urlscan.io logo urlscan.io
SecurityTrails logo

share-eu1.hsforms.com Open in urlscan Pro
172.65.198.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
Effective URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Submission: On May 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 18 HTTP transactions. The main IP is 172.65.198.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is share-eu1.hsforms.com. The Cisco Umbrella rank of the primary domain is 507212.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.
This is the only time share-eu1.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.180.174.73 10692 (DLS-LITH)
2 2600:9000:214... 16509 (AMAZON-02)
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.65.198.19 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.65.255.172 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
2 172.65.192.122 13335 (CLOUDFLAR...)
4 172.65.232.43 13335 (CLOUDFLAR...)
3 172.65.240.166 13335 (CLOUDFLAR...)
18 10
1    216.180.174.73 (Northbrook, United States)

ASN10692 (DLS-LITH, US)
PTR: mecor.net
enewsletter.paradigmproductions.com
2    2600:9000:214f:f400:e:416b:9040:21 (United States)

ASN16509 (AMAZON-02, US)
d2w4vx5eorfqdd.cloudfront.net
1    2a02:26f0:3500:1b::1724:a391 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    2606:4700:3036::ac43:8e22 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wbrandplus.shop
2    172.65.198.19 (United States)

ASN13335 (CLOUDFLARENET, US)
share-eu1.hsforms.com
1    2606:4700::6811:ac5b (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsforms.net
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
2    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
forms-eu1.hscollectedforms.net
4    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
3    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
Apex Domain
Subdomains		 Transfer
6 hsforms.com
share-eu1.hsforms.com — Cisco Umbrella Rank: 507212
forms-eu1.hsforms.com — Cisco Umbrella Rank: 28484
18 KB
3 hubspot.com
track-eu1.hubspot.com — Cisco Umbrella Rank: 16017
3 KB
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 26734
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 27597
26 KB
2 cloudfront.net
d2w4vx5eorfqdd.cloudfront.net
1 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 15561
21 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 15423
23 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14485
1 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 51913
151 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5709
3 KB
1 wbrandplus.shop
www.wbrandplus.shop
529 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 52
428 B
1 paradigmproductions.com
enewsletter.paradigmproductions.com
501 B
18 12
Domain Requested by
4 forms-eu1.hsforms.com js-eu1.hsforms.net
3 track-eu1.hubspot.com
2 share-eu1.hsforms.com
2 d2w4vx5eorfqdd.cloudfront.net
1 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hs-scripts.com share-eu1.hsforms.com
1 js-eu1.hsforms.net share-eu1.hsforms.com
1 static.hsappstatic.net share-eu1.hsforms.com
1 www.wbrandplus.shop 1 redirects
1 www.bing.com 1 redirects
1 enewsletter.paradigmproductions.com 1 redirects
18 14

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
hsforms.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
hsappstatic.net
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
hsforms.net
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
hscollectedforms.net
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Frame ID: D4C26B3C1D48860F2601364A24A27A58
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Form

Page URL History Show full URLs

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 302
    http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    https://d2w4vx5eorfqdd.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLT... HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Page Statistics

18
Requests

100 %
HTTPS

31 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

247 kB
Transfer

720 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 302
    http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    https://d2w4vx5eorfqdd.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa5664c&psq=site%3awbrandplus.shop&u=a1aHR0cHM6Ly93d3cud2JyYW5kcGx1cy5zaG9wL2ZyZWl6ZWl0LXNwb3J0LXJlaXNlbi1jLTMzOTQuaHRt HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 302
  • http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
  • https://d2w4vx5eorfqdd.cloudfront.net/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
d2w4vx5eorfqdd.cloudfront.net/
Redirect Chain
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
  • http://d2w4vx5eorfqdd.cloudfront.net/
  • https://d2w4vx5eorfqdd.cloudfront.net/
514 B
869 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d2w4vx5eorfqdd.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f400:e:416b:9040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9f83354170a23707ee379d1ab8bd82bfa61f637da0defd4c649bfc42a22809e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
5890
content-length
514
content-type
text/html
date
Fri, 17 May 2024 08:08:28 GMT
etag
"abc916b4384787333035531b1efef58c"
last-modified
Fri, 17 May 2024 06:29:13 GMT
server
AmazonS3
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-id
F46jN4wGZWV7MSnCpG5WGSrRIlkdIbSX4fZZQvaJm24vQHh_hmCQVA==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

