urlscan.io logo urlscan.io
SecurityTrails logo

share.hsforms.com Open in urlscan Pro
2606:4700::6810:5805  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC...
Effective URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_...
Submission: On March 04 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6810:5805, located in United States and belongs to CLOUDFLARENET, US. The main domain is share.hsforms.com. The Cisco Umbrella rank of the primary domain is 129383.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.
This is the only time share.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
24 13
2    2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.emis.com
8    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
share.hsforms.com
forms.hsforms.com
perf.hsforms.com
1    2606:4700::6811:6d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
3    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:e8cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
8 hsforms.com
share.hsforms.com — Cisco Umbrella Rank: 129383
forms.hsforms.com — Cisco Umbrella Rank: 4461
perf.hsforms.com — Cisco Umbrella Rank: 9303
17 KB
3 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2180
2 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2051
16 KB
2 emis.com
info.emis.com
4 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4008
87 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2038
20 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3167
3 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4966
22 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2209
1 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6335
176 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 7281
3 KB
24 13
Domain Requested by
4 forms.hsforms.com share.hsforms.com
3 track.hubspot.com
3 perf.hsforms.com share.hsforms.com
3 js.hs-banner.com js.hs-scripts.com
js.hs-banner.com
2 info.emis.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com js.hsforms.net
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-scripts.com share.hsforms.com
1 js.hsforms.net share.hsforms.com
1 static.hsappstatic.net share.hsforms.com
1 share.hsforms.com info.emis.com
24 15

This site contains links to these domains. Also see Links.

Domain
www.emis.com
Subject Issuer Validity Valid
info.emis.com
Cloudflare Inc ECC CA-3		 2021-06-05 -
2022-06-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Frame ID: 58706B3B3A080AC0D5B0259ABD03BE5A
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FormForm

Page URL History Show full URLs

  1. https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-... Page URL
  2. https://info.emis.com/events/public/v1/encoded/track/tc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5... HTTP 307
    https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Dai... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

