leadstar-8589616.hs-sites.com Open in urlscan Pro
104.16.116.104  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

Search URL Search Domain Scan URL

Search URL Search Domain Scan URL

Search URL Search Domain Scan URL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set do-my-emotions-make-you-uncomfortable Show response leadstar-8589616.hs-sites.com/	44 KB 7 KB	1448ms 1442ms	Document text/html	104.16.116.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://leadstar-8589616.hs-sites.com/do-my-emotions-make-you-uncomfortable Protocol HTTP/1.1 Server 104.16.116.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / HubSpot Resource Hash d447d3a8d4eb5aa3da1b2da5761dde69d2213dcb9dd87715de312ae7113c0e26 Request headers Host leadstar-8589616.hs-sites.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon, 04 Oct 2021 14:23:42 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive CF-Ray 698f11cb4c9b2c26-FRA Cache-Control s-maxage=10,max-age=5 Content-Encoding gzip Vary Accept-Encoding CF-Cache-Status MISS Access-Control-Allow-Credentials false Edge-Cache-Tag CT-56600468398,P-8589616,PGS-ALL,SW-1 X-HS-Cache-Config BrowserCache-5s-EdgeCache-10s X-HS-Content-Id 56600468398 X-HS-Hub-Id 8589616 X-HubSpot-Correlation-Id 8907eab0-93ec-4219-8d4e-553f3580e9c4 X-Powered-By HubSpot X-Robots-Tag none X-Trace 2BA23F4BA7134EACB6F0D61B61537C107CEEC07A9E000000000000000000 Set-Cookie __cfruid=7ec67e37aeef33beb2e2ec58a58fbb8f23bbbb31-1633357422; path=/; domain=.hs-sites.com; HttpOnly Server cloudflare
GET H2	200	Emotions.png hs-8589616.f.hubspotemail.net/hub/8589616/hubfs/	437 KB 438 KB	305ms 284ms	Image image/webp	104.18.165.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hs-8589616.f.hubspotemail.net/hub/8589616/hubfs/Emotions.png?upscale=true&width=1200&upscale=true&name=Emotions.png Requested by Host: leadstar-8589616.hs-sites.com URL: http://leadstar-8589616.hs-sites.com/do-my-emotions-make-you-uncomfortable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.165.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9364f8e63f879663c75aa4bce3073074a4d35e2ee1ee6173767e048eb52bf935 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://leadstar-8589616.hs-sites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 14:23:43 GMT via 1.1 6b8cdd1ce925ccd88cc918dd35811d07.cloudfront.net (CloudFront) vary Accept, Accept-Encoding cf-cache-status HIT age 54 cf-polished origFmt=png, origSize=781783 edge-cache-tag F-56600279126,P-8589616,FLS-ALL x-edge-origin-shield-skipped 0 x-amz-replication-status COMPLETED content-disposition inline; filename="Emotions.webp" x-hs-cf-lambda us-east-1.enforceAclForReadsProd 12 content-length 447770 x-amz-server-side-encryption AES256 last-modified Sat, 02 Oct 2021 15:59:26 GMT server cloudflare x-cache RefreshHit from cloudfront etag "97d18135ced9a6cd0660f5ece91f68f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload access-control-allow-methods GET content-type image/webp access-control-allow-origin * cf-bgj imgq:85,h2pri cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-cf-pop IAD89-C1 accept-ranges bytes cf-ray 698f11d48fda5cb6-FRA x-amz-cf-id tihsuz1TO6o6yAkM0E-kag_2J6r7N4z5KdlkOFzs5LS_NEVJByj7bA== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 12
