urlscan.io logo urlscan.io
SecurityTrails logo

share.hsforms.com Open in urlscan Pro
2606:4700::6810:5505  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://order.weshield.us/e3t/Ctc/RI%2A113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T2...
Effective URL: https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS...
Submission: On August 18 via api from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 11 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6810:5505, located in United States and belongs to CLOUDFLARENET, US. The main domain is share.hsforms.com. The Cisco Umbrella rank of the primary domain is 120706.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.
This is the only time share.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 13
2    2606:2c40::c73c:67e4 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
order.weshield.us
4    2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)
share.hsforms.com
forms-na1.hsforms.com
forms.hsforms.com
1    2606:4700::6811:6d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2606:4700::6810:b772 (United States)

ASN13335 (CLOUDFLARENET, US)
f.hubspotusercontent40.net
Apex Domain
Subdomains		 Transfer
5 hsforms.com
share.hsforms.com — Cisco Umbrella Rank: 120706
forms.hsforms.com — Cisco Umbrella Rank: 4341
forms-na1.hsforms.com — Cisco Umbrella Rank: 51492
8 KB
4 hubspot.com
forms.hubspot.com — Cisco Umbrella Rank: 3009
track.hubspot.com — Cisco Umbrella Rank: 2112
3 KB
2 weshield.us
order.weshield.us — Cisco Umbrella Rank: 487500
4 KB
1 hubspotusercontent40.net
f.hubspotusercontent40.net — Cisco Umbrella Rank: 28826
19 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 1988
20 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3133
3 KB
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4807
25 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2009
16 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2226
1004 B
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6505
167 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 6886
3 KB
18 11
Domain Requested by
3 track.hubspot.com
2 forms-na1.hsforms.com
2 forms.hsforms.com js.hsforms.net
2 order.weshield.us 1 redirects
1 f.hubspotusercontent40.net
1 forms.hubspot.com js.hscollectedforms.net
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-scripts.com share.hsforms.com
1 js.hsforms.net share.hsforms.com
1 static.hsappstatic.net share.hsforms.com
1 share.hsforms.com order.weshield.us
18 14

This site contains no links.

Subject Issuer Validity Valid
order.weshield.us
Cloudflare Inc ECC CA-3		 2022-01-18 -
2023-01-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2022-05-10 -
2023-05-10		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation
Frame ID: F77884ED7A1403F072F5C864DFA7FFD1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Form

Page URL History Show full URLs

  1. https://order.weshield.us/e3t/Ctc/RI%2A113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1... Page URL
  2. https://order.weshield.us/events/public/v1/encoded/track/tc/RI*113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4... HTTP 307
    https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

