urlscan.io logo urlscan.io
SecurityTrails logo

share.hsforms.com Open in urlscan Pro
2606:4700::6810:5905  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://klick.mingers.law/info/1pn9vzkzqf4xz1ubyagzz1zzqz3
Effective URL: https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
Submission: On April 11 via api from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 22 HTTP transactions. The main IP is 2606:4700::6810:5905, located in United States and belongs to CLOUDFLARENET, US. The main domain is share.hsforms.com. The Cisco Umbrella rank of the primary domain is 149622.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.
This is the only time share.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.227.171.83 42473 (AS-ANEXIA...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 14
1    213.227.171.83 (Munich, Germany)

ASN42473 (AS-ANEXIA ANEXIA Internetdienstleistungs GmbH, AT)
PTR: sirius.mingers.law
klick.mingers.law
6    2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)
share.hsforms.com
forms.hsforms.com
perf.hsforms.com
1    2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 hsforms.com
share.hsforms.com — Cisco Umbrella Rank: 149622
forms.hsforms.com — Cisco Umbrella Rank: 4897
perf.hsforms.com — Cisco Umbrella Rank: 10616
9 KB
4 hubspot.com
forms.hubspot.com — Cisco Umbrella Rank: 3360
track.hubspot.com — Cisco Umbrella Rank: 2374
3 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2287
20 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2289
16 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5484
22 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3477
3 KB
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5210
25 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2436
1 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6966
160 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 7893
3 KB
1 mingers.law
klick.mingers.law
342 B
22 13
Domain Requested by
4 forms.hsforms.com js.hsforms.net
3 perf.hsforms.com
3 track.hubspot.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com js.hsforms.net
1 forms.hubspot.com js.hscollectedforms.net
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-scripts.com share.hsforms.com
1 js.hsforms.net share.hsforms.com
1 static.hsappstatic.net share.hsforms.com
1 share.hsforms.com
1 klick.mingers.law 1 redirects
22 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
Frame ID: A2938156FC6FA4B867CAC5953328A845
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FormForm

Page URL History Show full URLs

  1. https://klick.mingers.law/info/1pn9vzkzqf4xz1ubyagzz1zzqz3 HTTP 301
    https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

22
Requests

100 %
HTTPS

93 %
IPv6

13
Domains

16
Subdomains

14
IPs

2
Countries

275 kB
Transfer

846 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://klick.mingers.law/info/1pn9vzkzqf4xz1ubyagzz1zzqz3 HTTP 301
    https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1H2hL2eisSQ-YNofGG4Lh-A4g695
share.hsforms.com/
Redirect Chain
  • https://klick.mingers.law/info/1pn9vzkzqf4xz1ubyagzz1zzqz3
  • https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7dfc4e483afe5bd10d460f7a133edce4df36cbb118fdbd7224594c67700d4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
age
2328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
6fa22c8c0b989bef-FRA
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-submission-pages/static-1.1851/html/share.html&cfRay=6fa22c8c0b989bef-IAD
content-type
text/html; charset=utf-8
date
Mon, 11 Apr 2022 07:57:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 06 Apr 2022 12:44:29 UTC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
x-amz-cf-id
64vDdOc3RY6xncdX70jjOTV8c-_rus5HQmVcOShHzBUy6awDUJlWkg==
x-amz-cf-pop
IAD89-P1
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
NZMRg533nX.FZ8YsHPsaWftkXU6YEydM
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-hs-target-asset
forms-submission-pages/static-1.1851/html/share.html