GET H2	200	Paper%20Airplanes_Newsletter_Page.jpg hs-8589616.f.hubspotemail.net/hub/8589616/hubfs/	4 KB 4 KB	300ms 280ms	Image image/webp	104.18.165.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hs-8589616.f.hubspotemail.net/hub/8589616/hubfs/Paper%20Airplanes_Newsletter_Page.jpg?upscale=true&width=250&upscale=true&name=Paper%20Airplanes_Newsletter_Page.jpg Requested by Host: leadstar-8589616.hs-sites.com URL: http://leadstar-8589616.hs-sites.com/do-my-emotions-make-you-uncomfortable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.165.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 971f7fe1c804a73c168fcf6e6c7da4b49f81c6831a7f75d3968025be5a6ec427 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://leadstar-8589616.hs-sites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 14:23:43 GMT via 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront) vary Accept, Accept-Encoding cf-cache-status HIT age 54 cf-polished qual=85, origFmt=jpeg, origSize=5054 edge-cache-tag F-50907114928,P-8589616,FLS-ALL x-edge-origin-shield-skipped 0 x-amz-replication-status COMPLETED content-disposition inline; filename="Paper%20Airplanes_Newsletter_Page.webp" x-hs-cf-lambda us-east-1.enforceAclForReadsProd 12 content-length 3962 x-amz-server-side-encryption AES256 last-modified Thu, 23 Sep 2021 15:59:07 GMT server cloudflare x-cache RefreshHit from cloudfront etag "23688a544ac29768c692ee14b07d32bd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload access-control-allow-methods GET content-type image/webp access-control-allow-origin * cf-bgj imgq:85,h2pri cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-cf-pop IAD89-C1 accept-ranges bytes cf-ray 698f11d48fde5cb6-FRA x-amz-cf-id Zi2SZAufCivrQs118CnisreAj0cLuJe7dqm2ETShQPeLcdqmVv7_DQ== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 12
GET H2	200	facebook_circle_grey.png hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/	1 KB 2 KB	171ms 151ms	Image image/png	104.18.165.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/facebook_circle_grey.png Requested by Host: leadstar-8589616.hs-sites.com URL: http://leadstar-8589616.hs-sites.com/do-my-emotions-make-you-uncomfortable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.165.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb18858eeea8f57e60d5205b2dc26e2e7e90a71049061ad67711756f70b34331 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://leadstar-8589616.hs-sites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 14:23:42 GMT via 1.1 b838ef1ff22a4a994af82d5178c30e1d.cloudfront.net (CloudFront) cf-cache-status HIT age 14631093 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1046 last-modified Tue, 19 Feb 2019 13:41:10 GMT server cloudflare etag "de6d52fc35eecd4ffe4e58ac7df9c354" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cf-bgj csam-hash cache-control public, max-age=31536000 x-amz-version-id 2xLn.7PnsMmF.99gvX70B_bXTyaLTi_w x-amz-cf-pop SEA19-C1 accept-ranges bytes cf-ray 698f11d48fe05cb6-FRA x-amz-cf-id 47YmXBU62Uxsw3XPpl_afp3JFtMcaPvTrSdaty1uBsUIvqkmyd4VcQ== expires Tue, 04 Oct 2022 14:23:42 GMT
GET H2	200	linkedin_circle_grey.png hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/	1 KB 1 KB	182ms 163ms	Image image/png	104.18.165.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/linkedin_circle_grey.png Requested by Host: leadstar-8589616.hs-sites.com URL: http://leadstar-8589616.hs-sites.com/do-my-emotions-make-you-uncomfortable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.165.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79068ad452e43c155a92216ef4ab66dda194ee7be865c416312faad570cb3faf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://leadstar-8589616.hs-sites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 14:23:42 GMT via 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront) cf-cache-status HIT age 14505446 x-cache Hit from cloudfront x-amz-replication-status COMPLETED strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1159 last-modified Tue, 19 Feb 2019 13:41:13 GMT server cloudflare etag "053ae9a1b605b31eae3099e1ba4be36a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cf-bgj csam-hash cache-control public, max-age=31536000 x-amz-version-id ockzQPuhEygK0uB3iwcq_ENG_nfmxvsG x-amz-cf-pop SEA19-C1 accept-ranges bytes cf-ray 698f11d48fe25cb6-FRA x-amz-cf-id cdtczwq1a7vlApe2ke2VDVADB9F06F1nmbFjF1V4O9cPH2zdZaVbWQ== expires Tue, 04 Oct 2022 14:23:42 GMT
