urlscan.io logo urlscan.io
SecurityTrails logo

share-eu1.hsforms.com Open in urlscan Pro
172.65.198.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
Effective URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Submission: On May 17 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 11 domains to perform 9 HTTP transactions. The main IP is 172.65.198.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is share-eu1.hsforms.com. The Cisco Umbrella rank of the primary domain is 507212.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.
This is the only time share-eu1.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.180.174.73 10692 (DLS-LITH)
2 143.204.205.165 16509 (AMAZON-02)
1 1 95.100.146.40 20940 (AKAMAI-ASN1)
1 1 172.67.142.34 13335 (CLOUDFLAR...)
1 172.65.198.19 13335 (CLOUDFLAR...)
1 104.17.173.91 13335 (CLOUDFLAR...)
1 172.65.255.172 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
9 6
1    216.180.174.73 (Northbrook, United States)

ASN10692 (DLS-LITH, US)
PTR: bodyset.com
enewsletter.paradigmproductions.com
2    143.204.205.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-165.fra53.r.cloudfront.net
d2w4vx5eorfqdd.cloudfront.net
1    95.100.146.40 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-40.deploy.static.akamaitechnologies.com
www.bing.com
1    172.67.142.34 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wbrandplus.shop
1    172.65.198.19 (United States)

ASN13335 (CLOUDFLARENET, US)
share-eu1.hsforms.com
1    104.17.173.91 (None, )

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsforms.net
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
Apex Domain
Subdomains		 Transfer
2 cloudfront.net
d2w4vx5eorfqdd.cloudfront.net
2 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14485
1 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 51913
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5709
3 KB
1 hsforms.com
share-eu1.hsforms.com — Cisco Umbrella Rank: 507212
6 KB
1 wbrandplus.shop
www.wbrandplus.shop
480 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 52
427 B
1 paradigmproductions.com
enewsletter.paradigmproductions.com
501 B
0 hs-analytics.net Failed
js-eu1.hs-analytics.net Failed
0 hscollectedforms.net Failed
js-eu1.hscollectedforms.net Failed
0 hs-banner.com Failed
js-eu1.hs-banner.com Failed
9 11
Domain Requested by
2 d2w4vx5eorfqdd.cloudfront.net
1 js-eu1.hs-scripts.com share-eu1.hsforms.com
1 js-eu1.hsforms.net share-eu1.hsforms.com
1 static.hsappstatic.net share-eu1.hsforms.com
1 share-eu1.hsforms.com
1 www.wbrandplus.shop 1 redirects
1 www.bing.com 1 redirects
1 enewsletter.paradigmproductions.com 1 redirects
0 js-eu1.hs-analytics.net Failed js-eu1.hs-scripts.com
0 js-eu1.hscollectedforms.net Failed js-eu1.hs-scripts.com
0 js-eu1.hs-banner.com Failed js-eu1.hs-scripts.com
9 11

This site contains no links.

Subject Issuer Validity Valid
hsforms.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
hsappstatic.net
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
hsforms.net
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Frame ID: BE87B89343BFC3BAE9AFAD3857BEB1DC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Form

Page URL History Show full URLs

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 302
    http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    https://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    http://d2w4vx5eorfqdd.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLT... HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Page Statistics

9
Requests

44 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

6
IPs

3
Countries

11 kB
Transfer

55 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 302
    http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    https://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
    http://d2w4vx5eorfqdd.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa5664c&psq=site%3awbrandplus.shop&u=a1aHR0cHM6Ly93d3cud2JyYW5kcGx1cy5zaG9wL2ZyZWl6ZWl0LXNwb3J0LXJlaXNlbi1jLTMzOTQuaHRt HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 307
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net HTTP 302
  • http://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
  • https://d2w4vx5eorfqdd.cloudfront.net/ HTTP 307
  • http://d2w4vx5eorfqdd.cloudfront.net/

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
d2w4vx5eorfqdd.cloudfront.net/
Redirect Chain
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2w4vx5eorfqdd.cloudfront.net
  • http://d2w4vx5eorfqdd.cloudfront.net/
  • https://d2w4vx5eorfqdd.cloudfront.net/
  • http://d2w4vx5eorfqdd.cloudfront.net/
514 B
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
http://d2w4vx5eorfqdd.cloudfront.net/
Protocol
HTTP/1.1
Server
143.204.205.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-165.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9f83354170a23707ee379d1ab8bd82bfa61f637da0defd4c649bfc42a22809e