Location
https://d2w4vx5eorfqdd.cloudfront.net/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 1ap7HrXgCTJyalOCfndivKw2e4z9o
share-eu1.hsforms.com/
Redirect Chain
  • https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa...
  • https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm
  • https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2cafeaaaa4afe8b10cbc061330b0214a34b78c5b73e4cc815205616ee618aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d2w4vx5eorfqdd.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
false
Age
1785
CF-Cache-Status
DYNAMIC
CF-RAY
8852ae7679b11997-FRA
Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Fri, 17 May 2024 09:46:38 GMT
Last-Modified
Wed, 15 May 2024 13:12:45 UTC
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
origin
Via
1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
X-Amz-Cf-Id
O2W78_2nl8HhNEq0ngMPw_BVAUOSUwRG4LmcNvvAtzDqS1Zj-XrRRQ==
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-HS-Cache-Status
HIT
X-HS-Target-Asset
forms-submission-pages/static-1.4417/html/share.html
alt-svc
h3=":443"; ma=86400
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
J3QpLTfRbGDTmdyeQDd1IeL6jKyq1vzn
x-envoy-upstream-service-time
1
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
2ddf7314-ba74-472d-a829-2dbe22ffa2ef
x-request-id
2ddf7314-ba74-472d-a829-2dbe22ffa2ef

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8852ae752febbb53-FRA
content-length
167
content-type
text/html
date
Fri, 17 May 2024 09:46:38 GMT
expires
Fri, 17 May 2024 10:46:38 GMT
location
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2BEgZ%2FbOZSjk7G89J3hPx6Nqag3cNkFcd3epM4ZVnvTxsBL1kWXfyiqe8iwSU4rS6N8SQz15UBJmpeupIBzbWEy%2BKD3JjqOy5mar3jCW5pW9UqmPjuu8U8qnPrzk2MYU9cUgFZvsCv4tPgOmHuXDetqy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
d2w4vx5eorfqdd.cloudfront.net/ 		243 B
483 B 		Other
General
Check archive.org
Download Go to
Full URL
https://d2w4vx5eorfqdd.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f400:e:416b:9040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d2w4vx5eorfqdd.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:36 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
abVxNzIvuU64IqUJGAofPM_nayYuia1Ynp1VkzaVh6oSizI2FxPnBw==
x-cache
Error from cloudfront
content-type
application/xml
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.4417/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.4417/bundles/share-legacy.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13935e84b91d8a91450936a40962e0ba27880a9b97617a95a44a01a9677d26f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
x-amz-version-id
sHb8bjdqrTWwVNw1y5k9z2X6L.ybtL.g
via
1.1 704c8a207b209dd3861e2faa8d55cc08.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS58-P3
age
160351
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 15 May 2024 10:07:48 GMT
server
cloudflare
etag
W/"6e85e73af8f582d2b9ef6299a38f1da0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6EbBm9i%2FPc0BtyXSutoHvLwAPzueKqmGMPd0M4CpHDQp4EJbHWGjCL78Lx7oTwwtgMcAAnpep3jFsiZwBfAqO8yYyhbzNW6jfsWKlNpVln5CbfGBdSoQL2h1dXl1j5%2BgtDJVeR8pbfccjgIfu32HeLtpII%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
8852ae76fbff377c-FRA
x-amz-cf-id
ZLnRgWuYBHxTytbn1ZJ4CASUJHm-JP09WPa_eRHp_oGgWBRszrniJA==
expires
Sat, 17 May 2025 09:46:38 GMT
v3.js
js-eu1.hsforms.net/forms/embed/ 		472 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsforms.net/forms/embed/v3.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
469
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5182/bundles/project-v3.js&cfRay=8852a300b6499be9-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"dff4ba3711b02da1824149f5b571bb4e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5182/bundles/project-v3.js
date
Fri, 17 May 2024 09:46:38 GMT
x-amz-version-id
xsG5fY3E.Nt_nX1yzNbxZM2eFSp9.4SB
via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
2cba79a8-a0fb-456a-a7b3-375f1910c8a3
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
2cba79a8-a0fb-456a-a7b3-375f1910c8a3
last-modified
Fri, 03 May 2024 16:00:07 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4ucFbFiL%2BvpRGNZWyzK4YZ4BR0MjkfQ5JXeySuITryH7k3tdWKgKiOD1rfaaaiW12Q5fBIFYwho0jPzGHl91aY17P8vL4NWB6cEQu%2BVufUO1ySQADB%2BB5Fp8xhYsjezzkGfsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
cf-ray
8852ae773ca791fb-FRA
x-amz-cf-id
la1zYfTSJHmCgLzLau6UUBjT4AY3VFjS80vOEcUxqzWHO2O8lM0Mag==
144679308.js
js-eu1.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/144679308.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568bffd65ce88c4da44dd7268a6b38cd44c6d14687312994fe9cc43cd6a55fb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
965039ae-0733-42d2-ad10-d5fb3004cbf9
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=1575
age
2570
x-envoy-upstream-service-time
13
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
965039ae-0733-42d2-ad10-d5fb3004cbf9
cf-bgj
minify
last-modified
Fri, 17 May 2024 09:03:48 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-68d6f869c4-mctfn
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
8852ae7718c2920e-FRA
banner.js
js-eu1.hs-banner.com/v2/144679308/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/v2/144679308/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cdc4f88b19b87e7c6d7a1a1038640f815248477460a56bc101ee8d87e250fc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
x-amz-version-id
uF90oRiXNQO91XxETzHPI46Px_5rrPeZ
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
23D6JSXZ9DCS453X
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
d0e9d85e-11ad-4c6a-b983-c426b9642903
x-envoy-upstream-service-time
35
x-amz-id-2
V9hjXMgPSafoyC7cOfQgpLM2iJl9EQmFg4/p/xrMvtHRMCr06mOXcw4jnGmhyePa3h7aTXLWX8U=
x-evy-trace-listener
listener_https
x-request-id
d0e9d85e-11ad-4c6a-b983-c426b9642903
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 15 May 2024 10:12:08 GMT
server
cloudflare
etag
W/"d2a70030c34e6977b3cfc2963d9d5cea"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8852ae778d7e6916-FRA
expires
Fri, 17 May 2024 09:51:38 GMT
144679308.js
js-eu1.hs-analytics.net/analytics/1715936400000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1715936400000/144679308.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769b1be69226bd2eb9cda9e402d5eb168e905553bcf56ff8d852ab1502932517

