urlscan.io logo urlscan.io
SecurityTrails logo

share-eu1.hsforms.com Open in urlscan Pro
172.65.198.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net
Effective URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Submission Tags: falconsandbox
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 18 HTTP transactions. The main IP is 172.65.198.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is share-eu1.hsforms.com. The Cisco Umbrella rank of the primary domain is 507212.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.
This is the only time share-eu1.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.180.174.73 10692 (DLS-LITH)
2 2600:9000:214... 16509 (AMAZON-02)
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 1 172.67.142.34 13335 (CLOUDFLAR...)
2 172.65.198.19 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.65.255.172 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
2 172.65.192.122 13335 (CLOUDFLAR...)
4 172.65.232.43 13335 (CLOUDFLAR...)
3 172.65.240.166 13335 (CLOUDFLAR...)
18 10
1    216.180.174.73 (Northbrook, United States)

ASN10692 (DLS-LITH, US)
PTR: enewsletter.paradigmproductions.com
enewsletter.paradigmproductions.com
2    2600:9000:214f:e600:e:416b:9040:21 (United States)

ASN16509 (AMAZON-02, US)
d2w4vx5eorfqdd.cloudfront.net
1    2a02:26f0:3500:1b::1724:a386 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    172.67.142.34 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wbrandplus.shop
2    172.65.198.19 (United States)

ASN13335 (CLOUDFLARENET, US)
share-eu1.hsforms.com
1    2606:4700::6811:ae5b (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsforms.net
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
2    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
forms-eu1.hscollectedforms.net
4    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
3    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
Apex Domain
Subdomains		 Transfer
6 hsforms.com
share-eu1.hsforms.com — Cisco Umbrella Rank: 507212
forms-eu1.hsforms.com — Cisco Umbrella Rank: 28484
18 KB
3 hubspot.com
track-eu1.hubspot.com — Cisco Umbrella Rank: 16017
3 KB
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 26734
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 27597
26 KB
2 cloudfront.net
d2w4vx5eorfqdd.cloudfront.net
1 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 15561
21 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 15423
23 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14485
1 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 51913
151 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5709
3 KB
1 wbrandplus.shop
www.wbrandplus.shop
520 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 52
427 B
1 paradigmproductions.com
enewsletter.paradigmproductions.com
501 B
18 12
Domain Requested by
4 forms-eu1.hsforms.com js-eu1.hsforms.net
share-eu1.hsforms.com
3 track-eu1.hubspot.com
2 share-eu1.hsforms.com
2 d2w4vx5eorfqdd.cloudfront.net
1 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hs-scripts.com share-eu1.hsforms.com
1 js-eu1.hsforms.net share-eu1.hsforms.com
1 static.hsappstatic.net share-eu1.hsforms.com
1 www.wbrandplus.shop 1 redirects
1 www.bing.com 1 redirects
1 enewsletter.paradigmproductions.com 1 redirects
18 14

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
hsforms.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
hsappstatic.net
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
hsforms.net
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
hscollectedforms.net
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Frame ID: 639A665AB6757D6473D9CF16714B65D3
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Form

Page URL History Show full URLs

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfron... HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfron... HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfron... HTTP 302
    http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    https://d2w4vx5eorfqdd.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLT... HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Page Statistics

18
Requests

100 %
HTTPS

23 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

247 kB
Transfer

720 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net HTTP 302
    http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    https://d2w4vx5eorfqdd.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa5664c&psq=site%3awbrandplus.shop&u=a1aHR0cHM6Ly93d3cud2JyYW5kcGx1cy5zaG9wL2ZyZWl6ZWl0LXNwb3J0LXJlaXNlbi1jLTMzOTQuaHRt HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net HTTP 307
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net HTTP 307
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net HTTP 302
  • http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
  • https://d2w4vx5eorfqdd.cloudfront.net/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
d2w4vx5eorfqdd.cloudfront.net/
Redirect Chain
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=%2F%2Fd2w4vx5eorfqdd.cloudfront.net
  • http://d2w4vx5eorfqdd.cloudfront.net/
  • https://d2w4vx5eorfqdd.cloudfront.net/
514 B
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d2w4vx5eorfqdd.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e600:e:416b:9040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
50
content-length
514
content-type
text/html
date
Tue, 21 May 2024 08:20:11 GMT
etag
"abc916b4384787333035531b1efef58c"
last-modified
Fri, 17 May 2024 06:29:13 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-id
U7TpQ-gA9iyaBmxIzfFyJ6ajF_4mygpmSzhD-gmGGjTlGp-U0FmzKw==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

