share-eu1.hsforms.com Open in urlscan Pro
172.65.198.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
Effective URL:
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Submission: On May 17 via manual (May 17th 2024, 12:00:56 pm UTC) from DE — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 18 HTTP transactions. The main IP is 172.65.198.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is share-eu1.hsforms.com. The Cisco Umbrella rank of the primary domain is 507212.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.

This is the only time share-eu1.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.180.174.73 216.180.174.73	10692 (DLS-LITH) (DLS-LITH)
2	2600:9000:249... 2600:9000:2490:1200:12:3777:ad00:21	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	172.67.142.34 172.67.142.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.198.19 172.65.198.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ad5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.255.172 172.65.255.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	10

1 216.180.174.73 (Northbrook, United States) 1 redirects

ASN10692 (DLS-LITH, US)
PTR: bodyset.com

enewsletter.paradigmproductions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:1200:12:3777:ad00:21 (United States)

ASN16509 (AMAZON-02, US)

d2dz026t3wiz78.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:1b::1724:a392 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.142.34 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wbrandplus.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.198.19 (United States)

ASN13335 (CLOUDFLARENET, US)

share-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ad5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hsforms.com share-eu1.hsforms.com — Cisco Umbrella Rank: 507212 forms-eu1.hsforms.com — Cisco Umbrella Rank: 28484	18 KB
3	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 16017	3 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 26734 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 27597	26 KB
2	cloudfront.net d2dz026t3wiz78.cloudfront.net	1 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 15561	21 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 15423	23 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14485	1 KB
1	hsforms.net js-eu1.hsforms.net — Cisco Umbrella Rank: 51913	151 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5709	3 KB
1	wbrandplus.shop 1 redirects www.wbrandplus.shop	515 B
1	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 52	427 B
1	paradigmproductions.com 1 redirects enewsletter.paradigmproductions.com	501 B
18	12

	Domain	Requested by
4	forms-eu1.hsforms.com	js-eu1.hsforms.net
3	track-eu1.hubspot.com
2	share-eu1.hsforms.com
2	d2dz026t3wiz78.cloudfront.net
1	forms-eu1.hscollectedforms.net	js-eu1.hscollectedforms.net
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	js-eu1.hs-scripts.com	share-eu1.hsforms.com
1	js-eu1.hsforms.net	share-eu1.hsforms.com
1	static.hsappstatic.net	share-eu1.hsforms.com
1	www.wbrandplus.shop	1 redirects
1	www.bing.com	1 redirects
1	enewsletter.paradigmproductions.com	1 redirects
18	14

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
hsappstatic.net E1	`2024-05-08` - `2024-08-06`	3 months	crt.sh
hsforms.net GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
hscollectedforms.net E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Frame ID: 56B7774623BC576D06B5E59546B0738C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Form

Page URL History Show full URLs

http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
https://d2dz026t3wiz78.cloudfront.net/ Page URL
https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLT... HTTP 302
https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Page Statistics

18
Requests

100 %
HTTPS

23 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

247 kB
Transfer

720 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
https://d2dz026t3wiz78.cloudfront.net/ Page URL
https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa5664c&psq=site%3awbrandplus.shop&u=a1aHR0cHM6Ly93d3cud2JyYW5kcGx1cy5zaG9wL2ZyZWl6ZWl0LXNwb3J0LXJlaXNlbi1jLTMzOTQuaHRt HTTP 302
https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
https://d2dz026t3wiz78.cloudfront.net/

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
d2dz026t3wiz78.cloudfront.net/
Redirect Chain

http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
http://d2dz026t3wiz78.cloudfront.net/
https://d2dz026t3wiz78.cloudfront.net/

514 B
869 B

145ms
40ms

Document
text/html

2600:9000:2490:1200:12:3777:ad00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2dz026t3wiz78.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1200:12:3777:ad00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 17892
content-length: 514
content-type: text/html
date: Fri, 17 May 2024 07:02:39 GMT
etag: "abc916b4384787333035531b1efef58c"
last-modified: Fri, 17 May 2024 05:53:30 GMT
server: AmazonS3
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-amz-cf-id: S7TaEgSh7WB7a1lajTwkPr5raRNrdlUCqUvyFEJr1YUdphQrOVzk4A==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

