urlscan.io logo urlscan.io
SecurityTrails logo

share-eu1.hsforms.com Open in urlscan Pro
172.65.198.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
Effective URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Submission: On May 22 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 18 HTTP transactions. The main IP is 172.65.198.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is share-eu1.hsforms.com. The Cisco Umbrella rank of the primary domain is 507212.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2024. Valid for: 3 months.
This is the only time share-eu1.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.180.174.73 10692 (DLS-LITH)
2 2600:9000:249... 16509 (AMAZON-02)
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 1 172.67.142.34 13335 (CLOUDFLAR...)
2 172.65.198.19 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.65.255.172 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
2 172.65.192.122 13335 (CLOUDFLAR...)
4 172.65.232.43 13335 (CLOUDFLAR...)
3 172.65.240.166 13335 (CLOUDFLAR...)
18 10
1    216.180.174.73 (Northbrook, United States)

ASN10692 (DLS-LITH, US)
PTR: www.callgss.com
enewsletter.paradigmproductions.com
2    2600:9000:2490:4e00:12:3777:ad00:21 (United States)

ASN16509 (AMAZON-02, US)
d2dz026t3wiz78.cloudfront.net
1    2a02:26f0:3500:1b::1724:a390 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    172.67.142.34 (United States)

ASN13335 (CLOUDFLARENET, US)
www.wbrandplus.shop
2    172.65.198.19 (United States)

ASN13335 (CLOUDFLARENET, US)
share-eu1.hsforms.com
1    2606:4700::6811:af5b (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsforms.net
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
2    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
forms-eu1.hscollectedforms.net
4    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
3    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
Apex Domain
Subdomains		 Transfer
6 hsforms.com
share-eu1.hsforms.com — Cisco Umbrella Rank: 507212
forms-eu1.hsforms.com — Cisco Umbrella Rank: 28484
18 KB
3 hubspot.com
track-eu1.hubspot.com — Cisco Umbrella Rank: 16017
3 KB
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 26734
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 27597
26 KB
2 cloudfront.net
d2dz026t3wiz78.cloudfront.net
1 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 15561
21 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 15423
23 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14485
1 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 51913
151 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5709
3 KB
1 wbrandplus.shop
www.wbrandplus.shop
518 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 52
427 B
1 paradigmproductions.com
enewsletter.paradigmproductions.com
501 B
18 12
Domain Requested by
4 forms-eu1.hsforms.com js-eu1.hsforms.net
3 track-eu1.hubspot.com
2 share-eu1.hsforms.com
2 d2dz026t3wiz78.cloudfront.net
1 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hs-scripts.com share-eu1.hsforms.com
1 js-eu1.hsforms.net share-eu1.hsforms.com
1 static.hsappstatic.net share-eu1.hsforms.com
1 www.wbrandplus.shop 1 redirects
1 www.bing.com 1 redirects
1 enewsletter.paradigmproductions.com 1 redirects
18 14

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
hsforms.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
hsappstatic.net
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
hsforms.net
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
hs-scripts.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-banner.com
E1		 2024-04-01 -
2024-06-30		 3 months crt.sh
hs-analytics.net
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
hscollectedforms.net
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Frame ID: D1333824DDF2B8F670055323499956DD
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Form

Page URL History Show full URLs

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
    http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
    https://d2dz026t3wiz78.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLT... HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0 Page URL