Location
https://d2w4vx5eorfqdd.cloudfront.net/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 1ap7HrXgCTJyalOCfndivKw2e4z9o
share-eu1.hsforms.com/
Redirect Chain
  • https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa...
  • https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm
  • https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e055551e14b5c858a9d12f3f72cd44dff66a1cb34653bc7550a2a43459179873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d2w4vx5eorfqdd.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
false
Age
485
CF-Cache-Status
DYNAMIC
CF-RAY
88732687f9dc6a73-TXL
Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Tue, 21 May 2024 08:21:00 GMT
Last-Modified
Mon, 20 May 2024 08:11:17 UTC
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
origin
Via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
i9yDS8Ng2NbOkkeqLLCPp27APeBCu2WKG4DhaQ0_3brcELLe-jKUSQ==
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-HS-Cache-Status
HIT
X-HS-Target-Asset
forms-submission-pages/static-1.4428/html/share.html
alt-svc
h3=":443"; ma=86400
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
UsPLJr_Y63Jhhn_ObY52ceAQrNdpJdSl
x-envoy-upstream-service-time
1
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
13082f02-7b0f-47db-ab4b-8939eb89d885
x-request-id
13082f02-7b0f-47db-ab4b-8939eb89d885

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
88732686eb593a9c-FRA
content-length
167
content-type
text/html
date
Tue, 21 May 2024 08:21:00 GMT
expires
Tue, 21 May 2024 09:21:00 GMT
location
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00e6NLeIPbYuqYK4kyvORvuMeUVQ%2BXgqDl5Ycp%2FcpG%2B26hZIz79%2FlN8Tdz9G3HselzOy3ZYnT%2BoKIWIXVT3MPC10LRIZBvsvIZCgCPynBY1VMg6JKkBuXeg67PJWAzqd%2BJEbtCiJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
d2w4vx5eorfqdd.cloudfront.net/ 		263 B
502 B 		Other
General
Check archive.org
Download Go to
Full URL
https://d2w4vx5eorfqdd.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e600:e:416b:9040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d2w4vx5eorfqdd.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:00 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ROL94ulitEEY9a0A4EU0Kwlx42JlB8CQmnJlbL393LBlOvJiWImW2A==
x-cache
Error from cloudfront
content-type
application/xml
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.4428/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.4428/bundles/share-legacy.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89b69a04cdd8cd93c16c860373428bd0b275c2f3db902462aa2adb32e8c0c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:01 GMT
x-amz-version-id
FOnBjfKw0Rb87dpzaUiKeSZjCgk6xSFc
via
1.1 a321fbca3f677651c704e7e61331ecb6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
VIE50-P2
age
86971
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 May 2024 23:08:17 GMT
server
cloudflare
etag
W/"8532720fea6d4e032be3996e2a8c37c5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fndQGanfu4B8QsG%2BTQ6rivB8njulwpCCRmcA6oR5Txndw0Wgkr1czCMkzCy0eY%2FtDwlFD5FvP7crFw%2BzZcF1vdlpcQ4PBjeXO2syg33bjAIprjFD%2BXjodqCPyfhD%2Bu9EgkJyRRGl7M79fvtenW1cgTYvelg%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
8873268a48c9a03d-FRA
x-amz-cf-id
BkDjjf_cwCufqJRTZkYqcMA6Qy1kanSG6-8NMBgIUGIq_4x5q5QrvA==
expires
Wed, 21 May 2025 08:21:01 GMT
v3.js
js-eu1.hsforms.net/forms/embed/ 		472 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsforms.net/forms/embed/v3.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
302
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5182/bundles/project-v3.js&cfRay=8872237f643e58f6-TXL
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"dff4ba3711b02da1824149f5b571bb4e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5182/bundles/project-v3.js
date
Tue, 21 May 2024 08:21:01 GMT
x-amz-version-id
xsG5fY3E.Nt_nX1yzNbxZM2eFSp9.4SB
via
1.1 337ce1d1833905a0473cbaec913a354c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
dba56a3a-9cf1-4910-9a69-74a7144f1389
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
dba56a3a-9cf1-4910-9a69-74a7144f1389
last-modified
Fri, 03 May 2024 16:00:07 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFiWC9o7VvZOpi3DRpfvw5aXHWkIQKYwjoCFs4JJTvqdwgvW6SDp8X4SMWyFJUlWZxePGvntgCjm5%2FzBD83T6SYkAszT9zjutRh%2BhkpxVP%2FkPZpycpHPvmIIMi6N3loDFczzuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
cf-ray
8873268b1ef958d8-TXL
x-amz-cf-id
LdgWUJSt0-lT58WBWfZPHsG67b8_jKPG87YswcIaUJpru8T6fq-ucw==
144679308.js
js-eu1.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/144679308.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919193fea9d89d335af3f67051d21a71cf5bf0afbc6ab8f9adb0d829f5303890
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5f48c4ce-3f2b-4173-8cd4-0dd7cadace85
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5f48c4ce-3f2b-4173-8cd4-0dd7cadace85
last-modified
Mon, 20 May 2024 14:11:38 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-68d6f869c4-64bgm
access-control-allow-credentials
true
cf-ray
8873268b185b4528-TXL
banner.js
js-eu1.hs-banner.com/v2/144679308/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/v2/144679308/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cdc4f88b19b87e7c6d7a1a1038640f815248477460a56bc101ee8d87e250fc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:01 GMT
x-amz-version-id
uF90oRiXNQO91XxETzHPI46Px_5rrPeZ
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
V9XPN4D67F65DBWP
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
8f010202-f22f-452f-a11c-f41f9043bbd9
x-envoy-upstream-service-time
80
x-amz-id-2
41YluHQRj4/JUnSEma/OT2H85JW2mWcwzn7woy8gejH+5UqCNcG9PhEylX2eVpLYT7lI48U6AWY=
x-evy-trace-listener
listener_https
x-request-id
8f010202-f22f-452f-a11c-f41f9043bbd9
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 15 May 2024 10:12:08 GMT
server
cloudflare
etag
W/"d2a70030c34e6977b3cfc2963d9d5cea"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-tzlhx
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8873268dae80451c-TXL
expires
Tue, 21 May 2024 08:26:01 GMT
144679308.js
js-eu1.hs-analytics.net/analytics/1716279600000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1716279600000/144679308.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769b1be69226bd2eb9cda9e402d5eb168e905553bcf56ff8d852ab1502932517