13
Domains

15
Subdomains

13
IPs

2
Countries

364 kB
Transfer

1483 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC1FW3S-N-g46Dm7lW6HVH555gD26LW2zgK6S6pdH_ZW1sP_V26ct7bMW7d8hS56x77SRW5zWqrR3Vqz7JW2MFvHM17QQdrW3C_FJ13wSYzgW2xPkDL4JfrQyW3sZFSC7xM7q5W6TN4CL7mL8TdW8Nf4H690w-jBW1_wwGB4gtPqpW6gB6CZ2_pYkNVCMD8w2cWv9kW582JCZ95xx-nN4Bq5zhbYM9JW5WwBQC1q0RnQW3KcRYP96QW6pVj4fPc7hXKLtVqZytM751f-wN43QjXWBpXdlW2M1kKT6JprphW2ft-cN3jFxN_W7T32hb77WWKW3hDY1 Page URL
  2. https://info.emis.com/events/public/v1/encoded/track/tc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC1FW3S-N-g46Dm7lW6HVH555gD26LW2zgK6S6pdH_ZW1sP_V26ct7bMW7d8hS56x77SRW5zWqrR3Vqz7JW2MFvHM17QQdrW3C_FJ13wSYzgW2xPkDL4JfrQyW3sZFSC7xM7q5W6TN4CL7mL8TdW8Nf4H690w-jBW1_wwGB4gtPqpW6gB6CZ2_pYkNVCMD8w2cWv9kW582JCZ95xx-nN4Bq5zhbYM9JW5WwBQC1q0RnQW3KcRYP96QW6pVj4fPc7hXKLtVqZytM751f-wN43QjXWBpXdlW2M1kKT6JprphW2ft-cN3jFxN_W7T32hb77WWKW3hDY1?_ud=be0c457c-e7f6-4e2a-ac02-58cc5e36477c&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC1FW3S-N-g46Dm7lW6HVH555gD26LW2zgK6S6pdH_ZW1sP_V26ct7bMW7d8hS56x77SRW5zWqrR3Vqz7JW2MFvHM17QQdrW3C_FJ13wSYzgW2xPkDL4JfrQyW3sZF...
info.emis.com/e3t/Btc/WX+113/cbykc04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC1FW3S-N-g46Dm7lW6HVH555gD26LW2zgK6S6pdH_ZW1sP_V26ct7bMW7d8hS56x77SRW5zWqrR3Vqz7JW2MFvHM17QQdrW3C_FJ13wSYzgW2xPkDL4JfrQyW3sZFSC7xM7q5W6TN4CL7mL8TdW8Nf4H690w-jBW1_wwGB4gtPqpW6gB6CZ2_pYkNVCMD8w2cWv9kW582JCZ95xx-nN4Bq5zhbYM9JW5WwBQC1q0RnQW3KcRYP96QW6pVj4fPc7hXKLtVqZytM751f-wN43QjXWBpXdlW2M1kKT6JprphW2ft-cN3jFxN_W7T32hb77WWKW3hDY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 04 Mar 2022 00:39:57 GMT
content-type
text/html;charset=utf-8
cf-ray
6e668eca0e6f9b6a-FRA
last-modified
Fri, 04 Mar 2022 00:39:57 GMT
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
e0ce5968-5cdc-4601-bb82-f4b58f4c0985
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kaki9%2BMg7uNXaajMXhySxtg8sQQQIBChHeNYGppHh8hT4POTSgXkEtaBY430RVXjMyqJKYEv7Wg7DMpjF0qxpFNs1KkckT3qXtbgZlxRDLbtOgpKHKbmg8rV7hJ4jo7gQ%2F3%2BKcwZ9pcb4Yg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request 1K1wwTrdsROyKCm8nRhhzUwzkyt
share.hsforms.com/
Redirect Chain
  • https://info.emis.com/events/public/v1/encoded/track/tc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC1FW3S-N-g46Dm7lW6HVH555gD26LW2zgK6S6pdH_ZW1sP_V26ct7b...
  • https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98c...
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Requested by
Host: info.emis.com
URL: https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC1FW3S-N-g46Dm7lW6HVH555gD26LW2zgK6S6pdH_ZW1sP_V26ct7bMW7d8hS56x77SRW5zWqrR3Vqz7JW2MFvHM17QQdrW3C_FJ13wSYzgW2xPkDL4JfrQyW3sZFSC7xM7q5W6TN4CL7mL8TdW8Nf4H690w-jBW1_wwGB4gtPqpW6gB6CZ2_pYkNVCMD8w2cWv9kW582JCZ95xx-nN4Bq5zhbYM9JW5WwBQC1q0RnQW3KcRYP96QW6pVj4fPc7hXKLtVqZytM751f-wN43QjXWBpXdlW2M1kKT6JprphW2ft-cN3jFxN_W7T32hb77WWKW3hDY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abbf9ab909d92d6d69da16ac1186a038b92b4f0a0f13c8f3761bc517f8c703c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgLc1W41bjL18GZC1FW3S-N-g46Dm7lW6HVH555gD26LW2zgK6S6pdH_ZW1sP_V26ct7bMW7d8hS56x77SRW5zWqrR3Vqz7JW2MFvHM17QQdrW3C_FJ13wSYzgW2xPkDL4JfrQyW3sZFSC7xM7q5W6TN4CL7mL8TdW8Nf4H690w-jBW1_wwGB4gtPqpW6gB6CZ2_pYkNVCMD8w2cWv9kW582JCZ95xx-nN4Bq5zhbYM9JW5WwBQC1q0RnQW3KcRYP96QW6pVj4fPc7hXKLtVqZytM751f-wN43QjXWBpXdlW2M1kKT6JprphW2ft-cN3jFxN_W7T32hb77WWKW3hDY1