Page Statistics

18
Requests

100 %
HTTPS

23 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

247 kB
Transfer

720 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
    http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
    http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
    https://d2dz026t3wiz78.cloudfront.net/ Page URL
  2. https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa5664c&psq=site%3awbrandplus.shop&u=a1aHR0cHM6Ly93d3cud2JyYW5kcGx1cy5zaG9wL2ZyZWl6ZWl0LXNwb3J0LXJlaXNlbi1jLTMzOTQuaHRt HTTP 302
    https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm HTTP 301
    https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 307
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net HTTP 302
  • http://d2dz026t3wiz78.cloudfront.net/ HTTP 307
  • https://d2dz026t3wiz78.cloudfront.net/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
d2dz026t3wiz78.cloudfront.net/
Redirect Chain
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
  • https://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
  • http://enewsletter.paradigmproductions.com/t.aspx?S=36&ID=447&NL=151&N=202&SI=269639&URL=//d2dz026t3wiz78.cloudfront.net
  • http://d2dz026t3wiz78.cloudfront.net/
  • https://d2dz026t3wiz78.cloudfront.net/
514 B
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d2dz026t3wiz78.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:4e00:12:3777:ad00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
130
content-length
514
content-type
text/html
date
Wed, 22 May 2024 16:08:28 GMT
etag
"abc916b4384787333035531b1efef58c"
last-modified
Fri, 17 May 2024 05:53:30 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-id
xHtjj3Lu1i_78DyZcHFnN8jIgZDCVX846TUIK35Z1IybiUTmN67V-Q==
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

Location
https://d2dz026t3wiz78.cloudfront.net/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request 1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
share-eu1.hsforms.com/
Redirect Chain
  • https://www.bing.com/ck/a?!&&p=3f204c9682078a76JmltdHM9MTcwNjc0NTYwMCZpZ3VpZD0yMDBkYTM5NS1hYmIwLTY3Y2MtMmU1Yy1iNzk2YWFhNTY2NGMmaW5zaWQ9NTMxOQ&ptn=3&ver=2&hsh=3&fclid=200da395-abb0-67cc-2e5c-b796aaa...
  • https://www.wbrandplus.shop/freizeit-sport-reisen-c-3394.htm
  • https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67237cc3f49f18ab538a45c25a9c7144abcfcb1729cf6ddb444ad1003f758693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://d2dz026t3wiz78.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
false
Age
2354
CF-Cache-Status
DYNAMIC
CF-RAY
887e13d059443cb1-CDG
Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Wed, 22 May 2024 16:10:37 GMT
Last-Modified
Wed, 22 May 2024 13:27:21 UTC
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
origin
Via
1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
X-Amz-Cf-Id
-uuxa3bQR4ZP7FqNafnwrMa_S1WDHmUgIv-9MU9mjbjIAYyLrGrfcQ==
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-HS-Cache-Status
HIT
X-HS-Target-Asset
forms-submission-pages/static-1.4442/html/share.html
alt-svc
h3=":443"; ma=86400
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-amz-meta-ao
{"allowIFrame":"always"}
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
EwPnrDxSpCpuQhzlSNsOHl7aKRet4fci
x-envoy-upstream-service-time
0
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
78f551a1-b829-46a0-bffb-06b0bbc24926
x-request-id
78f551a1-b829-46a0-bffb-06b0bbc24926