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:02 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
0BDV8ZJDCVTYVAWX
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
ed2f2c76-211d-43b9-bf53-1097b52e4e69
x-envoy-upstream-service-time
31
x-amz-id-2
DLGRHfWJkfXsay4L5q9abIHSWHZeoKKwvlGT4h43RT/Te+TI/9ZxMiboqcfY1CEHME1Ov++zBW6kw4Lt+lEnO8JtkWEc7gWziQaZlmLxDwo=
x-evy-trace-listener
listener_https
x-request-id
ed2f2c76-211d-43b9-bf53-1097b52e4e69
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 15 May 2024 10:12:14 GMT
server
cloudflare
etag
W/"d9c853087c80124266d2ea2ace76c621"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8873268f1a1c6a77-TXL
expires
Tue, 21 May 2024 08:26:02 GMT
collectedforms.js
js-eu1.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144679308.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
37
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=88722760f882451c-TXL
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
date
Tue, 21 May 2024 08:21:01 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via
1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
76b644ab-756a-43db-9130-d9bf3cda8ccd
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-request-id
76b644ab-756a-43db-9130-d9bf3cda8ccd
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
cf-ray
8873268d2a6aaca7-TXL
x-amz-cf-id
5xTx-1WXnWNwQprz7GDXAzcGrJzwQFno0ByCRnQipRp0FayjF50Erw==
json
forms-eu1.hsforms.com/embed/v3/form/144679308/6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/144679308/6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182
Requested by
Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/embed/v3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f23a43e17bd895b35ee389ec9c7389fc308ab4384d2e93b3f4dda5f4968cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Origin-Hublet
eu1
Date
Tue, 21 May 2024 08:21:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
42b853b1-36ce-4301-a40e-e1df5eccb4ad
Transfer-Encoding
chunked
x-envoy-upstream-service-time
16
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
42b853b1-36ce-4301-a40e-e1df5eccb4ad
Server
cloudflare
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-62tvh
Access-Control-Max-Age
180
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
8873268dbd3844f8-TXL
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 		137 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=144679308&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e47c7bc53878fac8cde7912fea6afeed730f1c8da9bbfe673fc7b266c82366
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
05a4f25a-f587-40ce-b8f2-fa1eca0777bf
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
05a4f25a-f587-40ce-b8f2-fa1eca0777bf
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8873268e0d38aca7-TXL
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 08:21:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
1c4ad0d7-a6a8-440a-b10c-df9513d9b120
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1c4ad0d7-a6a8-440a-b10c-df9513d9b120
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-mxfm6
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
88732690deb62675-TXL
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 08:21:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
dc654af7-d6b9-4c96-85e3-7550da28528d
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
dc654af7-d6b9-4c96-85e3-7550da28528d
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-7h79k
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
88732690deb54534-TXL
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 08:21:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
95e7a89f-8e0c-4793-a6c6-e8b077678181
x-envoy-upstream-service-time
5
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
95e7a89f-8e0c-4793-a6c6-e8b077678181
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-wxt52
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
88732690ee5f451c-TXL
