Report - click.pstmrk.it/3s/share.hsforms.com%2F1IPP30IDkQW660UaCsO93ygce3je%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dwelcome-to-odyssey/vsyL/9zG1AQ/AQ/8ea7a573-0de3-45b3-9a1a-30e1a3812b69/3/fFqj4uMI0r

Report Overview

Submitted URL
click.pstmrk.it/3s/share.hsforms.com%2F1IPP30IDkQW660UaCsO93ygce3je%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dwelcome-to-odyssey/vsyL/9zG1AQ/AQ/8ea7a573-0de3-45b3-9a1a-30e1a3812b69/3/fFqj4uMI0r
IP
34.254.18.111
ASN
#16509 AMAZON-02
Submitted
2024-05-09 13:07:19
Access
public
Website Title
Form
Final URL
share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
share.hsforms.com	154260	2013-09-18	2018-05-22	2024-05-03	1.4 kB	11 kB	104.18.80.204
forms.hsforms.com	5160	2013-09-18	2018-03-07	2024-05-08	1.4 kB	16 kB	104.18.80.204
20813162.fs1.hubspotusercontent-na1.net	unknown	unknown	No data	No data	470 B	49 kB	172.64.146.132
static.hsappstatic.net	8199	2013-09-18	2013-09-26	2024-05-08	493 B	6.2 kB	104.17.172.91
js.hsforms.net	7264	2013-09-18	2013-09-26	2024-05-08	410 B	486 kB	104.18.142.119
forms.hscollectedforms.net	unknown	2017-01-23	2023-03-02	2024-05-08	519 B	1.0 kB	104.16.111.254
click.pstmrk.it	52825	2010-04-20	2016-10-26	2024-05-08	669 B	291 B	52.30.244.36
forms-na1.hsforms.com	unknown	2013-09-18	2022-05-24	2024-05-08	1.5 kB	1.8 kB	104.18.80.204
js.hs-scripts.com	2571	2016-07-11	2016-08-09	2024-05-08	407 B	2.5 kB	104.16.141.209
js.hs-banner.com	2426	2020-03-09	2020-03-26	2024-05-09	416 B	74 kB	104.18.34.229
js.hscollectedforms.net	5697	2017-01-23	2017-03-02	2024-05-09	449 B	30 kB	104.16.111.254

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	314 B	2024-03-04	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-04 15:48:25 Last Seen2024-05-14 04:44:00 Times Seen19 Hash 431b0c2e2513008096664effcea272bf 1468f57141b979f5e4b420138e3ed475be4ef796 686d2475a3618be8949d12ce182f0a3fd57f0240e64d6b83503d423b3e765741 Loading...

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	1.5 kB	2024-03-04	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-04 15:48:25 Last Seen2024-05-14 04:44:00 Times Seen19 Hash bb8ad1b7e8de082e09fee9c9c6c9037a d9d801824e317d3d266995d44c8777bdde33c6ea b199c49893018ed2e4e9c01e186a6a933ea3e726753fe19994075e0dc3809919 Loading...

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	1.4 kB	2024-03-04	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-04 15:48:25 Last Seen2024-05-14 04:44:00 Times Seen19 Hash e80a01892dc0b09d88edf1d423515878 e45b2a10f6270213836f8245d676c513db556e76 11e92fe395896f2f4bfac4ce1b469df07cad8f7c55f48942e71576474a737414 Loading...

	static.hsappstatic.net/forms-submission-pages/static-1.4391/bundles/share-legacy.js	4.9 kB	2024-05-09	2024-05-09
Pretty URL static.hsappstatic.net/forms-submission-pages/static-1.4391/bundles/share-legacy.js IP 104.17.172.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 15:07:25 Last Seen2024-05-09 15:07:25 Times Seen1 Hash 375e75cc125882314f2f3cbe0dc324f1 504f54a285666fdaa374feaf2ea7eacc01a3b1e1 ff27e98b2e3dc50065cce03d9286724a8b63b383d19474141cb66077b1cb0d93 Loading...

	js.hscollectedforms.net/collectedforms.js	70 kB	2024-04-11	2024-05-15
Pretty URL js.hscollectedforms.net/collectedforms.js IP 104.16.111.254 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 09:05:46 Last Seen2024-05-15 15:48:09 Times Seen518 Hash 020909a609cf986b4a8a88cfb577a8db b433b99760f44c8a494a5c13a07aa1a9933d0179 5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448 Loading...

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	1.2 kB	2023-03-10	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:38:12 Last Seen2024-05-14 04:44:01 Times Seen50 Hash 9772e702372cf5d91fa5e796235a87a8 387c38e8e44c31325c653b6cd09a20f1b1db4ed6 33f55b7e18178462c5b2a8db50634724ebbce8303243c73454ad8263b98f9794 Loading...