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
VYMJ116S3XYV9Q3S
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
c5da6373-b0f3-4ec1-9489-3429a516f00b
x-envoy-upstream-service-time
19
x-amz-id-2
vZtiGDDK3Gu9I1dGeENKuwbufsFDEhuk/z5HMXNZUdCFrhr5url83ddKdlqwukYHxtqxdllO+cLkzOdCnzBAdA==
x-evy-trace-listener
listener_https
x-request-id
c5da6373-b0f3-4ec1-9489-3429a516f00b
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 15 May 2024 10:12:14 GMT
server
cloudflare
etag
W/"d9c853087c80124266d2ea2ace76c621"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-tzlhx
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8852ae778cfb9061-FRA
expires
Fri, 17 May 2024 09:51:38 GMT
collectedforms.js
js-eu1.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
240
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8852a89bf9f291ed-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
date
Fri, 17 May 2024 09:46:38 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via
1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
5830d428-98cb-4097-9405-9ff2105eaf92
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-evy-trace-route-configuration
listener_https/all
x-request-id
5830d428-98cb-4097-9405-9ff2105eaf92
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
cf-ray
8852ae778ace9238-FRA
x-amz-cf-id
bdYNXetVO7JPQxpN8IWez3idGqX3aqLTi3L78XezkqcDbikZIC80mQ==
json
forms-eu1.hsforms.com/embed/v3/form/144679308/6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/144679308/6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182
Requested by
Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/embed/v3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a419e4e57e207e259f742cd98150d24725340bbade3965538d4c9736ffb630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Origin-Hublet
eu1
Date
Fri, 17 May 2024 09:46:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
ac92e04c-b7a0-47e5-b58b-b8c0c59f6995
Transfer-Encoding
chunked
x-envoy-upstream-service-time
18
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ac92e04c-b7a0-47e5-b58b-b8c0c59f6995
Server
cloudflare
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-zbnpp
Access-Control-Max-Age
180
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
8852ae783b1e6969-FRA
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 		137 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=144679308&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e47c7bc53878fac8cde7912fea6afeed730f1c8da9bbfe673fc7b266c82366
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1137f672-b988-4072-87b7-e9b790a25d48
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1137f672-b988-4072-87b7-e9b790a25d48
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8852ae780b4f9238-FRA
__ptq.gif
track-eu1.hubspot.com/ 		45 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2w4vx5eorfqdd.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1715939198729&vi=cc722168848181db013e9d03c57185b6&nc=true&u=251652889.cc722168848181db013e9d03c57185b6.1715939198725.1715939198725.1715939198725.1&b=251652889.1.1715939198725&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9915587b-01f9-4565-a9ea-08739e4a4e65
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9915587b-01f9-4565-a9ea-08739e4a4e65
last-modified
Fri, 17 May 2024 09:46:38 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eR3A8%2BnxQ0mzmTsDitkzBfv6NhSU9tVMo7icoVtGstjYq1cT%2BSCBnFg3esDLsCCrYCwZazYx3HdI5oQfa86vx5EaVYajqQbVOqkrtbz1NyQHGU085jOp52ucufMWe5tnBQ%2F2o8tZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-qfh69
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8852ae79081d30e4-FRA
x-robots-tag
none
favicon.ico
share-eu1.hsforms.com/ 		12 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2cafeaaaa4afe8b10cbc061330b0214a34b78c5b73e4cc815205616ee618aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Encoding
br
Age
241
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
x-evy-trace-listener
listener_https
Vary
origin, Accept-Encoding
Content-Type
text/html; charset=utf-8
x-evy-trace-virtual-host
all
Cache-Control
max-age=600
X-HS-Target-Asset
forms-submission-pages/static-1.4417/html/share.html