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2w4vx5eorfqdd.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1716279662312&vi=006085bd2155875babe57e398b13bbab&nc=true&u=251652889.006085bd2155875babe57e398b13bbab.1716279662309.1716279662309.1716279662309.1&b=251652889.1.1716279662310&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4a8135ad-42fd-4b8f-98ca-89c50e0f7a32
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
6
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4a8135ad-42fd-4b8f-98ca-89c50e0f7a32
last-modified
Tue, 21 May 2024 08:21:02 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGZ5LjsqNmMRN4GYAMPijmjCdNCYx9QJotJWIgwJ9X3fKl%2FsS%2BCvG3MUDqUNFLKHW2AJ2Iivw21lga2xXu8I%2FxVGNZt2bTLk%2BxM91hdTAjmZydcjknZi6FdXecUPEQ1cl%2FQ%2Bgqa3Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-hgcrf
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8873269249ed2675-TXL
x-robots-tag
none
__ptq.gif
track-eu1.hubspot.com/ 		45 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b&fci=6f79743c-72af-4816-8777-bca84c699828&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2w4vx5eorfqdd.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1716279662313&vi=006085bd2155875babe57e398b13bbab&nc=true&u=251652889.006085bd2155875babe57e398b13bbab.1716279662309.1716279662309.1716279662309.1&b=251652889.1.1716279662310&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
5fdfc0e7-15b6-4664-ac57-6bc6ee75b724
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5fdfc0e7-15b6-4664-ac57-6bc6ee75b724
last-modified
Tue, 21 May 2024 08:21:02 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvVs6VNjLAJMKDfbPGjl05k6Pdnyp4rokHpFF1UOO79vBZCfxIl%2B%2F3sLbWkEESIMvlsMZebq3bbzce%2BJH8CPTLjduDdUxtMAbZLGS2eLwQSTauQ0BSEC1P7R1YANOvHIJztlPwtYtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-9g2jt
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8873269249ea2675-TXL
x-robots-tag
none
__ptq.gif
track-eu1.hubspot.com/ 		45 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=6a9ec7ad-7802-4c9c-9a94-e09f9dd8af2b&fci=6f79743c-72af-4816-8777-bca84c699828&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=144679308&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&r=https%3A%2F%2Fd2w4vx5eorfqdd.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1ap7HrXgCTJyalOCfndivKw2e4z9o&t=Form&cts=1716279662314&vi=006085bd2155875babe57e398b13bbab&nc=true&u=251652889.006085bd2155875babe57e398b13bbab.1716279662309.1716279662309.1716279662309.1&b=251652889.1.1716279662310&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:21:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
78c19a5a-dbef-4ba3-a729-5c4fc1089483
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
78c19a5a-dbef-4ba3-a729-5c4fc1089483
last-modified
Tue, 21 May 2024 08:21:02 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwsQGONxUqLFSzxI5eUo4F2vboQgoCNaw54FphCyHWQbVuJ%2FTzsrAQwAWsBJjTDoyE4OHYLdnoE7nRI7ef1grtRVXtzjdHuNVIA4wgLpnK1D63n8B15JN%2BqZZathn1pRwxBdT2o4uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-vw5sb
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8873269249e62675-TXL
x-robots-tag
none
favicon.ico
share-eu1.hsforms.com/ 		12 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e055551e14b5c858a9d12f3f72cd44dff66a1cb34653bc7550a2a43459179873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Encoding
br
Age
600
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
x-evy-trace-listener
listener_https
Vary
origin, Accept-Encoding
Content-Type
text/html; charset=utf-8
x-evy-trace-virtual-host
all
Cache-Control
max-age=600
X-HS-Target-Asset
forms-submission-pages/static-1.4428/html/share.html
Date
Tue, 21 May 2024 08:21:02 GMT
x-amz-version-id
UsPLJr_Y63Jhhn_ObY52ceAQrNdpJdSl
Via
1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Amz-Cf-Pop
FRA60-P6
x-hubspot-correlation-id
43abf6b0-5e3e-4b49-84f2-9525471a661b
X-Cache
Hit from cloudfront
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
43abf6b0-5e3e-4b49-84f2-9525471a661b
Last-Modified
Mon, 20 May 2024 08:11:17 UTC
Server
cloudflare
X-HS-Cache-Status
HIT
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
Access-Control-Allow-Credentials
false
x-amz-meta-ao
{"allowIFrame":"always"}
CF-RAY
887326938c1c6a73-TXL
X-Amz-Cf-Id
TsfOXxxLuFH8ATxFmjbL3lziy7kDDAv3eRD-kvGN4GK_HEmWY-Hz1Q==