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
4592
Connection
keep-alive
Content-Length
514
Content-Type
text/html
Date
Fri, 17 May 2024 08:08:28 GMT
ETag
"abc916b4384787333035531b1efef58c"
Last-Modified
Fri, 17 May 2024 06:29:13 GMT
Server
AmazonS3
Via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
X-Amz-Cf-Id
49NqFuOw0QZdgS-l221EOGhnHVdhm_65wngKJ5M5ApekyIiUOQiYgQ==
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

Location
http://d2w4vx5eorfqdd.cloudfront.net/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 1ap7HrXgCTJyalOCfndivKw2e4z9o
share-eu1.hsforms.com/
Redirect Chain
  • https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa...
  • https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm
  • https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2cafeaaaa4afe8b10cbc061330b0214a34b78c5b73e4cc815205616ee618aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
http://d2w4vx5eorfqdd.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
false
Age
579
CF-Cache-Status
DYNAMIC
CF-RAY
88528ece997a2f97-MAD
Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Fri, 17 May 2024 09:25:01 GMT
Last-Modified
Wed, 15 May 2024 13:12:45 UTC
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
origin
Via
1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jNjVUsbJzTDbEDgkrsG1cXTTh6qCzGg7kdaiC6EFa6SmiYzGr9yCBQ==
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-HS-Cache-Status
HIT
X-HS-Target-Asset
forms-submission-pages/static-1.4417/html/share.html
alt-svc
h3=":443"; ma=86400
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
J3QpLTfRbGDTmdyeQDd1IeL6jKyq1vzn
x-envoy-upstream-service-time
1
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-4vrrf
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
a4be074e-0bea-40b8-bd36-e76314ff93f5
x-request-id
a4be074e-0bea-40b8-bd36-e76314ff93f5