Redirect headers

Location: https://d2dz026t3wiz78.cloudfront.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1

200
OK

Primary Request 1ap7HrXgCTJyalOCfndivKw2e4z9o Show response
share-eu1.hsforms.com/
Redirect Chain

https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa...
https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o

12 KB
6 KB

217ms
102ms

Document
text/html

172.65.198.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e2cafeaaaa4afe8b10cbc061330b0214a34b78c5b73e4cc815205616ee618aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://d2dz026t3wiz78.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Credentials: false
Age: 2471
CF-Cache-Status: DYNAMIC
CF-RAY: 8853730c98f858de-TXL
Cache-Control: max-age=600
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Fri, 17 May 2024 12:00:50 GMT
Last-Modified: Wed, 15 May 2024 13:12:45 UTC
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: origin
Via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
X-Amz-Cf-Id: rcx2wdVnJ9orUVTtqjn_fa8KzN6ilTsLjExNr9MvA46CP2iQpDOMeA==
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
X-Content-Type-Options: nosniff
X-HS-Cache-Status: HIT
X-HS-Target-Asset: forms-submission-pages/static-1.4417/html/share.html
alt-svc: h3=":443"; ma=86400
cache-tag: staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao: {"allowIFrame":"always"}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: J3QpLTfRbGDTmdyeQDd1IeL6jKyq1vzn
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 73b70fc0-205d-4415-8d65-5cdd470e17be
x-request-id: 73b70fc0-205d-4415-8d65-5cdd470e17be

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8853730b9a359764-FRA
content-length: 167
content-type: text/html
date: Fri, 17 May 2024 12:00:50 GMT
expires: Fri, 17 May 2024 13:00:50 GMT
location: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTzE5h4w2EOyF8N7OolX6n5c40xpOZ6H58YX2ow93g1kMpcxvjIjv6CSYVsUXSlVa16SWyNYqhTFLsxMsLa%2BMQyTYYAJOAdr%2FEcqkfHvJo1QqATnXzHhfHTuvrYFArIITXzx8rPJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 403 favicon.ico
d2dz026t3wiz78.cloudfront.net/ 263 B
504 B 160ms
160ms Other
application/xml 2600:9000:2490:1200:12:3777:ad00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2dz026t3wiz78.cloudfront.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1200:12:3777:ad00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d2dz026t3wiz78.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:50 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: QHnAhYFxXS-MDtlCytA6tO7m5NWvGIUzHudGgrGKDSUwr4LzEIU1hg==
x-cache: Error from cloudfront
content-type: application/xml

GET
H2 200 share-legacy.js Show response
static.hsappstatic.net/forms-submission-pages/static-1.4417/bundles/ 5 KB
3 KB 168ms
74ms Script
application/javascript 2606:4700::6811:ad5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/forms-submission-pages/static-1.4417/bundles/share-legacy.js

Requested by

Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ad5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13935e84b91d8a91450936a40962e0ba27880a9b97617a95a44a01a9677d26f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Origin: https://share-eu1.hsforms.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:50 GMT
x-amz-version-id: sHb8bjdqrTWwVNw1y5k9z2X6L.ybtL.g
via: 1.1 704c8a207b209dd3861e2faa8d55cc08.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P3
age: 168403
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 May 2024 10:07:48 GMT
server: cloudflare
etag: W/"6e85e73af8f582d2b9ef6299a38f1da0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfMR5JF2U21nmQ2Pim%2BbZzUIG4lpB8gwgvTJTf7uVWDBMrvYKzdbjae7OTxhIl7V77CcO8%2BMG7dcTNPC5%2FWExxceFQC5rBQNUorJROVERY57ZMcr0tcas%2FP0TF9nhspv2JiKKFxWZx0g0XRNycaKno6OADI%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=31536000
cf-ray: 8853730de9b4bbf2-FRA
x-amz-cf-id: ZLnRgWuYBHxTytbn1ZJ4CASUJHm-JP09WPa_eRHp_oGgWBRszrniJA==
expires: Sat, 17 May 2025 12:00:50 GMT