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	28 B	2023-03-10	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:38:12 Last Seen2024-05-14 04:44:01 Times Seen51 Hash e9a32cdfeb6ea4f763baad9e2013f2b0 86d85c368d981a5867a347241c0e1f5b5c2aede8 a0b61a47193ff4e6994160e74c02be729314955ee263d6beb95f9ab26ceb20d0 Loading...

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	4.2 kB	2023-10-25	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-25 08:27:22 Last Seen2024-05-14 04:44:01 Times Seen31 Hash 704f0476d4ae0a87d42ea44645ebfa42 f6eaf69f8c94615447afb3ed892bb55afc9adbd1 fe3a76e1ab7de9706e3b68da43eae55cf8f7cafe95d59774dc0f04e8e41eb1a2 Loading...

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	1.3 kB	2023-10-25	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-25 08:27:22 Last Seen2024-05-14 04:44:01 Times Seen32 Hash bc464bc6340b3ef9ba2d5ba0f2038d87 a397b727c960f835591d0999bd5a24f5bfcdbcff 0afd1b135e13682b6842458e8e85e0a2deb4ba8f44f3380b65259753e7bd242d Loading...

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	1.1 kB	2023-03-10	2024-05-14
Pretty URL share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:38:12 Last Seen2024-05-14 04:44:01 Times Seen51 Hash 004524102f9a88e95dfceb5503eab993 d5c4b8040a5d4cd092cbb16dac3423e42d8b6ce1 4ea5823cc6a779538d030f7249735cf3c7f2e19541b194a3793a70ddb08e9251 Loading...

	js.hs-scripts.com/20813162.js	1.6 kB	2024-05-09	2024-05-09
Pretty URL js.hs-scripts.com/20813162.js IP 104.16.141.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 15:07:25 Last Seen2024-05-09 15:07:25 Times Seen1 Hash d10da2122672e5785d21df4b025fc7a4 4cb0700bb3d130cf37b79cdd679c55f72be5bbc8 937d08deed2d2f6780a469f1447cb7e8413aa87fca8670177d07789f514e103c Loading...

	js.hsforms.net/forms/embed/v3.js	484 kB	2024-05-06	2024-05-14
Pretty URL js.hsforms.net/forms/embed/v3.js IP 104.18.142.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-06 06:31:24 Last Seen2024-05-14 04:44:01 Times Seen3 Hash dff4ba3711b02da1824149f5b571bb4e 8846c4a2db5b5d7645a0becaceb95c49a358bbc1 962462bc79f2d0946cb745779b94c28acbb728ffe2f8008aef56fe089fa9a2fe Loading...

	js.hs-banner.com/v2/20813162/banner.js	72 kB	2024-05-09	2024-05-09
Pretty URL js.hs-banner.com/v2/20813162/banner.js IP 104.18.34.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 15:07:25 Last Seen2024-05-09 15:07:26 Times Seen2 Hash a977c5baea439cf928f45f85bb2b5087 b9b45a83258fc1eb6c48664828302e4f28af6b14 4b56f5bd214ccaab1ceda3222ab24a3a41e6fe868648b6435c21b69c822635c2 Loading...

HTTP Transactions (14)

	URL	IP	Response	Size
	click.pstmrk.it/3s/share.hsforms.com%2F1IPP30IDkQW660UaCsO93ygce3je%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dwelcome-to-odyssey/vsyL/9zG1AQ/AQ/8ea7a573-0de3-45b3-9a1a-30e1a3812b69/3/fFqj4uMI0r	52.30.244.36	302 Found	0 B
URL User Request GET HTTP/2 click.pstmrk.it/3s/share.hsforms.com%2F1IPP30IDkQW660UaCsO93ygce3je%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dwelcome-to-odyssey/vsyL/9zG1AQ/AQ/8ea7a573-0de3-45b3-9a1a-30e1a3812b69/3/fFqj4uMI0r IP 52.30.244.36:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.pstmrk.it Fingerprint90:D9:20:A1:45:99:E9:E5:BB:C7:B6:AF:46:CB:70:A3:14:93:22:D5 ValiditySun, 03 Sep 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /3s/share.hsforms.com%2F1IPP30IDkQW660UaCsO93ygce3je%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dwelcome-to-odyssey/vsyL/9zG1AQ/AQ/8ea7a573-0de3-45b3-9a1a-30e1a3812b69/3/fFqj4uMI0r HTTP/1.1 Host: click.pstmrk.it User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: awselb/2.0 date: Thu, 09 May 2024 13:06:53 GMT content-type: application/octet-stream content-length: 0 location: https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey X-Firefox-Spdy: h2`