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 11 Apr 2022 07:57:53 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
location
https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
server
Apache
vary
Accept-Encoding User-Agent
x-content-type-options
nosniff
x-drupal-cache
MISS
x-robots-tag
noindex, nofollow
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.1851/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.1851/bundles/share-legacy.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85acdc637643166bc2250b1e2f9807f0a47429d7c254debbcbb0091fb4fe3c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
via
1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
416030
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Apr 2022 12:23:13 GMT
server
cloudflare
etag
W/"cef6ea80d1399dfe703aa9e7f9a85a3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jLdI8tvjnjr1qv9VaLT5uDjaQF0%2FxH3MJSnUXao1E21pPAKE9JCjYCriQvMYHeB4lP9R2ocaTUg1Q6DHS0vND7jzeRi1whZXTGWmtbHOHO0CR5350yXHqDP2RNaEuIwaMwWTHxVoPpPsfCztQkEh3qjLAQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
h7Tn8C7RWTJfih23pHaH41SEO8F6W7eE
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS54-C1
cf-ray
6fa22c8daa9b9966-FRA
x-amz-cf-id
-3K8E1Ij_CCevJaJbuKO0Gcn1GaMgfhWfaL1LLwg6uZoUw1hsys6Nw==
expires
Tue, 11 Apr 2023 07:57:54 GMT
new-embed-script.js
js.hsforms.net/forms/ 		520 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/new-embed-script.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea30b37a1a45671d992fd7f576abc9bb26eccb4a8d023f32bbe3f86f334bdea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
via
1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.1817/bundles/project-v3.js&cfRay=6fa22c8dec519ba0-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 08 Apr 2022 09:48:53 UTC
server
cloudflare
etag
W/"38328fd13957aa77418f5f706a3450f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3DPrVmbzTMOx4YwSVGk5Zy6Z6w%2FbKS%2B6N1B0rmyosA9B7uW1u3VjqdlVvGyuicK%2B2UZsCJdNpRa6uoAci2v06m7InWx03C3THDc1aFs7hzPiKZVY2xipuNm%2FHCWenvvRZByxYQ0dL%2BooR2K"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
zBbxUA1DhqZOKnXpQR4ZeMAvUwer2avp
access-control-allow-origin
*
cache-control
max-age=600
x-hs-cache-status
HIT
cf-ray
6fa22c8dec519ba0-FRA
x-amz-cf-id
boTG4pQQIDD9Emwts-KkaxnLJhbKTPD43-C6IX1au9pcup66_VkK3A==
x-hs-target-asset
forms-embed/static-1.1817/bundles/project-v3.js
7473065.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/7473065.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1H2hL2eisSQ-YNofGG4Lh-A4g695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d92ffb1b7b56e73108aefdc7f027e31f8b875ec48d17efa2b93113daf325ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
1ae91f8a-55e2-45d3-9cfc-3fe89bf79152
last-modified
Mon, 11 Apr 2022 07:54:30 GMT
server
cloudflare
x-trace
2BAF7C805D006CD4394A4040552D3609CA6F748CB6000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6fa22c8ddb219a41-FRA
expires
Mon, 11 Apr 2022 07:58:54 GMT
collectedforms.js
js.hscollectedforms.net/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7473065.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
via
1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
52347
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=6f9d2e8ea97592ae-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6fa22c8f1d3f91e4-FRA
last-modified
Fri, 04 Mar 2022 03:24:42 UTC
server
cloudflare
etag
W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
TMmoZoy6oyjbfGFhzBxuyI1vdvXDJ9KzkSWoTW0Rl4F9umENhNWTaA==
x-hs-target-asset
collected-forms-embed-js/static-1.273/bundles/project.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7473065.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37f9f1230e8006b68895805d9e9217094a74fa6649ed6a63d3a3336918c37b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
via
1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
526
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.270/bundles/pixels-release.js&cfRay=6fa21fb59ada6951-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Thu, 17 Mar 2022 03:35:22 UTC
server
cloudflare
etag
W/"8398d70a7781b83c3e8a52f0ea16d293"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
hxYI6wfzNUwmg1JRoMD3SYDawXUykSZn
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6fa22c8efe8c9b40-FRA
x-amz-cf-id
uip6aZoNGMeA_pGgtqpJyFwhFDstRwj-C4GmURfws0n1EEDJYZgh7w==
x-hs-target-asset
adsscriptloaderstatic/static-1.270/bundles/pixels-release.js
conversations-embed.js
js.usemessages.com/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7473065.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a923352446c00d3d1f2dfcde92fa20e0b82e33d23a80ab22cd3cc2cf9ce9ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