11
Domains

14
Subdomains

13
IPs

1
Countries

268 kB
Transfer

805 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://order.weshield.us/e3t/Ctc/RI%2A113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T29gWW3G0bNN3MH2sgN76vknK8r_g2W4XrZtX8pzXy2W6KS3VS6szsPHW52y4R65CL0GNV1LjR938L9mhVmFpBZ3gSNk8W1LXh_W5vhGtgN8zl1lNv9NGmW6FN0hq3wrW66W2l-sHL8M19ZrN27n0r7CT4pFW8-5-Kr4vpgVBW3m9rcZ3KS4P3W4Gstbc7WjncWVDlB0S8vQF2XN7VZbwL1WrKzW5mw5my1rCN-vW8T-0Zr59x2g1VMd90c7N29wlW3MPzBV6sklHS36CT1 Page URL
  2. https://order.weshield.us/events/public/v1/encoded/track/tc/RI*113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T29gWW3G0bNN3MH2sgN76vknK8r_g2W4XrZtX8pzXy2W6KS3VS6szsPHW52y4R65CL0GNV1LjR938L9mhVmFpBZ3gSNk8W1LXh_W5vhGtgN8zl1lNv9NGmW6FN0hq3wrW66W2l-sHL8M19ZrN27n0r7CT4pFW8-5-Kr4vpgVBW3m9rcZ3KS4P3W4Gstbc7WjncWVDlB0S8vQF2XN7VZbwL1WrKzW5mw5my1rCN-vW8T-0Zr59x2g1VMd90c7N29wlW3MPzBV6sklHS36CT1?_ud=29188bfb-ece0-4fe3-8309-123e79e17c52&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T29gWW3G0bNN3MH2sgN76vknK8r_g2W4XrZtX8pzXy2W6KS3VS6szsPHW52y4R65CL0GNV1LjR938L9mhVmFpBZ3gSNk8W1LXh_W5vhGtgN8zl1lNv9NGmW6FN0hq3wr...
order.weshield.us/e3t/Ctc/RI%2A113/cZZj304/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://order.weshield.us/e3t/Ctc/RI%2A113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T29gWW3G0bNN3MH2sgN76vknK8r_g2W4XrZtX8pzXy2W6KS3VS6szsPHW52y4R65CL0GNV1LjR938L9mhVmFpBZ3gSNk8W1LXh_W5vhGtgN8zl1lNv9NGmW6FN0hq3wrW66W2l-sHL8M19ZrN27n0r7CT4pFW8-5-Kr4vpgVBW3m9rcZ3KS4P3W4Gstbc7WjncWVDlB0S8vQF2XN7VZbwL1WrKzW5mw5my1rCN-vW8T-0Zr59x2g1VMd90c7N29wlW3MPzBV6sklHS36CT1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
73cbe9cfb8de2a96-ORD
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 18 Aug 2022 16:09:20 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 18 Aug 2022 16:09:20 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwVfGTN2OQ0Utofon8uf9Ds%2BxH8HYc5vedrt2RhEB4asq5tMKkdtL21eGTStAe2bwM2Xr6qRYbaAhvwaoeGRMQD2VKzC4EswTcs53ltIJD8BJY0%2BCM4Tq3Y34%2FkpzSieISFXm9DAFvq2JNFm9V96"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
65e6bcbf-7f4e-496f-a261-6d5e13a77482
x-robots-tag
none
Primary Request 194UF_gffSt-aOHkJCJHYHw4vbx3
share.hsforms.com/
Redirect Chain
  • https://order.weshield.us/events/public/v1/encoded/track/tc/RI*113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T29gWW3G0bNN3MH2sgN76vknK8r_g2W4XrZtX8pzXy2W6KS3VS6sz...
  • https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&u...
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation
Requested by
Host: order.weshield.us
URL: https://order.weshield.us/e3t/Ctc/RI%2A113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T29gWW3G0bNN3MH2sgN76vknK8r_g2W4XrZtX8pzXy2W6KS3VS6szsPHW52y4R65CL0GNV1LjR938L9mhVmFpBZ3gSNk8W1LXh_W5vhGtgN8zl1lNv9NGmW6FN0hq3wrW66W2l-sHL8M19ZrN27n0r7CT4pFW8-5-Kr4vpgVBW3m9rcZ3KS4P3W4Gstbc7WjncWVDlB0S8vQF2XN7VZbwL1WrKzW5mw5my1rCN-vW8T-0Zr59x2g1VMd90c7N29wlW3MPzBV6sklHS36CT1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1908e03b7729b12bc7412e97f1f2b3a206293c69931ec8d0b40db21ff6bb5b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://order.weshield.us/e3t/Ctc/RI%2A113/cZZj304/VX0fS5550M2mW2_gBCZ77lzZdW4Rs6st4NTSFbMcSJRt3lLBmV1-WJV7Cg-ztW16qDQ-4T29gWW3G0bNN3MH2sgN76vknK8r_g2W4XrZtX8pzXy2W6KS3VS6szsPHW52y4R65CL0GNV1LjR938L9mhVmFpBZ3gSNk8W1LXh_W5vhGtgN8zl1lNv9NGmW6FN0hq3wrW66W2l-sHL8M19ZrN27n0r7CT4pFW8-5-Kr4vpgVBW3m9rcZ3KS4P3W4Gstbc7WjncWVDlB0S8vQF2XN7VZbwL1WrKzW5mw5my1rCN-vW8T-0Zr59x2g1VMd90c7N29wlW3MPzBV6sklHS36CT1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
false
age
1855
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
73cbe9d3199e2d19-ORD
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 18 Aug 2022 16:09:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 18 Aug 2022 10:38:23 UTC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront)
x-amz-cf-id
sPqqlUMqT9TE7fNAC2S5ZkFg0Qea9LD-JUXzTRoGFo3-2gOa9zl-Eg==
x-amz-cf-pop
IAD89-P1
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
BBA6.MKJSal6yKeM2eYqiO0j7BCbgUan
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
x-hs-target-asset
forms-submission-pages/static-1.2306/html/share.html