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
content-type
text/html; charset=utf-8
x-amz-replication-status
COMPLETED
last-modified
Mon, 07 Feb 2022 08:23:43 UTC
x-amz-server-side-encryption
AES256
x-amz-meta-ao
{"allowIFrame":"tbd","reportOnly":{"allowIFrame":"self"}}
x-amz-version-id
VtfdVuIRxHSPk71Fxf8.zyJ_BRAxI5os
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b9d1b307966c2273bf97ed7c681603da.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-amz-cf-id
wXscAfFQaU7y4osX4WZssP9icNj0f2JtwCYCDiypjCuli2KDSpXmog==
age
1422
access-control-allow-credentials
false
cache-control
max-age=600
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-submission-pages/static-1.1659/html/share.html&cfRay=6e668eccd8169bcb-IAD
x-hs-target-asset
forms-submission-pages/static-1.1659/html/share.html
x-hs-cache-status
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
6e668eccd8169bcb-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 04 Mar 2022 00:39:58 GMT
location
https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
cf-ray
6e668ecb1fd49b6a-FRA
link
<https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
6428ff10-a30d-4207-88cb-5f7cd36d99e1
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BoOwWkLWSM946dbUMoGsUOh%2By9ct0b3gZrgVBoapdVk8rGCnD8OjgMNYldSsZJzFBmInymfWqUL7o%2FOvAUc3e86MKcFZrlvREoKFMAZ0M2Qf498vSqJOr1YFNHtN37LCUnTPifrKJ%2BJ4ds%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.1659/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.1659/bundles/share-legacy.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a89a7b2c455f74bd7cd5f5305127caf3f6c2c1c11f7415787b51a919dba9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
via
1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2132147
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 04 Feb 2022 22:22:17 GMT
server
cloudflare
etag
W/"25f8e8189802de8808942662c474f69e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tl4HVfuA4UkGyf26qOK5lcxgCfanfB1dOc8I2sHohsSxk2uJGM4eTi1CVA4kAdmH4wnExh3EtZqGytcHVuTuW%2FM09YUtymXvaykhtiPN6k7i7R0uSh0xlZsP0MAjo63qH0cRjH6EYv7e0AX3nJTd0eCpJo8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
2_9iIUXUTs7vKtd32RW4yxFF_T8v3WYG
cache-control
public, max-age=31536000
x-amz-cf-pop
MUC50-C1
cf-ray
6e668ece2e46696a-FRA
x-amz-cf-id
PaM-Nl7g3QnyKanxQqFxk8galqMq5C9TF3IjbIq9EwiOHlxw_NU_hw==
expires
Sat, 04 Mar 2023 00:39:58 GMT
json
forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://share.hsforms.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
content-type
text/plain; charset=utf-8
content-length
18
x-trace
2B9E52E1F3B10FD9DD3E16ED118A043312D78234A4000000000000000000
allow
HEAD,GET,OPTIONS
vary
Accept-Encoding
x-hubspot-correlation-id
f234005f-3e81-496f-8c1a-057fd960f02c
access-control-allow-origin
https://share.hsforms.com
access-control-allow-methods
OPTIONS, GET
access-control-allow-headers
content-type
access-control-allow-credentials
false
access-control-max-age
180
cache-control
max-age=0, no-cache, no-store
x-robots-tag
none
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
6e668ece2a2b9267-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
new-embed-script.js
js.hsforms.net/forms/ 		622 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/new-embed-script.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1df3a3f9ee36081ef1223bfa1891db40626f18e0530d0744276a90d37d3ed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
via
1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.1709/bundles/project.js&cfRay=6e668ece28649273-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Feb 2022 10:01:23 UTC
server
cloudflare
etag
W/"f14e8ed9552278470de5307a04782fb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWQaC5uIggzKflhHdz0fa%2BowI2UOKHuQgnw%2BHmF7JnwIVLJND2i52XKAeWsHeFEDTnmh3u%2FdH%2FpXh6qhMaCodFwR5ZdyF0Pq7Axsi%2FNa9HbEA%2F6tCQZnmKkhNqXJ5Bif4OSJKrdzAoPvjQFe"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4TWNmPon_8V3kMAGr7L60rGf7qxXPrPz
access-control-allow-origin
*
cache-control
max-age=600
