa76750d5b11124d92277cff75d.1716816150201.1716816150201.1716816150201.1&b=251652889.1.1716816150201&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 13:22:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
b3b64ff0-5e7b-44e7-ac10-44904d81014d
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b3b64ff0-5e7b-44e7-ac10-44904d81014d
last-modified
Mon, 27 May 2024 13:22:30 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FMOHUHUG0TvBa%2BDj0o%2F7nApy7He4r%2BDTx%2F%2BYezAVytXhtizY2dAUWVGYAUlYZCTNDdWbZa%2B4QpLGt8CLOfamcMXHuADoHFrLGBE7Yz3Rl1OUEBgkCtviT7oEUus3hq5D9UpmQPaXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-28jdk
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
88a6506c4e764c4e-MXP
x-robots-tag
none
favicon.ico
share-eu1.hsforms.com/ 		12 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31991337caa72127a95526ff2c3b640aeccbb5ecfe67c91c400f2d3ab1dcaf2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Encoding
br
Age
382
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
x-evy-trace-listener
listener_https
Vary
origin, Accept-Encoding
Content-Type
text/html; charset=utf-8
x-evy-trace-virtual-host
all
Cache-Control
max-age=600
X-HS-Target-Asset
forms-submission-pages/static-1.4455/html/share.html
Date
Mon, 27 May 2024 13:22:30 GMT
x-amz-version-id
F4LWnBkNLYLz5.P1nhj1etQYzSPJ378q
Via
1.1 104bdf965b5b1cb596af463b142160de.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Amz-Cf-Pop
FRA60-P6
x-hubspot-correlation-id
39697739-b8c0-407e-a438-1e6d508a16cd
X-Cache
Hit from cloudfront
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
39697739-b8c0-407e-a438-1e6d508a16cd
Last-Modified
Mon, 27 May 2024 08:08:34 UTC
Server
cloudflare
X-HS-Cache-Status
HIT
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-4vrrf
Access-Control-Allow-Credentials
false
x-amz-meta-ao
{"allowIFrame":"always"}
CF-RAY
88a6506afc400e6d-MXP
X-Amz-Cf-Id
P8gAekrGthDbRsEHEDfTnoK58S3HXR_v7vRtJHqA8yXpDXwZ1GCXtg==

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| isQa object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isLocal string| apiHubspotUrl string| formsHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| _hsp object| hubspot object| HubSpotForms object| hbspt object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

11 Cookies

Domain/Path Name / Value
enewsletter.paradigmproductions.com/ Name: SSPIDER
Value: False
enewsletter.paradigmproductions.com/ Name: SCC
Value: --
enewsletter.paradigmproductions.com/ Name: SRC
Value: --
enewsletter.paradigmproductions.com/ Name: SMC
Value: 0
.hsforms.com/ Name: __cf_bm
Value: apMgm.WmFJeZF58eKj5wEPD.cDiEbzOs9OSqtcG8.YQ-1716816148-1.0.1.1-Lv2riF4bLLpLVQSPqH7eA8lVyeIl32j0V8kNnKlhtf9NW0fPZfnR7iX9S21CgQYOIngt5.aaN6W1FodytamJVg
.hsforms.com/ Name: _cfuvid
Value: VToGOY7GXyfKwI.6lmkl8VT8o0_YL6TMYgqHBbHPSLg-1716816148840-0.0.1.1-604800000
.hsforms.net/ Name: __cf_bm
Value: 5M7GOsdqAyRLKKS1mbXLIyWrfO1iHc4LrPWwQ2QpI3Y-1716816149-1.0.1.1-sox1YEf4g8xW8Zn_CWr2h7wtQiCmaXMskvPDitSTq4XVvLAyQVKeKKCxRxfikrpz8YM7YmYMZgzIVp6NWDIlcw
.hsforms.com/ Name: __hstc
Value: 251652889.f8e65fa76750d5b11124d92277cff75d.1716816150201.1716816150201.1716816150201.1
.hsforms.com/ Name: hubspotutk
Value: f8e65fa76750d5b11124d92277cff75d
.hsforms.com/ Name: __hssrc
Value: 1
.hsforms.com/ Name: __hssc
Value: 251652889.1.1716816150201

8 Console Messages

Source Level URL
Text
network error URL: https://d2dz026t3wiz78.cloudfront.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.