GET
H2 200 v3.js Show response
js-eu1.hsforms.net/forms/embed/ 472 KB
151 KB 161ms
58ms Script
application/javascript 172.65.255.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsforms.net/forms/embed/v3.js

Requested by

Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 571
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5182/bundles/project-v3.js&cfRay=8850f72b776f6a73-TXL
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"dff4ba3711b02da1824149f5b571bb4e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5182/bundles/project-v3.js
date: Fri, 17 May 2024 12:00:50 GMT
x-amz-version-id: xsG5fY3E.Nt_nX1yzNbxZM2eFSp9.4SB
via: 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
x-hubspot-correlation-id: 37f0d86b-b382-4125-99af-dc3d8a65e82f
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 37f0d86b-b382-4125-99af-dc3d8a65e82f
last-modified: Fri, 03 May 2024 16:00:07 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSL7wNCOXBPNYURzmh9sxDR6FvwL1gHgbI1viFGgySOOanTD5xYpQCjuRaAtp77Y6tvaE00xfa7I3Z9p7kBatuesaco1BW0lFEqZzrCSJAuvnRusLNBkrdT87UpGtO7YfKM2aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
cf-ray: 8853730e1c846a77-TXL
x-amz-cf-id: KqqW1HeKHHeS0q6nnosAiZY4THm2vwKk0figKiADElx6-gaHanSV3A==

GET
H2 200 144679308.js Show response
js-eu1.hs-scripts.com/ 2 KB
1 KB 201ms
117ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/144679308.js

Requested by

Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4d852a2f932ddb12a96e25bdaea5e6283168b510f062635b0bb5e7049e07a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 635b6b0b-efa4-431c-ae71-906d0e8f0d55
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 635b6b0b-efa4-431c-ae71-906d0e8f0d55
last-modified: Fri, 17 May 2024 09:04:29 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://share-eu1.hsforms.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-68d6f869c4-6wxdk
access-control-allow-credentials: true
cf-ray: 8853730dff774528-TXL

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/144679308/ 71 KB
23 KB 197ms
110ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/144679308/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97cdc4f88b19b87e7c6d7a1a1038640f815248477460a56bc101ee8d87e250fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:51 GMT
x-amz-version-id: uF90oRiXNQO91XxETzHPI46Px_5rrPeZ
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 3ZV5QAY9YNTQZFE7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: db1af236-81c7-4a44-9f3a-4b33c0bc065d
x-envoy-upstream-service-time: 27
x-amz-id-2: rYvYBopTfGRXpTgLL/VyHZ2ic3GXBRTOeqL5NJbYYtVVaJt2lGpcWu8x8yYKCFoeRFEoT9hPc64=
x-evy-trace-listener: listener_https
x-request-id: db1af236-81c7-4a44-9f3a-4b33c0bc065d
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 May 2024 10:12:08 GMT
server: cloudflare
etag: W/"d2a70030c34e6977b3cfc2963d9d5cea"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://share-eu1.hsforms.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8853730f4aca44fe-TXL
expires: Fri, 17 May 2024 12:05:51 GMT

GET
H2 200 144679308.js Show response
js-eu1.hs-analytics.net/analytics/1715947200000/ 67 KB
21 KB 216ms
126ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1715947200000/144679308.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769b1be69226bd2eb9cda9e402d5eb168e905553bcf56ff8d852ab1502932517