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
88528ecb1db09243-FRA
content-length
167
content-type
text/html
date
Fri, 17 May 2024 09:25:01 GMT
expires
Fri, 17 May 2024 10:25:01 GMT
location
https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfGgsF%2BPrzKU4%2BOPFwBl6%2FmulnuFtRSvRFUIrX4yWFYSq5JFMsKvZWvcNAKrKvYE84rvveUh2xn1BgA7GFsuqS1be7jBApq3mRosn4jR3ygaj0Vta27dhIUlXvLuNVTS422EmvKX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
d2w4vx5eorfqdd.cloudfront.net/ 		263 B
637 B 		Other
General
Check archive.org
Download Go to
Full URL
http://d2w4vx5eorfqdd.cloudfront.net/favicon.ico
Protocol
HTTP/1.1
Server
143.204.205.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-165.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
http://d2w4vx5eorfqdd.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Fri, 17 May 2024 09:24:59 GMT
Via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
Transfer-Encoding
chunked
X-Cache
Error from cloudfront
Content-Type
application/xml
Connection
keep-alive
X-Amz-Cf-Id
SbICegVKEjPYhy0G9fpihaSnoxWtiEYY8r1OWmU5zXVROa6w-BUCgA==
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.4417/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.4417/bundles/share-legacy.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.173.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13935e84b91d8a91450936a40962e0ba27880a9b97617a95a44a01a9677d26f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:25:03 GMT
x-amz-version-id
sHb8bjdqrTWwVNw1y5k9z2X6L.ybtL.g
via
1.1 158d422f23d8099113265e29ef6041c0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MAD53-P4
age
159128
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 15 May 2024 10:07:48 GMT
server
cloudflare
etag
W/"6e85e73af8f582d2b9ef6299a38f1da0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhpS7JGHBLU3JXuF%2B51fKx4c6ck4%2FOft3sRzlwxgJpwzketp5cSI8Fc8xswd3AP79QZ7Vk5K34LBkEofdWthiRY9RaQz5lT6WBYMDeZ2b3%2FyV%2BgRWiEbmiD3jx4ZlRC138h2kj5LhaM%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
88528ed6ea906641-MAD
x-amz-cf-id
KWg9sMRVH2T67WPAa1LWYQLlaptOgvMbxpBi_gt4NLXFXZ7uIzNXrA==
expires
Sat, 17 May 2025 09:25:03 GMT
v3.js
js-eu1.hsforms.net/forms/embed/ 		36 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsforms.net/forms/embed/v3.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
398
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5182/bundles/project-v3.js&cfRay=8852852017c11ba7-MAD
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"dff4ba3711b02da1824149f5b571bb4e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5182/bundles/project-v3.js
date
Fri, 17 May 2024 09:25:03 GMT
x-amz-version-id
xsG5fY3E.Nt_nX1yzNbxZM2eFSp9.4SB
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
ee971090-8ddd-4769-a796-6f5d262eec22
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
25
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
ee971090-8ddd-4769-a796-6f5d262eec22
last-modified
Fri, 03 May 2024 16:00:07 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXnLrf7WCuNUn16vGAiEvIb8QoakezxuUXtcCQ22fEKFFunGO7jSGlSrJ7qvyQ8MpeNzfNPJeWzuOAFD0YWhqET1aAJ8i6N7JQJnnt9oRL90%2FUXiopREib%2BfhNm06xheqOphFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
cf-ray
88528ed64e885e19-MAD
x-amz-cf-id
hcNK8t3x1_Y9OPgmncxdYD9GYdn_0eYrLy5iC1wElbW-CnSDr68LRQ==
144679308.js
js-eu1.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/144679308.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edbe3494f147c02bf89a649ee17a834fed33ebce429e62428159c3f421bdc1c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://share-eu1.hsforms.com/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 09:25:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-hubspot-correlation-id
2fc4ca92-149d-442c-96ef-a344383d5a53
x-evy-trace-route-service-name
envoyset-translator
cf-polished
origSize=1575
age
844
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2fc4ca92-149d-442c-96ef-a344383d5a53
cf-bgj
minify
last-modified
Fri, 17 May 2024 09:10:59 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-68d6f869c4-r7t4g
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
88528ed6490c0420-MAD
banner.js
js-eu1.hs-banner.com/v2/144679308/ 		0
0
collectedforms.js
js-eu1.hscollectedforms.net/ 		0
0
144679308.js
js-eu1.hs-analytics.net/analytics/1715937000000/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js-eu1.hs-banner.com
URL
https://js-eu1.hs-banner.com/v2/144679308/banner.js
Domain
js-eu1.hscollectedforms.net
URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Domain
js-eu1.hs-analytics.net
URL
https://js-eu1.hs-analytics.net/analytics/1715937000000/144679308.js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| isQa object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isLocal string| apiHubspotUrl string| formsHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| _hsp

7 Cookies

Domain/Path Name / Value
enewsletter.paradigmproductions.com/ Name: SSPIDER
Value: False
enewsletter.paradigmproductions.com/ Name: SCC
Value: --
enewsletter.paradigmproductions.com/ Name: SRC
Value: --
enewsletter.paradigmproductions.com/ Name: SMC
Value: 0
.hsforms.com/ Name: __cf_bm
Value: 7HwpwrfzI_3RPgUWedKJ8Heh3aqItThsC1bzthdQn5w-1715937901-1.0.1.1-C7uYw2PKlbsOTsnfazOQHcI.ZBsock6aStWDi.4b3FZv1ftvB8KhOz5jmJk7goL5N0.nGFR0IUhKfoJdoM_LeQ
.hsforms.com/ Name: _cfuvid
Value: .sAGJCCvyGf.LunJjej2Kx7t9YEr1Kfqs8fObeK3b7Q-1715937901972-0.0.1.1-604800000
.hsforms.net/ Name: __cf_bm
Value: sfvVxe0uRLM2L07YLG5SutnkO0f3HJ49pbtdmoaZONc-1715937903-1.0.1.1-eM1TOosyhe3KzCUbIh0MzFEaZPMK6Vqu7BzvXk87_yv_vaSULPMtpHb1f19GZwT2HJ3hdVo9DJ3ijZmUfOywcg

2 Console Messages

Source Level URL
Text
network error URL: http://d2w4vx5eorfqdd.cloudfront.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://share-eu1.hsforms.com/1ap7HrXgCTJyalOCfndivKw2e4z9o
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.