via
1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
356
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9849/bundles/project.js&cfRay=6fa223dc1ede9ba4-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 29 Mar 2022 04:44:01 UTC
server
cloudflare
etag
W/"52b80f399f784180e78f25cf610cca4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Qqs2v7Bup._.OaWwJtpawgYIANMpX2y0
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6fa22c8f0a819c07-FRA
x-amz-cf-id
MIS-GRYnWxEzDabjhBFTb_J6dCt9gYJVr1_4uAzP8GjzOtNmZbRuAg==
x-hs-target-asset
conversations-embed/static-1.9849/bundles/project.js
7473065.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/7473065.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7473065.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45856531d0231f99e430f63c4bbb86e4e0acc18b9231563d2fd23901837c6381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
content-encoding
br
cf-cache-status
HIT
age
199
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
AENMVM01TYQVC2RD
x-amz-id-2
sfdTlBM1oITnDxVCbN1zwROsl5E5PL5P/h+5vhdnerlb5uc5F5pS8r349rpzMqE6LzzbQ6+iemQ=
timing-allow-origin
*
last-modified
Mon, 04 Apr 2022 06:52:26 GMT
server
cloudflare
etag
W/"18b1407a7d3a70e57102c9f0f17e112a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
1engFj1NKD2Q7.7bpXL6MLTKrxIqhmQC
access-control-allow-origin
https://www.mingers.law
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6fa22c8f0e72913c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Mon, 11 Apr 2022 07:59:34 GMT
7473065.js
js.hs-analytics.net/analytics/1649663700000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1649663700000/7473065.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7473065.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11091ffd2944b25784e079d407d5b4fe3c447467854ee0dae107ccc4830469f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
9RM28THWDBX3CN0W
x-amz-server-side-encryption
AES256
cf-ray
6fa22c8efc915bf1-FRA
x-amz-id-2
IdAuSVBoSmb6SrMnrqknaJkfz0FdD6zS8XMwlVOgZcAYi0WZUN5LtwHZ/dk4BPfCvOnnpEIGpa4=
last-modified
Wed, 06 Apr 2022 14:52:19 GMT
server
cloudflare
etag
W/"669b68a6b61bd68bee0bf9f3081e675c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Mon, 11 Apr 2022 08:02:54 GMT
json
forms.hsforms.com/embed/v3/form/7473065/1f684bd9-e8ac-490f-9836-87c61b82e1f8/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/7473065/1f684bd9-e8ac-490f-9836-87c61b82e1f8/json?X-HubSpot-Static-App-Info=%7B%22projectName%22:%22forms-embed%22,%22projectVersion%22:%221.1817%22,%22project%22:%22forms-embed-1.1817%22%7D
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/new-embed-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e8f1f95b649be463455a88bdca02eb2e561cf46b8d3eb97ad2e624ee4a51b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://share.hsforms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-origin-hublet
na1
date
Mon, 11 Apr 2022 07:57:54 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
be77be21-332f-4b7c-a4ae-e53e18285a91
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
x-trace
2BDC4DA8C48C7A637097BC4DEBD7F32ECF92384969000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6fa22c8fcfeb9b8c-FRA
access-control-allow-headers
*
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7473065&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29c6d4503f66154661e5736cb422dbd2110fd48cc7f2825ae9c228b3f5a7fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://share.hsforms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
766578bc-b2a7-4973-b025-dc10ca8d0bf0
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdDv9UfshE%2BefNocLsWNqSaZRdviz%2FfzyeMX7SfcZMuBfs1HHBYMQQAbG%2BUw26MD2NFM40vDqR80shffCDgds34tB%2Fku3vwVPcB2jLfUlL%2FTAxHA4k%2F3nQdgThz%2BbfUeknKT9ZcA5XioFKsMD9BQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
6fa22c901e10904c-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=7473065&ccu=https%3A%2F%2Fshare.hsforms.com%2F1H2hL2eisSQ-YNofGG4Lh-A4g695&pu=https%3A%2F%2Fshare.hsforms.com%2F1H2hL2eisSQ-YNofGG4Lh-A4g695&t=Form&cts=1649663874573&vi=26ea11071985992527c2dab6629a1b21&nc=true&u=251652889.26ea11071985992527c2dab6629a1b21.1649663874565.1649663874565.1649663874565.1&b=251652889.1.1649663874568&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9ff5c424-e7ba-450c-b48b-5673180b82f5
cf-ray
6fa22c907c90918c-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MQJtXbYPG3rDN3Fwk0mvkHu6T%2B%2BHqQQpckMJmTeSrr0vnzN0muRvZo7mSzlOYeF7URf4lBV4Io4uPkfPGNzvAYN6CoCkgpAerw7QYAcyV%2BFkNvf2HdpOOLLjSBCLQu6k0jjOuSMGL2Mi1wY%2BGwv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/new-embed-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 07:16:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Apr 2022 07:57:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Apr 2022 07:57:54 GMT