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:51 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 54VX1AKHKQ747H55
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 2027eb88-d99b-4b59-afbd-9039aa424d80
x-envoy-upstream-service-time: 37
x-amz-id-2: hCZNLn3BIOiFFCjCevuvstXy4w6Vs+HgfrrQkJw+HblwMpjprauPaZ93F/jpmD9uxyjpUKsLccE=
x-evy-trace-listener: listener_https
x-request-id: 2027eb88-d99b-4b59-afbd-9039aa424d80
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 May 2024 10:12:14 GMT
server: cloudflare
etag: W/"d9c853087c80124266d2ea2ace76c621"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8853730f4c0158ea-TXL
expires: Fri, 17 May 2024 12:05:51 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 130ms
44ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Origin: https://share-eu1.hsforms.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 467
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8850f8a49eb14504-TXL
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js
date: Fri, 17 May 2024 12:00:51 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P6
x-hubspot-correlation-id: 5a7cd4fd-6334-4452-b50b-0056b90d59df
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5a7cd4fd-6334-4452-b50b-0056b90d59df
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
cf-ray: 8853730f4ca0450a-TXL
x-amz-cf-id: QbajO13qBuRJx14TRgl9gYnpIDBSWFifnZzqA4-gSPab0ecfPsY8eA==

GET
H/1.1 200
OK json Show response
forms-eu1.hsforms.com/embed/v3/form/144679308/6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b/ 9 KB
4 KB 188ms
86ms XHR
application/json 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hsforms.com/embed/v3/form/144679308/6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182

Requested by

Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/embed/v3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb2a8bf0b0f762773e760c2e0d5b43a6aa9c5303c8a947f14c45159125f3807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Origin-Hublet: eu1
Date: Fri, 17 May 2024 12:00:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 8a5015dc-7722-4739-b0ca-0387906776e8
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 19
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8a5015dc-7722-4739-b0ca-0387906776e8
Server: cloudflare
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://share-eu1.hsforms.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-7c766895b4-zzl4c
Access-Control-Max-Age: 180
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 8853730fcbd444fe-TXL

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 137 B
423 B 96ms
79ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=144679308&utk=

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e47c7bc53878fac8cde7912fea6afeed730f1c8da9bbfe673fc7b266c82366

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d02ad569-2e5f-4357-8da0-ba0a63feba94
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d02ad569-2e5f-4357-8da0-ba0a63feba94
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://share-eu1.hsforms.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8853730fee77450a-TXL

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
745 B 213ms
134ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1715947251216&vi=012b863c799fbfbf3402b91e7d345631&nc=true&u=251652889.012b863c799fbfbf3402b91e7d345631.1715947251214.1715947251214.1715947251214.1&b=251652889.1.1715947251214&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 981bf822-6fe5-4da2-8362-452d77dc066e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 2
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 981bf822-6fe5-4da2-8362-452d77dc066e
last-modified: Fri, 17 May 2024 12:00:51 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aEx78YuRnWfednrESsWFIOTQiRTYdEZZohk4aFx6yex1k5ufkKYZ4T3ifPRT9t3h1x%2Fkvl5bLrYQjW8tJWc58feNu6FzKtLWlaT6F%2FmQaE4RCbH25iwbMEMpLCV8Sk4xjI3XlDbN2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-5dfb646764-k6t2s
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 88537310c965453a-TXL
x-robots-tag: none

GET
H/1.1 200
OK favicon.ico
share-eu1.hsforms.com/ 12 KB
5 KB 357ms
56ms Other
text/html 172.65.198.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://share-eu1.hsforms.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e2cafeaaaa4afe8b10cbc061330b0214a34b78c5b73e4cc815205616ee618aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Encoding: br
Age: 236
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-evy-trace-listener: listener_https
Vary: origin, Accept-Encoding
Content-Type: text/html; charset=utf-8
x-evy-trace-virtual-host: all
Cache-Control: max-age=600
X-HS-Target-Asset: forms-submission-pages/static-1.4417/html/share.html
Date: Fri, 17 May 2024 12:00:51 GMT
x-amz-version-id: J3QpLTfRbGDTmdyeQDd1IeL6jKyq1vzn
Via: 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Amz-Cf-Pop: FRA60-P6
x-hubspot-correlation-id: 4a2fc5c1-b843-452c-959a-2efb3acf5c60
X-Cache: Hit from cloudfront
cache-tag: staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4a2fc5c1-b843-452c-959a-2efb3acf5c60
Last-Modified: Wed, 15 May 2024 13:12:45 UTC
Server: cloudflare
X-HS-Cache-Status: HIT
x-evy-trace-served-by-pod: fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
Access-Control-Allow-Credentials: false
x-amz-meta-ao: {"allowIFrame":"always"}
CF-RAY: 885373121e2c58de-TXL
X-Amz-Cf-Id: GFmCx1_1L9sfjfOQSLKEERykn7wE36nhI4nBqmzP8W4niLmJTdyZPQ==