GET H2	200	twitter_circle_grey.png hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/	1 KB 2 KB	193ms 174ms	Image image/png	104.18.165.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/twitter_circle_grey.png Requested by Host: leadstar-8589616.hs-sites.com URL: http://leadstar-8589616.hs-sites.com/do-my-emotions-make-you-uncomfortable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.165.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb3946dc834c082b0821ebae53edfa146d3c661a3e3d33e5100893028129bac8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://leadstar-8589616.hs-sites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 14:23:42 GMT via 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront) cf-cache-status HIT age 3587909 x-cache Miss from cloudfront x-amz-replication-status COMPLETED strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1427 last-modified Tue, 19 Feb 2019 13:41:11 GMT server cloudflare etag "f37ff1c6638be315a6b3d09ff7e30e42" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cf-bgj h2pri,csam-hash cache-control public, max-age=31536000 x-amz-version-id bnzWJ2gA63i3tHxRNbrzwtXTLJduBg7P x-amz-cf-pop FRA2-C2 accept-ranges bytes cf-ray 698f11d48fe35cb6-FRA x-amz-cf-id deXPSB9s7-8NzgZvgnKdKaP8BTwUZnD_s4M0hbb4dpamdWsvIRzNRA== expires Tue, 04 Oct 2022 14:23:42 GMT
GET H2	200	instagram_circle_grey.png hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/	2 KB 2 KB	178ms 159ms	Image image/png	104.18.165.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hs-8589616.f.hubspotemail.net/hs/hsstatic/TemplateAssets/static-1.24/img/hs_default_template_images/modules/Follow+Me+-+Email/instagram_circle_grey.png Requested by Host: leadstar-8589616.hs-sites.com URL: http://leadstar-8589616.hs-sites.com/do-my-emotions-make-you-uncomfortable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.165.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06092194b96b700d0380cdb9abeb9339430a2370f00bf4de1b4923c4605aafcd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer http://leadstar-8589616.hs-sites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 04 Oct 2021 14:23:42 GMT via 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront) cf-cache-status HIT age 12164754 x-cache Hit from cloudfront x-amz-replication-status COMPLETED strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1624 last-modified Tue, 19 Feb 2019 13:41:12 GMT server cloudflare etag "21f54943ce493997126503ab552f98ef" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cf-bgj csam-hash cache-control public, max-age=31536000 x-amz-version-id LQ_QaEE9qrb5fwFZtoO04GXt8sVLOjxD x-amz-cf-pop FRA56-C2 accept-ranges bytes cf-ray 698f11d48fe55cb6-FRA x-amz-cf-id Bi3d5_aMavaBQCDvozdfrp6yF-4EzWV0v576h7a9gcErTsdNcBnIXg== expires Tue, 04 Oct 2022 14:23:42 GMT

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hs-8589616.f.hubspotemail.net
leadstar-8589616.hs-sites.com
104.16.116.104
104.18.165.5
06092194b96b700d0380cdb9abeb9339430a2370f00bf4de1b4923c4605aafcd
79068ad452e43c155a92216ef4ab66dda194ee7be865c416312faad570cb3faf
9364f8e63f879663c75aa4bce3073074a4d35e2ee1ee6173767e048eb52bf935
971f7fe1c804a73c168fcf6e6c7da4b49f81c6831a7f75d3968025be5a6ec427
d447d3a8d4eb5aa3da1b2da5761dde69d2213dcb9dd87715de312ae7113c0e26
eb18858eeea8f57e60d5205b2dc26e2e7e90a71049061ad67711756f70b34331
fb3946dc834c082b0821ebae53edfa146d3c661a3e3d33e5100893028129bac8