x-hs-cache-status
HIT
cf-ray
6e668ece28649273-FRA
x-amz-cf-id
GQgvh9JBVHKnwr6egqfC_-kuK_UO_pVBzG3LqaDN2XR-FZC1dKgA0Q==
x-hs-target-asset
forms-embed/static-1.1709/bundles/project.js
json
forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/ 		76 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/json
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e515e0dacdea73ca06a9222857e5723da38a350f73e4a8c9623c7d716ddfc85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://share.hsforms.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
97c7d64f-c657-4e38-be1c-9c14d6a2bd42
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
x-trace
2B980C1A02906D5821D5E94E02E292F1237A6AA663000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6e668ecefad69267-FRA
access-control-allow-headers
*
1660133.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/1660133.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5151aa5561478930eb3beabd864c0b5d1d1a56580e96b1c2564ac9725ca12c33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
b13eed59-986f-4e8e-bf5f-39ca6431e2f7
last-modified
Fri, 04 Mar 2022 00:30:42 GMT
server
cloudflare
x-trace
2B4FD54574026CB849FC99175E966D27196FEC5D3D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6e668ece280968eb-FRA
expires
Fri, 04 Mar 2022 00:40:58 GMT
conversations-embed.js
js.usemessages.com/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bea4db66d928709d6a4fc8ac5914dfd7c92249fde44cbb2994fd180af3895af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
via
1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
73
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9719/bundles/project.js&cfRay=6e668d035a78699f-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 01 Mar 2022 07:23:13 UTC
server
cloudflare
etag
W/"85c4f9fe96740daa235a2cd1f8c2cfcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
XRjafJw7fIUN0n4RHORPrPOpV4wf53ae
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6e668ecf5d7b995d-FRA
x-amz-cf-id
V-_wRczLhUFrroYlV5_d7EskMSCb_SX2yMgt6jmpHj5MVG8wJp-NvA==
x-hs-target-asset
conversations-embed/static-1.9719/bundles/project.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e74e8023df55898fdc5f9b80056d0a2135bd3dd4767b955c998d2604f6f0264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
via
1.1 a7a1b4c19abc42d237405ce4c4069f10.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
113
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.267/bundles/pixels-release.js&cfRay=6e668c0959bd9be2-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 22 Feb 2022 02:08:45 UTC
server
cloudflare
etag
W/"06eb4f66eb63af900e184afb62a0e749"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
qWKNTxbLt9Op0SuQkozrcwC2H7kJu2oM
cache-control
max-age=600
x-hs-cache-status
EXPIRED
x-amz-cf-pop
IAD89-P1
cf-ray
6e668ecf7b7a9bca-FRA
x-amz-cf-id
kh_KFpfdJCImlEOdZiVyapNJAaXlNVaqk98UhfDt23bF3k7bhNziPA==
x-hs-target-asset
adsscriptloaderstatic/static-1.267/bundles/pixels-release.js
1660133.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/1660133.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81a7640351ef6b32199211a731eeb548c71ae17fd536db1f24247f870fa7b75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
ASH4KMRPJY82ZGYP
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
KYZkWfY9RDhzJYK9VQE2ZDTzPX07xBTiG+IwmH49O/0jlmcZhJOnIldymwFRNRTjxLtokhvncuo=
timing-allow-origin
*
last-modified
Thu, 17 Feb 2022 20:42:17 GMT
server
cloudflare
etag
W/"ad74b27cc8f6a3e6c39c66aedc9e5a10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
PMKoe6dx3rMgnkUgYeDUB875GVMptxgB
access-control-allow-origin
https://www.emis.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6e668ecf5d8f699b-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 04 Mar 2022 00:44:58 GMT
1660133.js
js.hs-analytics.net/analytics/1646354100000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1646354100000/1660133.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0704128e7b070c13fe43cf5dafb85612ce2a3ed05d936febd25693d4cd561296