Redirect headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
73cbe9d0cb182a96-ORD
date
Thu, 18 Aug 2022 16:09:20 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation>; rel="canonical"
location
https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m01LcZUmGnHYzamZj1LhUPjFehEe7XEkVP8NxyYLp6zu5X8s9dUUXof6NNHDKeM28QDDUW4LHXPQp6C%2BVZXCe3rvNur7tQRbWnnas29pRHVBgUII1zEYsJiozLSDfCRMM9tXx0xy8Qmt47VgGFGA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-https-only
worker
x-hubspot-correlation-id
3547a6e8-ea0a-41b9-a35f-7f59146ba67e
x-robots-tag
none
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.2306/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.2306/bundles/share-legacy.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd5239b25d710a1d11dc2df31dab8fc1d4ab34c3f741fc1405cfca6b74f2e1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
via
1.1 009e4fcf89388468d99c199bf93a2742.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19805
x-amz-server-side-encryption
AES256
cf-ray
73cbe9d40b55870e-ORD
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 10:03:54 GMT
server
cloudflare
etag
W/"9622da5b8144df084f69e3e5785d0cba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B51FZI9%2Fd2BZltjRgDmAB0zBYdJBQc3fK3nbggaYIjY5AHdnQxPEpOMvAKGOwSTRk4T8mu19ei9OgCAXn1QkL2%2FzU2QJl7d3Py%2B%2BrML5ugdgdBP0uca716QOuDGaqSkW202IHAkIEkEu8nJC9LsHqTTc%2F8E%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
6XgTHTkG0puugXrcCEif2eQRnbEs1NZO
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
ORD56-P2
content-type
application/javascript
x-amz-cf-id
yjJrB0MsN-ovtcvC82tK8KRJQfKZWVamT3m1ZvtOypNPlRoXTxKrFg==
expires
Fri, 18 Aug 2023 16:09:21 GMT
v3.js
js.hsforms.net/forms/embed/ 		548 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/embed/v3.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5323ed02d3dee4da3babd9a061d8d53bdb7abf8217bd42fb0cec8a35567b53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
via
1.1 3d65275b81abaf880be10de6f2c71e9a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
200
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2093/bundles/project-v3.js&cfRay=73cbe4f12be38eaa-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 15 Aug 2022 12:16:36 UTC
server
cloudflare
etag
W/"da6ab3eac5beb5613aa122af21be6094"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08mAsenHPXFOsC9gIsDgMfrDIsmfqdY%2FFQOUXXcQhw14t4Vf2zJdY3PrzKGV8qsRWiB78simkQ5%2Fa9Yz3AAYx3U3I%2FUf5Q7y3LWsXjUYjFvaJqKziBGbOt9xna8n%2BFveP7XM6tBq03WpOTkc"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
nLB4fyREw4TgkSVNDSMhJETXWPSSLq1n
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
73cbe9d42b9786db-ORD
x-amz-cf-id
LDgQmSWxAcMrfJKhMLaWpuXjYbHIv-iYhjguHcuIbgz3OCnkNGK99A==
x-hs-target-asset
forms-embed/static-1.2093/bundles/project-v3.js
8180247.js
js.hs-scripts.com/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8180247.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/194UF_gffSt-aOHkJCJHYHw4vbx3?utm_medium=email&_hsmi=223225030&_hsenc=p2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ&utm_content=223225030&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a3655436077a0d7468e2886ae7a7a9044445a7d982c3bea1c3217570030ed9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
aa4c0f1a-88ab-46ba-8c57-a268fea69648
last-modified
Thu, 18 Aug 2022 15:34:48 GMT
server
cloudflare
x-trace
2BFE6BCF09F243E915A5FE94DD6D4C36B344BFE81D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
73cbe9d42c878716-ORD
expires
Thu, 18 Aug 2022 16:10:21 GMT
8180247.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/8180247.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5626cdab07855ab404785d72dd0711d46475f4586a0e163287936308e01e4331