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
887e13cfacdc9ede-CDG
content-length
167
content-type
text/html
date
Wed, 22 May 2024 16:10:37 GMT
expires
Wed, 22 May 2024 17:10:37 GMT
location
https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96i9kBNwKbVENTVW6urrMGXmgNe0%2B%2FZ6BaueP71f3B9fxElmx3f53IVUGWx1MjbYY7quWccZ2Apy6MsqyD7n5gEM%2B2kmlVXmd131VZAl9RigoPbyFx4%2BpQfSUV%2BLftvsa2Gs%2BKFP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
d2dz026t3wiz78.cloudfront.net/ 		263 B
502 B 		Other
General
Check archive.org
Download Go to
Full URL
https://d2dz026t3wiz78.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:4e00:12:3777:ad00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://d2dz026t3wiz78.cloudfront.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:36 GMT
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
Ghy4H2G0i4waRPF2XPDdqE-pZb5TrIXB_LNgyIQ4m3JS1msL8aGOwA==
x-cache
Error from cloudfront
content-type
application/xml
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.4442/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.4442/bundles/share-legacy.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248bf53146d149f9b27b226b9d70e7be9b880aa9e9be94b8a3169210a7de7a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:37 GMT
x-amz-version-id
F83r0oRoYcjUj58wmxl0.b9cldyOTeKo
via
1.1 0e5084c3f3749abdd1195ad293d2faa2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
CDG52-P2
age
9786
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 May 2024 10:31:47 GMT
server
cloudflare
etag
W/"44582fa982a55a0ad4d97988d612f172"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3s2CBDQoRZFXFLZArRDYc0z8mlDb67kDZk8vSioTsIHzFVwdYT%2BsHmYZfGe1znkEx%2FQ1CR3y7O1YdQARJ0u9dBvGWTFa2Cdx0mBKVWjfPb2XY8d4jGRyt1BZaAWKbeAF08MFav362hQYA5%2BO7CyLhfkL%2Fk%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
887e13d11ccbd65e-CDG
x-amz-cf-id
gSOKaYw7uMhKD_ISZee3zUtjeWL28_pK2FqCDy06KPoX9IypWEc2fg==
expires
Thu, 22 May 2025 16:10:37 GMT
v3.js
js-eu1.hsforms.net/forms/embed/ 		472 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsforms.net/forms/embed/v3.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
151
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5182/bundles/project-v3.js&cfRay=887e1021121399c0-CDG
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"dff4ba3711b02da1824149f5b571bb4e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5182/bundles/project-v3.js
date
Wed, 22 May 2024 16:10:37 GMT
x-amz-version-id
xsG5fY3E.Nt_nX1yzNbxZM2eFSp9.4SB
via
1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
90dca2fa-66b6-489c-9cd0-f0b5a7b4ab93
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
90dca2fa-66b6-489c-9cd0-f0b5a7b4ab93
last-modified
Fri, 03 May 2024 16:00:07 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9g4ZpNf7y15aTXiJxIbN4w8ucHrJwyeLtuUO8BRh0SwiRmpGNkOdbyJzw3Li4lVgDnYcFl9BtN3OoXj6H3j%2B5S0%2BNdfCtB6duagqIV1ciOg1qHsATm1UhPkzb8wmGuCmktVEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
cf-ray
887e13d16db9784e-CDG
x-amz-cf-id
FfOh6P7pJXyjlAQQ-mKzGXIu5vzOI1_x96Szcx0bmMTPNblzX77Jwg==
144723960.js
js-eu1.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/144723960.js
Requested by
Host: share-eu1.hsforms.com
URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9116a96aae639393624f33dc954a4e6f968332569a0c7f5443b050a28797b530
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
08c4a5bb-af75-41de-8f23-0a4416c85cec
x-envoy-upstream-service-time
19
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
08c4a5bb-af75-41de-8f23-0a4416c85cec
last-modified
Wed, 22 May 2024 08:46:50 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-68d6f869c4-wsckk
access-control-allow-credentials
true
cf-ray
887e13d14ea67023-CDG
banner.js
js-eu1.hs-banner.com/v2/144723960/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/v2/144723960/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144723960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e29137698517ce6d584de2b15f97e8243c4c24439b2854ab204793300d07a0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:37 GMT
x-amz-version-id
FgR3LKUS9734Z9jIVHQNNyCCWKIb0uMs
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
KCZ4P78WH16D3W93
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
fd4110cc-dd3c-42fe-87da-fad525c7636c
x-envoy-upstream-service-time
69
x-amz-id-2
OM8jYypN6/uT5smNyWZpNcAhR48wQFd0mXXs1GLQbO2uXbQ8cqqeBsYOHj3lmvNWgwYvsry9UzE=
x-evy-trace-listener
listener_https
x-request-id
fd4110cc-dd3c-42fe-87da-fad525c7636c
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 21 May 2024 10:25:21 GMT
server
cloudflare
etag
W/"5b82c285bba965ba09d823e23f446739"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-tzlhx
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
887e13d25864700e-CDG
expires
Wed, 22 May 2024 16:15:37 GMT
144723960.js
js-eu1.hs-analytics.net/analytics/1716394200000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1716394200000/144723960.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144723960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90d8a3aff74cc8b306551203561ed0ae18dbf5aeec53f8d20e19899040be614