Date
Fri, 17 May 2024 09:46:39 GMT
x-amz-version-id
J3QpLTfRbGDTmdyeQDd1IeL6jKyq1vzn
Via
1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Amz-Cf-Pop
FRA60-P6
x-hubspot-correlation-id
21842a66-9bd5-49d9-a695-099bdf02fac9
X-Cache
Hit from cloudfront
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
21842a66-9bd5-49d9-a695-099bdf02fac9
Last-Modified
Wed, 15 May 2024 13:12:45 UTC
Server
cloudflare
X-HS-Cache-Status
HIT
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
Access-Control-Allow-Credentials
false
x-amz-meta-ao
{"allowIFrame":"always"}
CF-RAY
8852ae7a1ed51997-FRA
X-Amz-Cf-Id
SuaZfqTnFJAYY-Yp1T1BY7HjIwnVs82ssIbuxpnGxVByhrk_NUUn5Q==
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 09:46:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
0f24b90a-53fa-4ee9-8338-f96e83816ec2
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0f24b90a-53fa-4ee9-8338-f96e83816ec2
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-s5f7h
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
8852ae7a8ebd9735-FRA
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 09:46:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
1a92b864-d6b3-41e2-b382-44eae1257652
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1a92b864-d6b3-41e2-b382-44eae1257652
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-zbnpp
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
8852ae7a8f2b9191-FRA
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b&fci=0bdad9ed-05af-47ba-929a-5bbc89061296&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2w4vx5eorfqdd.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1715939198801&vi=cc722168848181db013e9d03c57185b6&nc=true&u=251652889.cc722168848181db013e9d03c57185b6.1715939198725.1715939198725.1715939198725.1&b=251652889.1.1715939198725&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
2cc0f869-327c-43f1-a18e-fbf71ead1072
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2cc0f869-327c-43f1-a18e-fbf71ead1072
last-modified
Fri, 17 May 2024 09:46:38 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d5YP0hS0Fs0MKx8F5y0cK4LYGxV9SbEbBlUG1TFd4YkIPrnOvjHvdWnWdW%2F6bt0fQ%2BsWSV%2FadsObMqCvV1y3wPZDTaS0tWHcrouOsTJ32DWCWwfJR%2Fxp61qFw8UGrCWAajJXfZ2oYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-7drvg
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8852ae79082030e4-FRA
x-robots-tag
none
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 17 May 2024 09:46:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
db995c93-82d4-4197-80b5-00c922b9244f
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
db995c93-82d4-4197-80b5-00c922b9244f
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-7h79k
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
8852ae7a9f4e5b74-FRA
__ptq.gif
track-eu1.hubspot.com/ 		45 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b&fci=0bdad9ed-05af-47ba-929a-5bbc89061296&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2w4vx5eorfqdd.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1715939198811&vi=cc722168848181db013e9d03c57185b6&nc=true&u=251652889.cc722168848181db013e9d03c57185b6.1715939198725.1715939198725.1715939198725.1&b=251652889.1.1715939198725&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:46:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3ba24ef6-5f08-4b12-81a2-dd2cda89977e
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3ba24ef6-5f08-4b12-81a2-dd2cda89977e
last-modified
Fri, 17 May 2024 09:46:38 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjBsh7wt6Ijm5lbChPDAvbWBF17aKYkHCnou%2Byts%2BISc0GI93zwGdTsIlQtlPrGOdwlr3ho9SB9wj3rnxcrigIhgbOvvHPqjG3RC7eytAxfM8I%2F%2FIi8gLwfK4n9wiNKwX27uPDe4bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-9g2jt
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8852ae79082430e4-FRA
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| isQa object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isLocal string| apiHubspotUrl string| formsHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| _hsp object| hubspot object| HubSpotForms object| hbspt object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