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
2EJH8TCYJ9CB3D4X
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
WnxG3BvqPPchGZxX4N+fyHtgp46i7lS77+dIljjqpRVy27BFX/NWSDxyYrODwwTucSDV8ATcgGw=
timing-allow-origin
*
last-modified
Tue, 16 Aug 2022 22:16:21 GMT
server
cloudflare
etag
W/"76a2028ac85f806e41f87251f03a4da1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
O7SMToWw0FoHX945KR_GdEcM1S6bJmfO
access-control-allow-origin
https://share.hsforms.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
73cbe9d5288d293d-ORD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 18 Aug 2022 16:14:21 GMT
collectedforms.js
js.hscollectedforms.net/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
via
1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
6020
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=73cb56de5d892ade-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 18 Jul 2022 02:17:32 UTC
server
cloudflare
etag
W/"877e5f54a66a69786dec54038d0864c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
gdKWpz_yvObw8s97wY_QgOhrdmJzIElp
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
73cbe9d52f192931-ORD
x-amz-cf-id
PlOY3B6OUVBfW6SxcbrwDviE7vYV-57IVhdwQOhM4z_AD1ObBwYg3w==
x-hs-target-asset
collected-forms-embed-js/static-1.285/bundles/project.js
fb.js
js.hsadspixel.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2ffede896a8727d9691452b1314e64ac7d2932896e89920599392ba33dd6f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
via
1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
595
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.290/bundles/pixels-release.js&cfRay=73cbdb4b7f942a54-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Wed, 10 Aug 2022 01:59:54 UTC
server
cloudflare
etag
W/"4f0b2f5f5adcb58be2f46e95ab35e280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
.CBGOpqVu8zaE1sKV5DacDTNZHwT9f6j
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
73cbe9d538d52901-ORD
x-amz-cf-id
8A5w-mw9XTcXCl4pPLX0h6Wgq5ZxV5EHgKS5eyaeLtWIkKBIV9nGtg==
x-hs-target-asset
adsscriptloaderstatic/static-1.290/bundles/pixels-release.js
8180247.js
js.hs-analytics.net/analytics/1660838700000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1660838700000/8180247.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8180247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0898a70e0e017b0452185b60aafb33a316b4833f20a7266906dbb9f04ac1a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
46513582JPVJP2NE
x-amz-server-side-encryption
AES256
cf-ray
73cbe9d53f022bf4-ORD
x-amz-id-2
/tiPduET2jetFgO4LUdJXDlycUyk1mRSNgWeC2sPR2H4TA6KG9uFfUOYEGQC6z6jhfmPnXs/WQk=
last-modified
Tue, 26 Jul 2022 15:18:46 GMT
server
cloudflare
etag
W/"37f5860207649fb9c1aabcda837aed87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 18 Aug 2022 16:14:21 GMT
json
forms.hsforms.com/embed/v3/form/8180247/f78505fe-07df-4adf-9a38-79090891d81f/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/8180247/f78505fe-07df-4adf-9a38-79090891d81f/json?X-HubSpot-Static-App-Info=%7B%22projectName%22:%22forms-embed%22,%22projectVersion%22:%221.2093%22,%22project%22:%22forms-embed-1.2093%22%7D
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce883668b2be4c1858e65c77465f82e11e3a2a5e6471b235217688e77f31e7aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://share.hsforms.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-origin-hublet
na1
date
Thu, 18 Aug 2022 16:09:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
066a6b72-d667-4f25-9705-14f8071a83a0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
x-trace
2BF00F94BAD7C2549631A0FD223887BB7B160987F6000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
73cbe9d58b392943-ORD
access-control-allow-headers
*
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8180247&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36abfd5c09b1db4b862cd8d5f3a3f293218476f6144c94c28b927a78aec8e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://share.hsforms.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
1f73f0a6-8582-4373-ac09-029d383c199c
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDa4XN%2FYqUkqdX8EOOS9DtVFX8Mc108zr2cQWlqstIrpERkXBqEJOGYMTUnwchT3u7xScnTBuiBMDQ2QTBkQ03XsL%2F8gONDsrgJMT2Hv8yREp9WCqtvkS40bl%2BZ9jRQaMKIbDZINYYRczn0tV5WY"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
73cbe9d5ea4f2ca7-ORD
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=8180247&ccu=https%3A%2F%2Fshare.hsforms.com%2F194UF_gffSt-aOHkJCJHYHw4vbx3&pu=https%3A%2F%2Fshare.hsforms.com%2F194UF_gffSt-aOHkJCJHYHw4vbx3%3Futm_medium%3Demail%26_hsmi%3D223225030%26_hsenc%3Dp2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ%26utm_content%3D223225030%26utm_source%3Dhs_automation&t=Form&cts=1660838961604&vi=94710039cc538280fbf9eb19a193e53f&nc=true&u=251652889.94710039cc538280fbf9eb19a193e53f.1660838961599.1660838961599.1660838961599.1&b=251652889.1.1660838961600&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
53ebaa76-6a8c-4095-8cea-2189e8fabd11
cf-ray