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-DEFINITION_SUCCESS&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
ae898c85-572f-4169-bd4a-7ebf57ee6a63
cf-ray
6fa22c90edb79bef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2BAB5B79E4A48C01268A42C5252A4EA003BD1B719C000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=embed-script&valueInMs=231.20000076293945
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
e0294f81-f860-4c33-8e2f-29bbc4351040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
last-modified
Mon, 11 Apr 2022 07:57:54 GMT
server
cloudflare
x-trace
2B4050AD95CB3543FBB1F7FF960FF6D1AEFFAABC6C000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
6fa22c90fdef9bef-FRA
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=fetch-definition&valueInMs=210.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
ff6d61ea-f792-4fc5-a6a8-ca8625af59de
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
last-modified
Mon, 11 Apr 2022 07:57:54 GMT
server
cloudflare
x-trace
2B3996FD152C947BDEED5A5F141FF419AC5EF55D5E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
6fa22c90fdec9bef-FRA
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=render&valueInMs=21.599998474121094
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
60ceffad-a6c7-4761-a776-faa12783cc91
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
last-modified
Mon, 11 Apr 2022 07:57:54 GMT
server
cloudflare
x-trace
2BED9660A621DCBBC2031CC0695ED21920EE99F26D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
6fa22c90fdf29bef-FRA
__ptq.gif
track.hubspot.com/ 		45 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=1f684bd9-e8ac-490f-9836-87c61b82e1f8&fci=b0e5d62a-799d-4eac-bb31-0140d5c13d3c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=7473065&ccu=https%3A%2F%2Fshare.hsforms.com%2F1H2hL2eisSQ-YNofGG4Lh-A4g695&pu=https%3A%2F%2Fshare.hsforms.com%2F1H2hL2eisSQ-YNofGG4Lh-A4g695&t=Form&cts=1649663874689&vi=26ea11071985992527c2dab6629a1b21&nc=true&u=251652889.26ea11071985992527c2dab6629a1b21.1649663874565.1649663874565.1649663874565.1&b=251652889.1.1649663874568&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
ad506f7f-b078-416c-93d5-ef1902ce8bf0
cf-ray
6fa22c90ed71918c-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ae3ogqPDOu0T3dlDClknuc54DwGWO9fZ2BihewfD2XU%2F5zJmzmnbloaCxp06wSc2FoSxUK2iH2fZlU12l1SvN8vcdiNYPhjGJ%2BpaMMJD95KitEzoRuvxaaa1YiMpsqxOa15YE%2BGASmkA3su7IjJD"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-RENDER_SUCCESS&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:54 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
2232b0f2-1701-4336-b6e2-d177ee3786b2
cf-ray
6fa22c90fdbd9bef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2B193F34B925AAB50D41829C4FB382F808D6FA32F5000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=1f684bd9-e8ac-490f-9836-87c61b82e1f8&fci=b0e5d62a-799d-4eac-bb31-0140d5c13d3c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1541009889&v=1.1&a=7473065&ccu=https%3A%2F%2Fshare.hsforms.com%2F1H2hL2eisSQ-YNofGG4Lh-A4g695&pu=https%3A%2F%2Fshare.hsforms.com%2F1H2hL2eisSQ-YNofGG4Lh-A4g695&t=Form&cts=1649663874691&vi=26ea11071985992527c2dab6629a1b21&nc=true&u=251652889.26ea11071985992527c2dab6629a1b21.1649663874565.1649663874565.1649663874565.1&b=251652889.1.1649663874568&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:55 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
fbcfcfea-b52b-4765-a859-70d26f4d6ea1
cf-ray
6fa22c90ed73918c-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhQMmXDhkaet8wsLVZkOrfBUUcMsMhr4eM%2B1AXQ39c41VmcdRH66YysvXhAU7vQxQ5%2FXUXPGuQkxN%2Bex7OQLXYya%2FFWRglT%2B1iGFYzLAhjcyDUVp5QDH2LsqVuRUdXPO10H8VzvDC%2Foj4MS4seTK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 07:57:55 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
8919fc2e-7cec-4f57-9840-a62f72d5293a
cf-ray
6fa22c911e869b77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2BF1F20A2D62D12ED6A995A6A5BDC1FEA83C2CD111000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://share.hsforms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 06:04:00 GMT
x-content-type-options
nosniff
age
525234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 06:04:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isQa string| apiHubspotUrl string| formsHsFormsUrl string| perfHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| _hsp function| bindToWindowOnError function| OutpostErrorReporter object| hubspot object| HubSpotForms object| hbspt boolean| PIXELS_RAN boolean| _hspb_loaded boolean| hubspot_live_messages_running object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