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:37 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
AXPEV6DSS341AZF7
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
fa31d546-7e05-4759-aea4-f668bd310e78
x-envoy-upstream-service-time
27
x-amz-id-2
x5SCOIrkpvmcHo9yR4q5kPzNGk/wxibiJR3R8vDivBCmxtbZ2Ed/DjtmD/jd5c/JlEHvwvu4BDURNvyXYlP08w==
x-evy-trace-listener
listener_https
x-request-id
fa31d546-7e05-4759-aea4-f668bd310e78
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 21 May 2024 10:25:28 GMT
server
cloudflare
etag
W/"519ee038ddd1213b9a765fcac042972d"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
887e13d24a97d5b8-CDG
expires
Wed, 22 May 2024 16:15:37 GMT
collectedforms.js
js-eu1.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/144723960.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Origin
https://share-eu1.hsforms.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
age
77
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=887e11ec2d2e7835-CDG
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"7d377a186677c174f204d466b8fa5fdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.503/bundles/project.js
date
Wed, 22 May 2024 16:10:37 GMT
x-amz-version-id
WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via
1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
170b92c7-518d-45e0-befe-f6be91558d12
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-request-id
170b92c7-518d-45e0-befe-f6be91558d12
last-modified
Wed, 15 May 2024 14:34:44 UTC
server
cloudflare
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
cf-ray
887e13d25a6f22a6-CDG
x-amz-cf-id
SgrjyiXB0_yKt0vZuPyuIvLM0vQ_9jvV4nKS4pylq3AQRJJgFKuzww==
json
forms-eu1.hsforms.com/embed/v3/form/144723960/004736fa-04b8-4eec-90c8-088c41f07943/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/144723960/004736fa-04b8-4eec-90c8-088c41f07943/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182
Requested by
Host: js-eu1.hsforms.net
URL: https://js-eu1.hsforms.net/forms/embed/v3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f34c7d071e10a5cd510ea1762051e3d042811071d19d094194233c023c642a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Origin-Hublet
eu1
Date
Wed, 22 May 2024 16:10:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
969dde0d-2ea4-4e18-a4f0-96bec5209bcf
Transfer-Encoding
chunked
x-envoy-upstream-service-time
43
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
969dde0d-2ea4-4e18-a4f0-96bec5209bcf
Server
cloudflare
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-mxfm6
Access-Control-Max-Age
180
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
887e13d2c8b0046d-CDG
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 		135 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=144723960&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a923b7f00478f03c9afb97cd29a80961dced7d0460b4f043807b8734abea855e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a8b9b216-5849-47b4-877b-aa10dbf9b17f
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a8b9b216-5849-47b4-877b-aa10dbf9b17f
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share-eu1.hsforms.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5dd8ff7977-4tvf2
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
887e13d2cad922a6-CDG
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=3106203602&v=1.1&a=144723960&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&t=Form&cts=1716394237880&vi=ff5b1d91c518f818a213fd3fed0cf94b&nc=true&u=251652889.ff5b1d91c518f818a213fd3fed0cf94b.1716394237877.1716394237877.1716394237877.1&b=251652889.1.1716394237877&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4ceb1dd8-d725-4327-b6e0-1b2fe3e96a47
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4ceb1dd8-d725-4327-b6e0-1b2fe3e96a47
last-modified
Wed, 22 May 2024 16:10:38 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xX1T1hN5lPupKz8RlSGOudGsUdVIIjfC5A%2Fo86VA6O6Aolf%2BAsok2DIhIcK7YVp3TwxTDpFGjjUEWXTQJRThDCA0dm%2FCzdhdnrFOqyHtrvCDoGwooALPEE1HQQNlKfzjQkmFnPNTTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-28jdk
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
887e13d35c5c9f09-CDG
x-robots-tag
none
favicon.ico
share-eu1.hsforms.com/ 		12 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://share-eu1.hsforms.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67237cc3f49f18ab538a45c25a9c7144abcfcb1729cf6ddb444ad1003f758693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Encoding
br
Age
384
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
x-evy-trace-listener
listener_https
Vary
origin, Accept-Encoding
Content-Type
text/html; charset=utf-8
x-evy-trace-virtual-host
all
Cache-Control
max-age=600