73cbe9d67f0f2c58-ORD
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTwM1ZWripv1RgVbYQRe8vl0OrEGnCuJ3DKaxPYGxaldDgkicJCBuyKKxJA63sm0pXRvMfm%2FSXgBz05fgyCZYvLPA2KOBEHLSfBVx%2BrolFRBjbaFR6FWAEkYQ%2FqCkIOfMY62ZZMpQY6L2YN21pCw"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
e7c546f2-9c47-4dd3-aee5-0f7ae6427bbe
cf-ray
73cbe9d6b8742d19-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2BB9B9C108BD7964F95A9660A24EAA657F3D6DC8AB000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
WeShield%20logo%20new%20no%20bkgd.png
f.hubspotusercontent40.net/hubfs/8180247/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.hubspotusercontent40.net/hubfs/8180247/WeShield%20logo%20new%20no%20bkgd.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf84083b6eccf678f0e00d045fa7d7368ae378be40efc873ca9f4e7a896d25c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-38554639639,P-8180247,FLS-ALL
age
263246
x-amz-server-side-encryption
AES256
edge-cache-tag
F-38554639639,P-8180247,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="WeShield%20logo%20new%20no%20bkgd.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
x-amz-request-id
F22ZK0GC6TVWZW2W
cf-bgj
imgq:85,h2pri
etag
"b45264ae23b740a4d5241bf43775a477"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis
1607535252542
date
Thu, 18 Aug 2022 16:09:21 GMT
via
1.1 8ca25e3665c376ca5d6d2354eb6dc25c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ORD51-C3
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=30358
x-cache
RefreshHit from cloudfront
cache-tag
F-38554639639,P-8180247,FLS-ALL
x-amz-meta-index-tag
all
content-length
18388
x-amz-id-2
U/qQdTvNRhcdjWRPW8/6+QkquXOvAQuJEJbIpmn9RTr6CZMGQFyyILCCHbv9yLWza9flRqIEB2g=
last-modified
Wed, 09 Dec 2020 17:34:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
36Ttw_NKMM.TqzqwNYW64mDfOFoItlaN
accept-ranges
bytes
cf-ray
73cbe9d71f9e86e4-ORD
x-amz-cf-id
JKiT8q28sV7LPCvQc5Mi86XnviBZexTzJYJDAxt46C7vV6BKF6xwKg==
__ptq.gif
track.hubspot.com/ 		45 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=f78505fe-07df-4adf-9a38-79090891d81f&fci=eb4c62fd-883b-4852-9359-72d732620c21&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=8180247&ccu=https%3A%2F%2Fshare.hsforms.com%2F194UF_gffSt-aOHkJCJHYHw4vbx3&pu=https%3A%2F%2Fshare.hsforms.com%2F194UF_gffSt-aOHkJCJHYHw4vbx3%3Futm_medium%3Demail%26_hsmi%3D223225030%26_hsenc%3Dp2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ%26utm_content%3D223225030%26utm_source%3Dhs_automation&t=Form&cts=1660838961691&vi=94710039cc538280fbf9eb19a193e53f&nc=true&u=251652889.94710039cc538280fbf9eb19a193e53f.1660838961599.1660838961599.1660838961599.1&b=251652889.1.1660838961600&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:22 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
beb9a7a0-52ec-44dc-ac66-213526b31b19
cf-ray
73cbe9d6bfff2c58-ORD
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zuj6%2Bb%2BNR%2B5qG9c3TbV6gu8KH8KPVRWZP%2B56opf1hZQke1ukvEQRU3Jw46re2wG3FjjPMon6OWnR%2F5tI6XXYhMi0Rf2mnJljr68r0SzPE%2B%2FsXF%2FbQEqMw1zmwDwrqzvGTZs3i%2F2LE8D1SPfvy8qQ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
03a91192-fc7d-4867-b753-d5a1ca897bb8
cf-ray
73cbe9d6b8732d19-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2BDD39E97E4E6A758806E7BC53A1F0E5336A16E6BE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=f78505fe-07df-4adf-9a38-79090891d81f&fci=eb4c62fd-883b-4852-9359-72d732620c21&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=8180247&ccu=https%3A%2F%2Fshare.hsforms.com%2F194UF_gffSt-aOHkJCJHYHw4vbx3&pu=https%3A%2F%2Fshare.hsforms.com%2F194UF_gffSt-aOHkJCJHYHw4vbx3%3Futm_medium%3Demail%26_hsmi%3D223225030%26_hsenc%3Dp2ANqtz-_RdDFZiBKFUW5s0DTwS4KmCloA9bYXPh8d0rPfV-nQ8IqAqRoUY0W6Vs2mu28OtuZ2xbFjAzx5ndtOsvORm5jU0d_BiQ%26utm_content%3D223225030%26utm_source%3Dhs_automation&t=Form&cts=1660838961692&vi=94710039cc538280fbf9eb19a193e53f&nc=true&u=251652889.94710039cc538280fbf9eb19a193e53f.1660838961599.1660838961599.1660838961599.1&b=251652889.1.1660838961600&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
86d7c755-ab83-414b-8021-b02850b3c814
cf-ray
73cbe9d6b8032c58-ORD
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CemiX58sqLvGSmDhMe1i2KZN1isibfWsHkYhFYLrPmdLLgMy8OJKuXQitW%2Fhm2dPHIzRQq%2BizO94JfsedC%2BEZjDPWm3I1mipk7UwTMBTPimyQfuod0xMTkuzIEIEtyJxncBOHy63%2FCKn10HaxcOZ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 16:09:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
50546df9-076d-4b9b-93c9-b84ee8ecb9a8
cf-ray
73cbe9d6b8712d19-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2BBFDC0E1A49637577F98504DB75C2018651533E1A000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| isQa object| hsFormsOnReady object| _hsq object| disabledHsPopups string| apiHubspotUrl string| formsHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| _hsp object| hubspot object| HubSpotForms object| hbspt object| __hsCollectedFormsDebug boolean| PIXELS_RAN boolean| _hspb_ran boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime

7 Cookies

Domain/Path Name / Value
.order.weshield.us/ Name: __cf_bm
Value: QvuvME_yWEDYu8K176oScimqr.t2.9.S7xiSdT4SlZ8-1660838960-0-AYdqYF1r2a7wGfI9I+isskK4tp7MtQJnvtXuVOddXvktbpY3OjQlBW4HaZND+FXen8FCLB+pe4n6jsinF49JKvU=
.order.weshield.us/ Name: __cfruid
Value: 7eea030141530738aa6362190a2949b22ba9d1b3-1660838960
.hsforms.com/ Name: __hstc
Value: 251652889.94710039cc538280fbf9eb19a193e53f.1660838961599.1660838961599.1660838961599.1
.hsforms.com/ Name: hubspotutk
Value: 94710039cc538280fbf9eb19a193e53f
.hsforms.com/ Name: __hssrc
Value: 1
.hsforms.com/ Name: __hssc
Value: 251652889.1.1660838961600
.hubspot.com/ Name: __cf_bm
Value: gAqQi8VbQH9jrKZDpsikN1yYUB4wrofewt5i8rhOH4U-1660838962-0-AW9wbBVH5k3xUF36lfCcohgTktrSTdmu52qB9p18h+1O1TlkIccY9q+8A7MP6UjdZB4LJzeBM1AGmWXlUlzLb4U=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.hubspotusercontent40.net
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
order.weshield.us
share.hsforms.com
static.hsappstatic.net
track.hubspot.com
2606:2c40::c73c:67e4
2606:4700:4400::6812:21ab
2606:4700::6810:5505
2606:4700::6810:5805
2606:4700::6810:b772
2606:4700::6811:44b0
2606:4700::6811:6d2
2606:4700::6811:72b0
2606:4700::6811:80ab
2606:4700::6811:b749
2606:4700::6811:d4cc
2606:4700::6813:9a53
2606:4700::6813:9b53
1908e03b7729b12bc7412e97f1f2b3a206293c69931ec8d0b40db21ff6bb5b97
1bd5239b25d710a1d11dc2df31dab8fc1d4ab34c3f741fc1405cfca6b74f2e1c
5626cdab07855ab404785d72dd0711d46475f4586a0e163287936308e01e4331
5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
a36abfd5c09b1db4b862cd8d5f3a3f293218476f6144c94c28b927a78aec8e81
ab5323ed02d3dee4da3babd9a061d8d53bdb7abf8217bd42fb0cec8a35567b53
cd0898a70e0e017b0452185b60aafb33a316b4833f20a7266906dbb9f04ac1a5
ce883668b2be4c1858e65c77465f82e11e3a2a5e6471b235217688e77f31e7aa
cf84083b6eccf678f0e00d045fa7d7368ae378be40efc873ca9f4e7a896d25c1
d7a3655436077a0d7468e2886ae7a7a9044445a7d982c3bea1c3217570030ed9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ea2ffede896a8727d9691452b1314e64ac7d2932896e89920599392ba33dd6f1