6 Cookies

Domain/Path Name / Value
.mingers.law/ Name: KTSBS85994816
Value: 20003070308
.hsforms.com/ Name: __hstc
Value: 251652889.26ea11071985992527c2dab6629a1b21.1649663874565.1649663874565.1649663874565.1
.hsforms.com/ Name: hubspotutk
Value: 26ea11071985992527c2dab6629a1b21
.hsforms.com/ Name: __hssrc
Value: 1
.hsforms.com/ Name: __hssc
Value: 251652889.1.1649663874568
.hubspot.com/ Name: __cf_bm
Value: JEiaLyPxr_FAPJHDQu2s90cFjqkD7PwMBimySLVmrNY-1649663875-0-AflDJrOGevPZcbgsK6OpT+uuo+QaXXpMz1GvlJThjFtonbK0y+kUa0tOqNIVbVit8UgSniIn4PB/pKD35N7/jDs=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
klick.mingers.law
perf.hsforms.com
share.hsforms.com
static.hsappstatic.net
track.hubspot.com
213.227.171.83
2606:4700::6810:5705
2606:4700::6810:5905
2606:4700::6811:44b0
2606:4700::6811:74b0
2606:4700::6811:81ab
2606:4700::6811:9d2
2606:4700::6811:b849
2606:4700::6811:d3cc
2606:4700::6811:eccc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
11091ffd2944b25784e079d407d5b4fe3c447467854ee0dae107ccc4830469f8
1d92ffb1b7b56e73108aefdc7f027e31f8b875ec48d17efa2b93113daf325ce2
3a923352446c00d3d1f2dfcde92fa20e0b82e33d23a80ab22cd3cc2cf9ce9ec4
3ea30b37a1a45671d992fd7f576abc9bb26eccb4a8d023f32bbe3f86f334bdea
45856531d0231f99e430f63c4bbb86e4e0acc18b9231563d2fd23901837c6381
67e8f1f95b649be463455a88bdca02eb2e561cf46b8d3eb97ad2e624ee4a51b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
85acdc637643166bc2250b1e2f9807f0a47429d7c254debbcbb0091fb4fe3c19
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
c37f9f1230e8006b68895805d9e9217094a74fa6649ed6a63d3a3336918c37b9
c7dfc4e483afe5bd10d460f7a133edce4df36cbb118fdbd7224594c67700d4a7
d29c6d4503f66154661e5736cb422dbd2110fd48cc7f2825ae9c228b3f5a7fef
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4