13 Cookies

Domain/Path Name / Value
enewsletter.paradigmproductions.com/ Name: SSPIDER
Value: False
enewsletter.paradigmproductions.com/ Name: SCC
Value: --
enewsletter.paradigmproductions.com/ Name: SRC
Value: --
enewsletter.paradigmproductions.com/ Name: SMC
Value: 0
.hsforms.com/ Name: __cf_bm
Value: JUyXjRNQc0ip0kNRs9ZRcinFY0NJodeag9JqGZBzJ8o-1715939198-1.0.1.1-PcXQAOs31W3DosKUo9N_DBX9ZT7.SqPxTQuE2Gl8hGs6FzjQ9fjBcEPd70Oo_rPol1WSuTtKYz3gHDpA6AlIYA
.hsforms.com/ Name: _cfuvid
Value: m8.2eZGP0KwUhXCBnBR3BUCnd2ONMIcz7BZmVr7ETmU-1715939198499-0.0.1.1-604800000
.hsforms.net/ Name: __cf_bm
Value: kOfaydRx7g68R152oGAq_vLQT466ZoxeQeJjgUak2KY-1715939198-1.0.1.1-t.oF1wLJ_DoCjQCSJhuMplEY6LxWXs5fKQC56KRtBSeZHubB_TqbxFtJnRB7jcY3PFn1W1CUc9cxyQREWVB8HQ
.hsforms.com/ Name: __hstc
Value: 251652889.cc722168848181db013e9d03c57185b6.1715939198725.1715939198725.1715939198725.1
.hsforms.com/ Name: hubspotutk
Value: cc722168848181db013e9d03c57185b6
.hsforms.com/ Name: __hssrc
Value: 1
.hsforms.com/ Name: __hssc
Value: 251652889.1.1715939198725
.hubspot.com/ Name: __cf_bm
Value: OUHvql9ad7kozT9.F1XIss1HtKe_2jrOiiwl46D5GEk-1715939198-1.0.1.1-yx_pCj_me7GD_fWmO1vRiJyxePltzNY3YftfgjIT_s_GvpdvCSUnNQwT8GMIORzCF_1p1AGZSOpFV7TmpyHTyg
.hubspot.com/ Name: _cfuvid
Value: Kz3HdR3rKX8wHvG1sS1KfPHGDLv_ztO0M1VOMMNIK.Y-1715939198943-0.0.1.1-604800000

8 Console Messages

Source Level URL
Text
network error URL: https://d2w4vx5eorfqdd.cloudfront.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2w4vx5eorfqdd.cloudfront.net
enewsletter.paradigmproductions.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
js-eu1.hsforms.net
share-eu1.hsforms.com
static.hsappstatic.net
track-eu1.hubspot.com
www.bing.com
www.wbrandplus.shop
172.65.192.122
172.65.198.19
172.65.202.201
172.65.208.22
172.65.232.43
172.65.238.60
172.65.240.166
172.65.255.172
216.180.174.73
2600:9000:214f:f400:e:416b:9040:21
2606:4700:3036::ac43:8e22
2606:4700::6811:ac5b
2a02:26f0:3500:1b::1724:a391
13935e84b91d8a91450936a40962e0ba27880a9b97617a95a44a01a9677d26f0
2e2cafeaaaa4afe8b10cbc061330b0214a34b78c5b73e4cc815205616ee618aa
3a419e4e57e207e259f742cd98150d24725340bbade3965538d4c9736ffb630c
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
568bffd65ce88c4da44dd7268a6b38cd44c6d14687312994fe9cc43cd6a55fb4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
769b1be69226bd2eb9cda9e402d5eb168e905553bcf56ff8d852ab1502932517
85e47c7bc53878fac8cde7912fea6afeed730f1c8da9bbfe673fc7b266c82366
962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe
97cdc4f88b19b87e7c6d7a1a1038640f815248477460a56bc101ee8d87e250fc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e9f83354170a23707ee379d1ab8bd82bfa61f637da0defd4c649bfc42a22809e