	share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey	104.18.80.204	200 OK	3.8 kB
URL User Request GET HTTP/1.1 share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey IP 104.18.80.204:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT File type HTML document, ASCII text, with very long lines (1150) Size 3.8 kB (3755 bytes) Hash 67b891157b084268bab45158baa8452f 0a402199b393a4473508668c7e639554b653a85b cd786561cafd9e96c3fa3d4761fdf7ed0170c755cc4923465bfc8602a1efaf87 HTTP Headers GET /1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey HTTP/1.1 Host: share.hsforms.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Thu, 09 May 2024 13:06:53 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive x-amz-replication-status: COMPLETED Last-Modified: Wed, 08 May 2024 08:09:42 UTC x-amz-server-side-encryption: AES256 x-amz-meta-ao: {"allowIFrame":"always"} x-amz-version-id: TH.nQvO035GE03c9nX.HCDlbUiBrLMCk Vary: origin X-Cache: Hit from cloudfront Via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront) X-Amz-Cf-Pop: IAD12-P3 X-Amz-Cf-Id: jvgeqYxcln4pBMyM8NZL-mM-DRQICqNRUXCsIScNsDNUUBqhncs-dA== Age: 3419 Access-Control-Allow-Credentials: false Cache-Control: max-age=600 X-HS-Target-Asset: forms-submission-pages/static-1.4391/html/share.html X-Content-Type-Options: nosniff X-HS-Cache-Status: MISS x-envoy-upstream-service-time: 4 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: 37cc9466-851c-4557-8fbb-356b2598eeb5 x-evy-trace-served-by-pod: iad02/star-td/envoy-proxy-75b466ff79-p2xx5 x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: 37cc9466-851c-4557-8fbb-356b2598eeb5 cache-tag: staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod CF-Cache-Status: DYNAMIC Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Set-Cookie: __cf_bm=z.BvTZUb9GHPttMaNfci8jIw_uqVVxavj3X_NTwq_f0-1715260013-1.0.1.1-uTYEaPQAdlYAxu_leJehfr4aIeCw6swu5wxf680J.liySxcwgU96T2hQro4WzjBpq6MY3OY1RqIJjKbLykvvyA; path=/; expires=Thu, 09-May-24 13:36:53 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None _cfuvid=1z5YY8nAanN7eCXjxXKxm7qbsS5oPK1knBrhJ1miebg-1715260013514-0.0.1.1-604800000; path=/; domain=.hsforms.com; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 8811e8cba92bb524-OSL Content-Encoding: br alt-svc: h3=":443"; ma=86400

	js.hscollectedforms.net/collectedforms.js	104.16.111.254	200 OK	28 kB
URL GET HTTP/2 js.hscollectedforms.net/collectedforms.js IP 104.16.111.254:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerLet's Encrypt Subjecthscollectedforms.net FingerprintEF:89:C2:30:37:FD:9F:8F:60:29:26:CC:C6:88:74:92:2B:ED:68:5C ValidityFri, 29 Mar 2024 03:19:03 GMT - Thu, 27 Jun 2024 03:19:02 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65392), with no line terminators Size 28 kB (28542 bytes) Hash 020909a609cf986b4a8a88cfb577a8db b433b99760f44c8a494a5c13a07aa1a9933d0179 5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448 HTTP Headers `GET /collectedforms.js HTTP/1.1 Host: js.hscollectedforms.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://share.hsforms.com DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: application/javascript; charset=utf-8 x-amz-replication-status: COMPLETED last-modified: Wed, 10 Apr 2024 18:06:23 UTC x-amz-server-side-encryption: AES256 x-amz-version-id: _rd02ux3UWoVQsATQDf.p_LxkLPJ6umh etag: W/"020909a609cf986b4a8a88cfb577a8db" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront) x-amz-cf-pop: IAD12-P3 x-amz-cf-id: Df5KnS7YUQ2m3IaQ8ugnp-8Z3ZPnL8ZJaDoSjTN3RjSMobuy0dCreQ== content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=87c93a8aa98856a4-ARN cache-control: s-maxage=600, max-age=300 x-hs-target-asset: collected-forms-embed-js/static-1.491/bundles/project.js x-content-type-options: nosniff access-control-allow-origin: * x-hs-cache-status: HIT x-envoy-upstream-service-time: 3 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: 6e737a10-5158-49c0-8663-46e045641059 x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-kgjsm x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: 6e737a10-5158-49c0-8663-46e045641059 cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod cf-cache-status: HIT age: 239 server: cloudflare cf-ray: 8811e8d10f03b518-OSL content-encoding: br X-Firefox-Spdy: h2

	forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1	104.18.80.204	200 OK	35 B
URL GET HTTP/3 forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1 IP 104.18.80.204:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT File type GIF image data, version 89a, 1 x 1 Size 35 B (35 bytes) Hash c2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 HTTP Headers GET /embed/v3/counters.gif?key=forms-embed-v3-DEFINITION_SUCCESS&count=1 HTTP/1.1 Host: forms-na1.hsforms.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Cookie: __cf_bm=z.BvTZUb9GHPttMaNfci8jIw_uqVVxavj3X_NTwq_f0-1715260013-1.0.1.1-uTYEaPQAdlYAxu_leJehfr4aIeCw6swu5wxf680J.liySxcwgU96T2hQro4WzjBpq6MY3OY1RqIJjKbLykvvyA; _cfuvid=1z5YY8nAanN7eCXjxXKxm7qbsS5oPK1knBrhJ1miebg-1715260013514-0.0.1.1-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: image/gif content-length: 35 cache-control: max-age=0, no-cache, no-store vary: origin access-control-allow-credentials: false x-content-type-options: nosniff access-control-expose-headers: X-Origin-Hublet x-robots-tag: none x-envoy-upstream-service-time: 2 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: 787cb54b-a5f6-44ae-8e38-6869030b30c0 x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-7rkbr x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: 787cb54b-a5f6-44ae-8e38-6869030b30c0 cf-cache-status: DYNAMIC strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 8811e8d2fa0c56c9-OSL alt-svc: h3=":443"; ma=86400

	forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1	104.18.80.204	200 OK	35 B
URL GET HTTP/3 forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 IP 104.18.80.204:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT File type GIF image data, version 89a, 1 x 1 Size 35 B (35 bytes) Hash c2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 HTTP Headers GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1 Host: forms.hsforms.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Cookie: __cf_bm=z.BvTZUb9GHPttMaNfci8jIw_uqVVxavj3X_NTwq_f0-1715260013-1.0.1.1-uTYEaPQAdlYAxu_leJehfr4aIeCw6swu5wxf680J.liySxcwgU96T2hQro4WzjBpq6MY3OY1RqIJjKbLykvvyA; _cfuvid=1z5YY8nAanN7eCXjxXKxm7qbsS5oPK1knBrhJ1miebg-1715260013514-0.0.1.1-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: image/gif content-length: 35 cache-control: max-age=0, no-cache, no-store vary: origin access-control-allow-credentials: false x-content-type-options: nosniff access-control-expose-headers: X-Origin-Hublet x-robots-tag: none x-envoy-upstream-service-time: 7 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: 4607e2c8-357c-467f-9cea-3a34f5fd0d7f x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-jbmqh x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: 4607e2c8-357c-467f-9cea-3a34f5fd0d7f cf-cache-status: DYNAMIC strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 8811e8d3ab2f56c9-OSL alt-svc: h3=":443"; ma=86400

	20813162.fs1.hubspotusercontent-na1.net/hubfs/20813162/whitepaper%204.png	172.64.146.132	200 OK	47 kB
URL GET HTTP/2 20813162.fs1.hubspotusercontent-na1.net/hubfs/20813162/whitepaper%204.png IP 172.64.146.132:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerCloudflare, Inc. Subjecthubspotusercontent-na1.net FingerprintD5:8A:20:92:95:6F:94:7E:3C:B0:CE:58:A8:89:20:D6:9E:7D:2C:2F ValidityTue, 26 Dec 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT File type RIFF (little-endian) data, Web/P image Size 47 kB (47018 bytes) Hash 06b277d61c89cea001a4876556aee413 98db1940228c5175c72ace6985b36d21b0dc1cb8 cb8be06aacd998978d8e9e61955acc4e733df3fbc39df311c996b5c201335a1c HTTP Headers `GET /hubfs/20813162/whitepaper%204.png HTTP/1.1 Host: 20813162.fs1.hubspotusercontent-na1.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: image/webp content-length: 47018 cf-ray: 8811e8d34f307130-OSL cf-cache-status: HIT accept-ranges: bytes access-control-allow-origin: * cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 content-disposition: inline; filename="whitepaper%204.webp" etag: "54bac7f819b7a2cf1a1b0c6d915fde27" last-modified: Thu, 09 May 2024 04:24:17 GMT vary: Accept, Accept-Encoding via: 1.1 381415f9cd2a81e354df30a9d968048c.cloudfront.net (CloudFront) access-control-allow-methods: GET cache-tag: F-166893753013,P-20813162,FLS-ALL cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=85753 edge-cache-tag: F-166893753013,P-20813162,FLS-ALL timing-allow-origin: 20813162.fs1.hubspotusercontent-na1.net x-amz-cf-id: RK44TgwJNSKjVqX4EUiG17iDR89MeEuoyB2noY9VXaSyExLDwPTMgw== x-amz-cf-pop: ARN1-C1 x-amz-id-2: RYMI0x2UaNZszZIlyhbKZKpABzYi+inXHigC5BIDDj2iSQ8JdVq/9wpuhRNLQfJ45YDXvZkuaXM= x-amz-meta-access-tag: public-not-indexable x-amz-meta-cache-tag: F-166893753013,P-20813162,FLS-ALL x-amz-meta-created-unix-time-millis: 1715228656744 x-amz-meta-index-tag: none x-amz-replication-status: COMPLETED x-amz-request-id: B8WRZKZR8G4Q0D2Y x-amz-server-side-encryption: AES256 x-amz-storage-class: INTELLIGENT_TIERING x-amz-version-id: 0BCJLqL9Xko0yhdkDT2T3qGx_TN3FsaB x-cache: Miss from cloudfront x-hs-alternate-content-type: text/plain x-hs-cf-lambda: us-east-1.EnforceAclForReads 3 x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3 x-robots-tag: none server: cloudflare X-Firefox-Spdy: h2

	forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1	104.18.80.204	200 OK	35 B
URL GET HTTP/3 forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1 IP 104.18.80.204:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT File type GIF image data, version 89a, 1 x 1 Size 35 B (35 bytes) Hash c2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 HTTP Headers GET /embed/v3/counters.gif?key=forms-embed-v3-RENDER_SUCCESS&count=1 HTTP/1.1 Host: forms-na1.hsforms.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Cookie: __cf_bm=z.BvTZUb9GHPttMaNfci8jIw_uqVVxavj3X_NTwq_f0-1715260013-1.0.1.1-uTYEaPQAdlYAxu_leJehfr4aIeCw6swu5wxf680J.liySxcwgU96T2hQro4WzjBpq6MY3OY1RqIJjKbLykvvyA; _cfuvid=1z5YY8nAanN7eCXjxXKxm7qbsS5oPK1knBrhJ1miebg-1715260013514-0.0.1.1-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: image/gif content-length: 35 cache-control: max-age=0, no-cache, no-store vary: origin access-control-allow-credentials: false x-content-type-options: nosniff access-control-expose-headers: X-Origin-Hublet x-robots-tag: none x-envoy-upstream-service-time: 1 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: 8209e57f-aad6-4ddf-a342-0d8aaa3eb361 x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: 8209e57f-aad6-4ddf-a342-0d8aaa3eb361 cf-cache-status: DYNAMIC strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 8811e8d33a8256c9-OSL alt-svc: h3=":443"; ma=86400