X-HS-Target-Asset
forms-submission-pages/static-1.4442/html/share.html
Date
Wed, 22 May 2024 16:10:38 GMT
x-amz-version-id
EwPnrDxSpCpuQhzlSNsOHl7aKRet4fci
Via
1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Amz-Cf-Pop
FRA60-P6
x-hubspot-correlation-id
f5dac36e-cfee-45c0-a6fa-3153cdc30229
X-Cache
Hit from cloudfront
cache-tag
staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
f5dac36e-cfee-45c0-a6fa-3153cdc30229
Last-Modified
Wed, 22 May 2024 13:27:21 UTC
Server
cloudflare
X-HS-Cache-Status
HIT
x-evy-trace-served-by-pod
fra04/star-td/envoy-proxy-79b4b4cdb5-prqdr
Access-Control-Allow-Credentials
false
x-amz-meta-ao
{"allowIFrame":"always"}
CF-RAY
887e13d4bfbe3cb1-CDG
X-Amz-Cf-Id
6wT8_iR2-ECBXtJqNoJTtYIGitJQ2d75eCgMht6Azt_-7VVanjSf5Q==
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 16:10:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
ec16ba41-29ed-43dc-b6f8-5aec11e1fc7c
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ec16ba41-29ed-43dc-b6f8-5aec11e1fc7c
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-mxfm6
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
887e13d59b173d16-CDG
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 16:10:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
3ae92436-2550-4dba-8f27-70f015f011c1
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3ae92436-2550-4dba-8f27-70f015f011c1
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-krxfw
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
887e13d5acf93cf5-CDG
__ptq.gif
track-eu1.hubspot.com/ 		45 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=004736fa-04b8-4eec-90c8-088c41f07943&fci=10829fe0-88f8-4a96-9ca7-27e9f1f6de93&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=3106203602&v=1.1&a=144723960&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&t=Form&cts=1716394237982&vi=ff5b1d91c518f818a213fd3fed0cf94b&nc=true&u=251652889.ff5b1d91c518f818a213fd3fed0cf94b.1716394237877.1716394237877.1716394237877.1&b=251652889.1.1716394237877&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
3e0d3d2b-f05d-4c6e-afd4-4492bb43ec5e
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3e0d3d2b-f05d-4c6e-afd4-4492bb43ec5e
last-modified
Wed, 22 May 2024 16:10:38 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pp6z7Y7xJv5d0sgTEfMz6z6hsgSBHnBi01yFeERl%2BlHTVCgMc8ed2scNx62VL2V03FiqosXyeF7qLxNQMBi5ONSqLnIB0iTZ2mqKlLpJyKMgUw6vGKRH849Qef5cGZYyvgiEgaeLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-9g2jt
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
887e13d37c789f09-CDG
x-robots-tag
none
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 16:10:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
c5f87504-9b14-44cb-9c53-91bf2d171c4e
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c5f87504-9b14-44cb-9c53-91bf2d171c4e
Server
cloudflare
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7c766895b4-7h79k
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
887e13d5aeebd2d9-CDG
__ptq.gif
track-eu1.hubspot.com/ 		45 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=004736fa-04b8-4eec-90c8-088c41f07943&fci=10829fe0-88f8-4a96-9ca7-27e9f1f6de93&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=fr-fr&bfp=3106203602&v=1.1&a=144723960&ccu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&r=https%3A%2F%2Fd2dz026t3wiz78.cloudfront.net%2F&pu=https%3A%2F%2Fshare-eu1.hsforms.com%2F1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0&t=Form&cts=1716394237987&vi=ff5b1d91c518f818a213fd3fed0cf94b&nc=true&u=251652889.ff5b1d91c518f818a213fd3fed0cf94b.1716394237877.1716394237877.1716394237877.1&b=251652889.1.1716394237877&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://share-eu1.hsforms.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 16:10:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fa45546f-7ad7-4ab0-943e-93adcea8b744
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fa45546f-7ad7-4ab0-943e-93adcea8b744
last-modified
Wed, 22 May 2024 16:10:38 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhDFGXbtb%2BzfOvaBk678M3IfmF2BzuI%2B3vcgGPMOI1qIOygTYz9vG851c%2FB0tE%2F4MT5aP0pEaBJ582DqvhLmF633BUDS18RfGahXLvY4aGPKKzztcTEKc3ooUQ%2FWe9jgpwt%2FouHKNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-5dfb646764-q8ns7
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
887e13d37c7b9f09-CDG
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| isQa object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isLocal string| apiHubspotUrl string| formsHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| _hsp object| hubspot object| HubSpotForms object| hbspt object| __hsCollectedFormsDebug object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