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| isQa object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isLocal string| apiHubspotUrl string| formsHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| _hsp object| hubspot object| HubSpotForms object| hbspt object| __hsCollectedFormsDebug object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime

13 Cookies

Domain/Path Name / Value
enewsletter.paradigmproductions.com/ Name: SSPIDER
Value: False
enewsletter.paradigmproductions.com/ Name: SCC
Value: DE
enewsletter.paradigmproductions.com/ Name: SRC
Value: --
enewsletter.paradigmproductions.com/ Name: SMC
Value: 0
.hsforms.com/ Name: __cf_bm
Value: gbnM3kTirKcGQrXbdxm4pOwJysdl8Kn6U61BcZCIXDc-1716279660-1.0.1.1-V4hluS8guFgLpGQ0oaesNGQXEG2UexHiDZ.Pk2sgMe3iKjOdiDNrTrWbIyLDKm_1YuxgzEwpaKazyOwKuZ7qYg
.hsforms.com/ Name: _cfuvid
Value: TTY9YV37GttIU8wBa6_5Cx4uReI.G2M4iJlw_DZQ.Hw-1716279660851-0.0.1.1-604800000
.hsforms.net/ Name: __cf_bm
Value: tylzlZnqKoe3cNMM8VGs4YBfsun.o81OLl56pFaNcOc-1716279661-1.0.1.1-o.SmF7lfmA4tv4yFgSztpltWyRtnIyTxcUoCNX0cljyiLeZdrOBDo6hsGI6lMxUrkgfdCnY5RJVCYbvwfZ0R.w
.hsforms.com/ Name: __hstc
Value: 251652889.006085bd2155875babe57e398b13bbab.1716279662309.1716279662309.1716279662309.1
.hsforms.com/ Name: hubspotutk
Value: 006085bd2155875babe57e398b13bbab
.hsforms.com/ Name: __hssrc
Value: 1
.hsforms.com/ Name: __hssc
Value: 251652889.1.1716279662310
.hubspot.com/ Name: _cfuvid
Value: R5dGIaH8L_9IkXMiOeX6zOfUU0OoH98SUEvEFYPMMB8-1716279662535-0.0.1.1-604800000
.hubspot.com/ Name: __cf_bm
Value: gUf_mwkS1gRZfTwyB_JoUdAa0DmIb3G41DSy8YebgzM-1716279662-1.0.1.1-nzbSai90T3KK83XfIUZFxWSssXoDSGNQDtSb6O52BA9_msz9LSLDLgYclH7S_gMo4GQJWvfFaaB9uOMqENG38g

8 Console Messages

Source Level URL
Text
network error URL: https://d2w4vx5eorfqdd.cloudfront.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.