	share.hsforms.com/favicon.ico	104.18.80.204	200 OK	4.3 kB
URL GET HTTP/3 share.hsforms.com/favicon.ico IP 104.18.80.204:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT File type HTML document, ASCII text, with very long lines (1150) Size 4.3 kB (4258 bytes) Hash 67b891157b084268bab45158baa8452f 0a402199b393a4473508668c7e639554b653a85b cd786561cafd9e96c3fa3d4761fdf7ed0170c755cc4923465bfc8602a1efaf87 HTTP Headers GET /favicon.ico HTTP/1.1 Host: share.hsforms.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Cookie: __cf_bm=z.BvTZUb9GHPttMaNfci8jIw_uqVVxavj3X_NTwq_f0-1715260013-1.0.1.1-uTYEaPQAdlYAxu_leJehfr4aIeCw6swu5wxf680J.liySxcwgU96T2hQro4WzjBpq6MY3OY1RqIJjKbLykvvyA; _cfuvid=1z5YY8nAanN7eCXjxXKxm7qbsS5oPK1knBrhJ1miebg-1715260013514-0.0.1.1-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: text/html; charset=utf-8 x-amz-replication-status: COMPLETED last-modified: Wed, 08 May 2024 08:09:42 UTC x-amz-server-side-encryption: AES256 x-amz-meta-ao: {"allowIFrame":"always"} x-amz-version-id: TH.nQvO035GE03c9nX.HCDlbUiBrLMCk vary: origin, Accept-Encoding x-cache: Hit from cloudfront via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront) x-amz-cf-pop: IAD12-P3 x-amz-cf-id: 3c_E4eJnGKHBBQcYJCnrVy0hBWLZIUgggkuHt_LQ0ilC_hX513tU4g== access-control-allow-credentials: false cache-control: max-age=600 x-hs-target-asset: forms-submission-pages/static-1.4391/html/share.html x-content-type-options: nosniff x-hs-cache-status: HIT x-envoy-upstream-service-time: 0 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: c9bfc86a-9731-4b61-a598-11cfe546fdce x-evy-trace-served-by-pod: iad02/star-td/envoy-proxy-75b466ff79-kr567 x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: c9bfc86a-9731-4b61-a598-11cfe546fdce cache-tag: staticjsapp-forms-submission-pages-web-prod,staticjsapp-prod cf-cache-status: HIT age: 414 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 8811e8d4dd4256c9-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	static.hsappstatic.net/forms-submission-pages/static-1.4391/bundles/share-legacy.js	104.17.172.91	200 OK	4.9 kB
URL GET HTTP/2 static.hsappstatic.net/forms-submission-pages/static-1.4391/bundles/share-legacy.js IP 104.17.172.91:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerLet's Encrypt Subjecthsappstatic.net Fingerprint61:E3:53:36:62:DE:C3:13:8E:18:03:8C:52:A5:83:A5:BC:D7:7D:0F ValidityWed, 08 May 2024 02:17:22 GMT - Tue, 06 Aug 2024 02:17:21 GMT File type JavaScript source, ASCII text, with very long lines (5011), with no line terminators Size 4.9 kB (4858 bytes) Hash 7b461b4884cd2ea718007870f6e0f606 797e5243a0a324c0272735c98fe836f47069e731 fff4ff2065d4caf791f4f3cec3f29b06390a11be3ed5efcfd8435e455f0a940f HTTP Headers `GET /forms-submission-pages/static-1.4391/bundles/share-legacy.js HTTP/1.1 Host: static.hsappstatic.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://share.hsforms.com DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: application/javascript access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 x-amz-replication-status: COMPLETED last-modified: Wed, 08 May 2024 00:46:48 GMT etag: W/"375e75cc125882314f2f3cbe0dc324f1" x-amz-server-side-encryption: AES256 x-amz-version-id: JH1XNFo87Ab1wrWQGUK0Qy4MdorNyyqQ vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 fdac35835bcf0937b6f910eeac10720e.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P2 x-amz-cf-id: lHn_cT7j7wa-gYIyeEYSSwbtIeeqGymesXzCy9ubam_rdGbnsYwa7A== cf-cache-status: HIT age: 104162 expires: Fri, 09 May 2025 13:06:54 GMT cache-control: public, max-age=31536000 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7bbbsNSl3L3mbDhzLegtRipiU930d1g%2FRR8Z61do%2F5hwcmAgHdoPWJWSpP2q18azTfnQbFiXrc4I1XwcP5Ui6XBZgXj5HmOGIc%2Fz%2FxgW%2BgcfAkrdRWc5UofiovvIwB9H9z4HH59fAk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 8811e8cf6f50568b-OSL content-encoding: br X-Firefox-Spdy: h2

	js.hs-scripts.com/20813162.js	104.16.141.209	200 OK	1.6 kB
URL GET HTTP/2 js.hs-scripts.com/20813162.js IP 104.16.141.209:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerLet's Encrypt Subjecths-scripts.com Fingerprint10:6A:CE:54:F8:1D:59:1E:1F:7D:DB:76:07:FC:FF:1A:7D:70:E9:BD ValidityMon, 01 Apr 2024 23:22:11 GMT - Sun, 30 Jun 2024 23:22:10 GMT File type ASCII text, with very long lines (1637), with no line terminators Size 1.6 kB (1556 bytes) Hash 25e9429419a2c9eaf98710253b53045c f09dd2b891f9024d6ebbc07d8beb865b2e5ab21e accc3b70b7d7550ab56a74a66948f440f3362bfc11ce2cca767c9943a605bbc0 HTTP Headers `GET /20813162.js HTTP/1.1 Host: js.hs-scripts.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: application/javascript;charset=utf-8 vary: origin, Accept-Encoding access-control-allow-credentials: true x-content-type-options: nosniff access-control-max-age: 3600 access-control-allow-origin: https://share.hsforms.com x-envoy-upstream-service-time: 6 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: b8b1a9a5-dc6b-4e87-b187-99332425ffcb x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-thlkw x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: b8b1a9a5-dc6b-4e87-b187-99332425ffcb last-modified: Thu, 09 May 2024 07:55:53 GMT cf-cache-status: EXPIRED expires: Thu, 09 May 2024 13:08:24 GMT cache-control: public, max-age=90 server: cloudflare cf-ray: 8811e8cf680d0b06-OSL content-encoding: br X-Firefox-Spdy: h2