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
2JYSD6A6D01KCBFY
x-amz-server-side-encryption
AES256
cf-ray
6e668ecf58508fe6-FRA
x-amz-id-2
YqaK0QhvMHx/c5pzt4N96WG0Vbdg0nVVy+Lr/IhImMarqJqXT7LVhuNGr3Em7StAi7wd4OLSxSQ=
last-modified
Thu, 24 Feb 2022 12:05:48 GMT
server
cloudflare
etag
W/"d8d370e254a875cf40f3d3a3ef42f25e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Fri, 04 Mar 2022 00:44:58 GMT
leadflows.js
js.hsleadflows.net/ 		534 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
via
1.1 76cd2de9f0213e8c76093c6b346e8118.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
52864
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js&cfRay=6e61842b197e5c9e-EWR
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 01 Mar 2022 09:57:40 UTC
server
cloudflare
etag
W/"57a8210ba9519a68ae76dcc1857db0f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
qE7M39zrJ2dCa.o34UdW.NnTPVZDG9U3
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6e668ecf5e449b3d-FRA
x-amz-cf-id
Vg8-lkx4gsuJQYxtmrg7vCS4Vu6j6Plfo42Dpu8AFm5j4GQtBFURQw==
x-hs-target-asset
lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-DEFINITION_SUCCESS&count=1
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
e47ef11e-f193-452a-8375-a0c8622bfda0
x-trace
2BE75983AB9B294FDB9CF78686866AB108B74715F1000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e668ed088e1994a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/new-embed-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 00:09:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 04 Mar 2022 00:39:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Mar 2022 00:39:58 GMT
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=embed-script&valueInMs=265.3000011444092
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
fd3ed41f-268a-4868-9244-1ff324aad4e2
cf-ray
6e668ed05c579bcb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Fri, 04 Mar 2022 00:39:58 GMT
server
cloudflare
x-trace
2B822AE44FBAA8B4FFF816F736F47BEAD940B35721000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=fetch-definition&valueInMs=330.1000003814697
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
549324e3-1b36-4fc4-ac78-244a7c6906e3
cf-ray
6e668ed05c5b9bcb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Fri, 04 Mar 2022 00:39:58 GMT
server
cloudflare
x-trace
2BA3D37C39ADF65916AF42FBFCE0D5591D95865F36000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=render&valueInMs=30.100000381469727
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:58 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
1ed8f6fe-4062-4fcc-97d5-0262e597378e
cf-ray
6e668ed05c5a9bcb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Fri, 04 Mar 2022 00:39:58 GMT
server
cloudflare
x-trace
2BD635C2A3670A0BE8B3FE4BC443199A53B1DE3ECE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-RENDER_SUCCESS&count=1
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w&utm_content=205716109&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
427bea07-078b-40e7-8e42-c5f6c9a193db
x-trace
2B1CC21AFF64B0A0599D5C111572CBA9A9388D48A7000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e668ed088dc994a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://share.hsforms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 21:26:13 GMT
x-content-type-options
nosniff
age
184425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 21:26:13 GMT
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://share.hsforms.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Mar 2022 00:39:59 GMT
content-type
application/octet-stream
content-length
0
access-control-allow-origin
https://share.hsforms.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e668ed3af8e5c08-FRA
__ptq.gif
track.hubspot.com/ 		45 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=2b5c304e-b76c-44ec-8a0a-6f2746187353&fci=c9a2f6e7-d5b0-4a74-8cab-0c778c381d43&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=1660133&ccu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt&pu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt%3Futm_campaign%3DEMIS%2520Russia%2520%2526%2520Ukraine%2520Daily%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D205714770%26_hsenc%3Dp2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w%26utm_content%3D205716109%26utm_source%3Dhs_email&t=Form&cts=1646354399235&vi=6f3f54d97e0e338448aa44990046047f&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:59 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
b51f66b4-01de-4025-9a41-4760daa7b83d
cf-ray
6e668ed3af5d9b76-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YIDkE7J7o2WsXqVX03HRIO4VRjF4pVDT5tXj5lSYB6hu0yaZ8iYB4hNGnOlFGHZp8nzm5S3cP4R23PkorpIzoacewO0GPpKmV092rTV00QIWgl6MyROJn%2B4SRG5%2FmcUHmbYvCPewJzQ5ElCn3tH"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=2b5c304e-b76c-44ec-8a0a-6f2746187353&fci=c9a2f6e7-d5b0-4a74-8cab-0c778c381d43&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=1660133&ccu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt&pu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt%3Futm_campaign%3DEMIS%2520Russia%2520%2526%2520Ukraine%2520Daily%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D205714770%26_hsenc%3Dp2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w%26utm_content%3D205716109%26utm_source%3Dhs_email&t=Form&cts=1646354399236&vi=6f3f54d97e0e338448aa44990046047f&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:59 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
d334c8ee-831c-47d5-8ed0-60bcddcd62ed
cf-ray
6e668ed3af619b76-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUFx23iTT9muvsxxuTreytw5I1jvmvcd0n8bNCvSHXZ10TwYuQ6fPHstX5ojAJ4q50NywiviUizfneZ3FI4sWMgGjBMWhp4gQyk2LxUsoJouM344FxpyEE40gKG5UwiTnZE%2BQ8n16LRLeDm1kGEO"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=1660133&ccu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt&pu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt%3Futm_campaign%3DEMIS%2520Russia%2520%2526%2520Ukraine%2520Daily%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D205714770%26_hsenc%3Dp2ANqtz-8DtBYK1YamcOegVyeNKU0Osifacd98cP2TVAftnA1FKqerbsJ1vOWpR5vtwOBD8meG0WyaBWwIa83ozG86-LN0kdDM9w%26utm_content%3D205716109%26utm_source%3Dhs_email&t=Form&cts=1646354399237&vi=6f3f54d97e0e338448aa44990046047f&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:39:59 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
d7e98360-14af-4871-ae68-39724e57b4c7
cf-ray
6e668ed3af629b76-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmquLMF%2FsmNI5NcygRWiMMownMvkEoGXhB9dSaKthjHeVSXszbH%2FXGJPqNvSk0F1UCmanDrrLmqgxzhSxfXs0zTqh2UWpe0G%2FP0exSOQIRA83iddCMKBbnNyqSl6QjifUPib%2By0h3sYOrVjld1iP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://share.hsforms.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 00:40:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
6f26ea05-1325-424e-b84d-d09104e00f00
x-trace
2BB0733227EE1F9E835349107645AE4DA9F0973A11000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://share.hsforms.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
cf-ray
6e668ed5f9a45c08-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isQa string| apiHubspotUrl string| formsHsFormsUrl string| perfHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| hubspot object| _hsp function| bindToWindowOnError function| OutpostErrorReporter object| HubSpotForms object| hbspt object| globalRoot undefined| hns function| defineProperties object| leadflows boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| PIXELS_RAN boolean| hubspot_live_messages_running object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