13 Cookies

Domain/Path Name / Value
enewsletter.paradigmproductions.com/ Name: SSPIDER
Value: False
enewsletter.paradigmproductions.com/ Name: SCC
Value: CH
enewsletter.paradigmproductions.com/ Name: SRC
Value: --
enewsletter.paradigmproductions.com/ Name: SMC
Value: 0
.hsforms.com/ Name: __cf_bm
Value: r1ZAAlFlNEXnV2q40Qo7X1LTaG43qg4G0gMy928fkBM-1716394237-1.0.1.1-Wues.Iy_MOSO0B9qp2ZySwFw9Bk.PfB.7Qt6xs778OeejBZUJDhesb0vuRxplurB_hLmV10Mvl4aEsOykVPBtg
.hsforms.com/ Name: _cfuvid
Value: v6jfGykRjMTEKpaM992tRVrJ9jxbIprwd4r.BIh_iuk-1716394237527-0.0.1.1-604800000
.hsforms.net/ Name: __cf_bm
Value: l3jDSW2wzLhsx7BYCrLi_ytebAGTDl59VcaYLi5TfBQ-1716394237-1.0.1.1-YBt_xiJjylwLtqPZvYuzW66bAnZlEuUMn3wXFwBj3nuQnoVZXNMJiLoqMOdkekavXNPKEQC6PxPCyqK0r5MzrQ
.hsforms.com/ Name: __hstc
Value: 251652889.ff5b1d91c518f818a213fd3fed0cf94b.1716394237877.1716394237877.1716394237877.1
.hsforms.com/ Name: hubspotutk
Value: ff5b1d91c518f818a213fd3fed0cf94b
.hsforms.com/ Name: __hssrc
Value: 1
.hsforms.com/ Name: __hssc
Value: 251652889.1.1716394237877
.hubspot.com/ Name: __cf_bm
Value: SgfP9sZTEHXcm0CLLkWGiNrRoydYmzYWnCPb1U2wcFE-1716394238-1.0.1.1-wpJTV5IgXOL1JvPFyFyJF1WTqrdPjyLplbvgn_I7ioIuq0NySBpgm35umbsvOGx8ybLmzyi2OO_L5Eufugvnvw
.hubspot.com/ Name: _cfuvid
Value: 9o27HNzUfHjDLUMdQbFgjd8IEJOczmpaBmgguEYPinY-1716394238043-0.0.1.1-604800000

8 Console Messages

Source Level URL
Text
network error URL: https://d2dz026t3wiz78.cloudfront.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://share-eu1.hsforms.com/1AEc2-gS4TuyQyAiMQfB5Qw2e5xq0
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.