	js.hs-banner.com/v2/20813162/banner.js	104.18.34.229	200 OK	72 kB
URL GET HTTP/2 js.hs-banner.com/v2/20813162/banner.js IP 104.18.34.229:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerLet's Encrypt Subjecths-banner.com FingerprintFD:CD:8E:97:D4:7A:91:8A:CF:B0:8D:03:EF:EB:A1:49:9F:F6:62:40 ValidityMon, 01 Apr 2024 01:01:12 GMT - Sun, 30 Jun 2024 01:01:11 GMT File type JavaScript source, ASCII text, with very long lines (65047) Size 72 kB (72350 bytes) Hash a977c5baea439cf928f45f85bb2b5087 b9b45a83258fc1eb6c48664828302e4f28af6b14 4b56f5bd214ccaab1ceda3222ab24a3a41e6fe868648b6435c21b69c822635c2 HTTP Headers `GET /v2/20813162/banner.js HTTP/1.1 Host: js.hs-banner.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: text/javascript; charset=UTF-8 x-amz-id-2: fLEMxDpGnDjzThArpUch3dCdWCPQBn09UEnOUZKy8H64G8cz4VH0heVWffD4/oMHEEoaf4GnRwVwSN3dWQLY3XB+SL3m+ng/Toqsh3WxVh4= x-amz-request-id: SGCBFZRVJTF5TA3P last-modified: Thu, 09 May 2024 04:14:59 GMT etag: W/"a977c5baea439cf928f45f85bb2b5087" x-amz-server-side-encryption: AES256 cache-control: max-age=300,public x-amz-version-id: jOj3PkDQsHfQaS.HnJVzZLFHdgn1fD6u access-control-allow-origin: https://share.hsforms.com access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing access-control-allow-credentials: true access-control-max-age: 604800 timing-allow-origin: * vary: origin, Accept-Encoding expires: Thu, 09 May 2024 13:11:54 GMT x-envoy-upstream-service-time: 36 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: ea1d4233-4a7f-4fc7-a548-4981b1a70ee1 x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2 x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: ea1d4233-4a7f-4fc7-a548-4981b1a70ee1 cf-cache-status: REVALIDATED server: cloudflare cf-ray: 8811e8d10a26b521-OSL content-encoding: br X-Firefox-Spdy: h2

	forms.hsforms.com/embed/v3/form/20813162/20f3f7d0-80e4-416e-bad1-4682b0ef77ca/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182	104.18.80.204	200 OK	14 kB
URL GET HTTP/1.1 forms.hsforms.com/embed/v3/form/20813162/20f3f7d0-80e4-416e-bad1-4682b0ef77ca/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182 IP 104.18.80.204:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerGoogle Trust Services LLC Subjecthsforms.com Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT File type Size 14 kB (13467 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /embed/v3/form/20813162/20f3f7d0-80e4-416e-bad1-4682b0ef77ca/json?hs_static_app=forms-embed&hs_static_app_version=1.5182&X-HubSpot-Static-App-Info=forms-embed-1.5182 HTTP/1.1 Host: forms.hsforms.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://share.hsforms.com DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Thu, 09 May 2024 13:06:54 GMT Content-Type: application/json;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive X-Origin-Hublet: na1 Vary: origin Access-Control-Allow-Origin: https://share.hsforms.com Access-Control-Allow-Methods: OPTIONS, GET Access-Control-Allow-Headers: * Access-Control-Allow-Credentials: false Access-Control-Max-Age: 180 X-Content-Type-Options: nosniff Access-Control-Expose-Headers: X-Origin-Hublet Cache-Control: max-age=0, no-cache, no-store X-Robots-Tag: none x-envoy-upstream-service-time: 22 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all X-HubSpot-Correlation-Id: 5abc97b9-aad1-4356-b89c-0378edead790 x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-9qvwg x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: 5abc97b9-aad1-4356-b89c-0378edead790 CF-Cache-Status: DYNAMIC Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Set-Cookie: __cf_bm=mNcRLxFvyTD4Ix7U4L_3Ld7DYS3CLCtg9OKGiVIN7Ew-1715260014-1.0.1.1-8Vak81ZjdygZNx.1vRIr_vp4kkuVWI1Y3o2RL0_ow6IP7c.nhproQXN1ENJ.3h7VPU5CcKt4HSikubeyOv_FVQ; path=/; expires=Thu, 09-May-24 13:36:54 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None _cfuvid=0S2mJBWHwfUIxwip1Ovx.lBnbVC6rhzIhTiRLGdZT9U-1715260014528-0.0.1.1-604800000; path=/; domain=.hsforms.com; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 8811e8d19b21b527-OSL Content-Encoding: br alt-svc: h3=":443"; ma=86400