2 Cookies

Domain/Path Name / Value
.info.emis.com/ Name: __cfruid
Value: 8a21f7a0335ef8aa5990ac1b62e0844c4140d60f-1646354397
.hubspot.com/ Name: __cf_bm
Value: _XAyxV4IAnahzpmb1.fzA8oTftoOXBt5yjMxMpRghAI-1646354399-0-Abk2zcZbDC6S2RKOtqzvzO1gAYW+TNAb5piHtFdsg2ksf2qD6KGqmUZKcEdPriE2IpOjY0SdYLnzGqNQY7mKA1E=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
info.emis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
perf.hsforms.com
share.hsforms.com
static.hsappstatic.net
track.hubspot.com
2606:2c40::c73c:671d
2606:4700::6810:5805
2606:4700::6811:45b0
2606:4700::6811:6d2
2606:4700::6811:73b0
2606:4700::6811:ba49
2606:4700::6811:d5cc
2606:4700::6811:e8cc
2606:4700::6811:eecc
2606:4700::6812:14bf
2606:4700::6813:9a53
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
0704128e7b070c13fe43cf5dafb85612ce2a3ed05d936febd25693d4cd561296
0e515e0dacdea73ca06a9222857e5723da38a350f73e4a8c9623c7d716ddfc85
0e74e8023df55898fdc5f9b80056d0a2135bd3dd4767b955c998d2604f6f0264
2bea4db66d928709d6a4fc8ac5914dfd7c92249fde44cbb2994fd180af3895af
5151aa5561478930eb3beabd864c0b5d1d1a56580e96b1c2564ac9725ca12c33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221
9abbf9ab909d92d6d69da16ac1186a038b92b4f0a0f13c8f3761bc517f8c703c
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
b4a89a7b2c455f74bd7cd5f5305127caf3f6c2c1c11f7415787b51a919dba9a1
c81a7640351ef6b32199211a731eeb548c71ae17fd536db1f24247f870fa7b75
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de1df3a3f9ee36081ef1223bfa1891db40626f18e0530d0744276a90d37d3ed8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855