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
945 B 682ms
68ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 12:00:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: daa020b2-8840-48ae-b399-8838f8db6976
x-envoy-upstream-service-time: 5
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: daa020b2-8840-48ae-b399-8838f8db6976
Server: cloudflare
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-7c766895b4-7h79k
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 885373144a166a77-TXL

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 166ms
130ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b&fci=f3f5ca5b-fa18-4247-83dc-00722aa230b0&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1715947251257&vi=012b863c799fbfbf3402b91e7d345631&nc=true&u=251652889.012b863c799fbfbf3402b91e7d345631.1715947251214.1715947251214.1715947251214.1&b=251652889.1.1715947251214&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bfef0fd1-30c5-424d-9abf-b74006eba24e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bfef0fd1-30c5-424d-9abf-b74006eba24e
last-modified: Fri, 17 May 2024 12:00:51 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EoV9bMS3EOFEkUOIPVfFDzkcH%2Fw1gt5TCNl5UZ7LeQryw3Xx50T7Pg7n7BaW9YMWImc3j7%2BRZZeAAmOc4Hi1brgQE70TPYxgHHiTk9xI8U80DHhXVylK29cwc2rIlaSwtqAsZ8ipCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-5dfb646764-hgcrf
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 88537310c969453a-TXL
x-robots-tag: none

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
945 B 673ms
65ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 12:00:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: ef529f54-4e72-4915-af42-ad76fc6ccb44
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ef529f54-4e72-4915-af42-ad76fc6ccb44
Server: cloudflare
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-7c766895b4-zbnpp
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 885373144ff22685-TXL

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
945 B 693ms
87ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 12:00:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 1ac19b33-736a-4d95-8c6a-42cf6001b089
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1ac19b33-736a-4d95-8c6a-42cf6001b089
Server: cloudflare
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-7c766895b4-lqmdc
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 885373144ae14516-TXL

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
746 B 172ms
159ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b&fci=f3f5ca5b-fa18-4247-83dc-00722aa230b0&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1715947251282&vi=012b863c799fbfbf3402b91e7d345631&nc=true&u=251652889.012b863c799fbfbf3402b91e7d345631.1715947251214.1715947251214.1715947251214.1&b=251652889.1.1715947251214&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://share-eu1.hsforms.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 12:00:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 63482df7-d9e0-433d-a9ec-c410507a7a3d
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 63482df7-d9e0-433d-a9ec-c410507a7a3d
last-modified: Fri, 17 May 2024 12:00:51 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4siKfz3Q%2Bw3ZwFMWhCt6kByRLXZbhct1VtbzixhRwljHNTM0R6%2Fo7vTBd7Ob70i2Wt6M1fwhT7bD8M6sTU9jnhw19%2BJfyzyRIIEL0yoWkuXOT18Cb5MQ%2F0P%2FmOqud6RInwCyWrMafw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-5dfb646764-lfq8h
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 88537310c96e453a-TXL
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
enewsletter.paradigmproductions.com/	1969-12-31 23:59:59	Name: SSPIDER Value: False
enewsletter.paradigmproductions.com/	1970-01-20 20:40:33	Name: SCC Value: DE
enewsletter.paradigmproductions.com/	1970-01-20 20:40:33	Name: SRC Value: --
enewsletter.paradigmproductions.com/	1970-01-20 20:40:33	Name: SMC Value: 0
.hsforms.com/	1970-01-20 20:39:09	Name: __cf_bm Value: an3QWAhmRbknmLH3qND91lBnlvdI9oAi_AeYAFLMKpM-1715947250-1.0.1.1-90GtPmCf9o7alCdL1M8lZ862UGlxG5odIN_bi4Xsv.FlW8SRrKwsBxJG0_.9TStFCj7UWBCUfnUk9x3DF0Qxqw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: pGZzsqg33213ogLm_fpx7q6ch_Le1PlKcCvffjBFwtU-1715947250719-0.0.1.1-604800000
.hsforms.net/	1970-01-20 20:39:09	Name: __cf_bm Value: c0t93aAKAV8ngkaOgIOvQmwsw.L3saFyiuLxVD2Abrw-1715947250-1.0.1.1-qzWE7TF.1E4ezewWLAJ.SIXfYvig2qrZpg3RYEzqr18cVYKIxgz163l3grWJFrgzXYmeL3OPtmWSX7zL1ayZPg
.hsforms.com/	1970-01-21 00:58:19	Name: __hstc Value: 251652889.012b863c799fbfbf3402b91e7d345631.1715947251214.1715947251214.1715947251214.1
.hsforms.com/	1970-01-21 00:58:19	Name: hubspotutk Value: 012b863c799fbfbf3402b91e7d345631
.hsforms.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hsforms.com/	1970-01-20 20:39:09	Name: __hssc Value: 251652889.1.1715947251214
.hubspot.com/	1970-01-20 20:39:09	Name: __cf_bm Value: 6XQLAV.N_qTKUVbpPfRHnBSMw5Ki44a6fwi.5W.nUG8-1715947251-1.0.1.1-dZJRbh85o2M44VNlJ3BDGhz2qwNWPc8hBVU78A7x4zQjCMMEO0WQp59i9crrhT4AEzuckctPXNvqezxfZ51Dsg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: HlvUKdH10oFMXrmyuEeDx9iUdfq0pVsTYRKwVEbguhM-1715947251438-0.0.1.1-604800000

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d2dz026t3wiz78.cloudfront.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2dz026t3wiz78.cloudfront.net
enewsletter.paradigmproductions.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
js-eu1.hsforms.net
share-eu1.hsforms.com
static.hsappstatic.net
track-eu1.hubspot.com
www.bing.com
www.wbrandplus.shop
172.65.192.122
172.65.198.19
172.65.202.201
172.65.208.22
172.65.232.43
172.65.238.60
172.65.240.166
172.65.255.172
172.67.142.34
216.180.174.73
2600:9000:2490:1200:12:3777:ad00:21
2606:4700::6811:ad5b
2a02:26f0:3500:1b::1724:a392
13935e84b91d8a91450936a40962e0ba27880a9b97617a95a44a01a9677d26f0
2e2cafeaaaa4afe8b10cbc061330b0214a34b78c5b73e4cc815205616ee618aa
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
769b1be69226bd2eb9cda9e402d5eb168e905553bcf56ff8d852ab1502932517
85e47c7bc53878fac8cde7912fea6afeed730f1c8da9bbfe673fc7b266c82366
962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe
97cdc4f88b19b87e7c6d7a1a1038640f815248477460a56bc101ee8d87e250fc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfb2a8bf0b0f762773e760c2e0d5b43a6aa9c5303c8a947f14c45159125f3807
ee4d852a2f932ddb12a96e25bdaea5e6283168b510f062635b0bb5e7049e07a8

share-eu1.hsforms.com Open in urlscan Pro 172.65.198.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

23 %IPv6

12 Domains

14 Subdomains

10 IPs

2 Countries

247 kBTransfer

720 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

13 Cookies

8 Console Messages

Indicators

share-eu1.hsforms.com Open in urlscan Pro
172.65.198.19 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

23 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

247 kB
Transfer

720 kB
Size

13
Cookies

18 HTTP transactions
0 data transactions