	js.hsforms.net/forms/embed/v3.js	104.18.142.119	200 OK	484 kB
URL GET HTTP/2 js.hsforms.net/forms/embed/v3.js IP 104.18.142.119:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerGoogle Trust Services LLC Subjecthsforms.net Fingerprint49:63:68:DE:D1:58:F7:46:97:8D:A9:5F:77:E7:1E:EF:95:DF:EB:E3 ValidityMon, 15 Apr 2024 01:41:40 GMT - Sun, 14 Jul 2024 01:41:39 GMT File type Size 484 kB (483823 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /forms/embed/v3.js HTTP/1.1 Host: js.hsforms.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: application/javascript; charset=utf-8 x-amz-replication-status: COMPLETED last-modified: Fri, 03 May 2024 16:00:07 UTC etag: W/"dff4ba3711b02da1824149f5b571bb4e" x-amz-server-side-encryption: AES256 x-amz-version-id: xsG5fY3E.Nt_nX1yzNbxZM2eFSp9.4SB vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront) x-amz-cf-pop: IAD12-P3 x-amz-cf-id: -IslehwwKBjZwXlPhThaJI-ls5Ddrl9cQOPXj2L65dlI8nKsyfmkZQ== content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5182/bundles/project-v3.js&cfRay=87e17b9e29df5697-ARN cache-control: s-maxage=600, max-age=300 x-hs-target-asset: forms-embed/static-1.5182/bundles/project-v3.js x-content-type-options: nosniff access-control-allow-origin: * x-hs-cache-status: HIT x-envoy-upstream-service-time: 1 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: be520015-e112-49a4-88fa-5abdae78800a x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: be520015-e112-49a4-88fa-5abdae78800a cache-tag: staticjsapp-forms-embed-v3-web-prod,staticjsapp-prod cf-cache-status: EXPIRED set-cookie: __cf_bm=FbN54ps31.PrBjBvOpx8rqCNznl6HTJKW3qRL2ILDYk-1715260014-1.0.1.1-RKr_.VDwEDc.RwM9rf2V0BmRftPmjQAOYC52fA8_qhX8pUQUnNAlJ5GbZxs2F.RZrj2RP3rUtRlNINlgoNcq2A; path=/; expires=Thu, 09-May-24 13:36:54 GMT; domain=.hsforms.net; HttpOnly; Secure; SameSite=None report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3u%2BARAIHxq4MPv%2BaWmeQwC3zLaAORsaGUj%2BaFkwK2qrLvrap5k326rfNyToDhGMNQWvaQZwWgO%2F2xiBKfqkjPE0wl5Ne7NGwr2JrSo7a1JP0XOQHbb8RtL4%2BiOVgrNBl"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 8811e8cf6945b4fa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20813162&utk=	104.16.111.254	200 OK	116 B
URL GET HTTP/2 forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=20813162&utk= IP 104.16.111.254:443 ASN #13335 CLOUDFLARENET Requested by https://share.hsforms.com/1IPP30IDkQW660UaCsO93ygce3je?utm_source=newsletter&utm_medium=email&utm_campaign=welcome-to-odyssey Certificate IssuerLet's Encrypt Subjecthscollectedforms.net FingerprintEF:89:C2:30:37:FD:9F:8F:60:29:26:CC:C6:88:74:92:2B:ED:68:5C ValidityFri, 29 Mar 2024 03:19:03 GMT - Thu, 27 Jun 2024 03:19:02 GMT File type troff or preprocessor input, ASCII text, with no line terminators Size 116 B (116 bytes) Hash 5c9c127ad3c6099ed13244a2488e7abf 9d9530597e6009fe4178565fadb8374a4a98afae 489ca606b86bfd14a142deee91eeb501063f2f451bab8dce5bb3a5184ff3c98f HTTP Headers GET /collected-forms/v1/config/json?portalId=20813162&utk= HTTP/1.1 Host: forms.hscollectedforms.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://share.hsforms.com DNT: 1 Connection: keep-alive Referer: https://share.hsforms.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Thu, 09 May 2024 13:06:54 GMT content-type: application/json;charset=utf-8 vary: Accept-Encoding cache-control: max-age=0 x-content-type-options: nosniff x-robots-tag: none access-control-allow-origin: https://share.hsforms.com access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-headers: * access-control-max-age: 180 x-envoy-upstream-service-time: 26 x-evy-trace-route-service-name: envoyset-translator x-evy-trace-virtual-host: all x-hubspot-correlation-id: 1fe4f0d8-3426-488a-9b13-5fb496e7bca3 x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-mgch5 x-evy-trace-listener: listener_https x-evy-trace-route-configuration: listener_https/all x-request-id: 1fe4f0d8-3426-488a-9b13-5fb496e7bca3 cf-cache-status: DYNAMIC server: cloudflare cf-ray: 8811e8d1c816b518-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML