urlscan.io logo urlscan.io
SecurityTrails logo

share.hsforms.com Open in urlscan Pro
2606:4700::6810:5805  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phV...
Effective URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_...
Submission: On March 04 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6810:5805, located in United States and belongs to CLOUDFLARENET, US. The main domain is share.hsforms.com. The Cisco Umbrella rank of the primary domain is 129383.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.
This is the only time share.hsforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
24 13
2    2606:2c40::c73c:67e3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.emis.com
8    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
share.hsforms.com
forms.hsforms.com
perf.hsforms.com
1    2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
3    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
8 hsforms.com
share.hsforms.com — Cisco Umbrella Rank: 129383
forms.hsforms.com — Cisco Umbrella Rank: 4461
perf.hsforms.com — Cisco Umbrella Rank: 9303
17 KB
3 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2180
2 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2051
16 KB
2 emis.com
info.emis.com
4 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4008
87 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2038
20 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3167
3 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4966
22 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2209
1 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 6335
176 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 7281
3 KB
24 13
Domain Requested by
4 forms.hsforms.com share.hsforms.com
3 track.hubspot.com
3 perf.hsforms.com share.hsforms.com
3 js.hs-banner.com js.hs-scripts.com
js.hs-banner.com
2 info.emis.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com js.hsforms.net
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-scripts.com share.hsforms.com
1 js.hsforms.net share.hsforms.com
1 static.hsappstatic.net share.hsforms.com
1 share.hsforms.com info.emis.com
24 15

This site contains links to these domains. Also see Links.

Domain
www.emis.com
Subject Issuer Validity Valid
info.emis.com
Cloudflare Inc ECC CA-3		 2021-06-05 -
2022-06-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Frame ID: C107F83BEB14BA26CCDB4A124C60356E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FormForm

Page URL History Show full URLs

  1. https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-... Page URL
  2. https://info.emis.com/events/public/v1/encoded/track/tc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5... HTTP 307
    https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Dai... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

13
Domains

15
Subdomains

13
IPs

2
Countries

364 kB
Transfer

1483 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phVflW30_pPF5TM8dfV-N4ky4FlxqpW7Y5fJP5lw-ZqW39D9DB3Vn_0zW33p3M24njQtMW1_WbP11Z6GJxW8w6NzM96yC8dW39K4BS3RR59FW6tL41z8BJkSVW1MLp3N7RxfcZW6S79dq1_skTsW26cm772pgCtvN70vyfRDfZThN6-SthjjgpgjW3dd1Mw352dpmW7VkwQs5vmG3LW3z492b5lRyyVW5GSwmR1x0rfVW5J5JtC86SB0bW4dqDnV4DJ0k8W7XC6SB6qNpk1W6WJvRG4fjvsdN2cvbck3xQn3N9b7vsRD8NdqW52GHbL2cTG393kND1 Page URL
  2. https://info.emis.com/events/public/v1/encoded/track/tc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phVflW30_pPF5TM8dfV-N4ky4FlxqpW7Y5fJP5lw-ZqW39D9DB3Vn_0zW33p3M24njQtMW1_WbP11Z6GJxW8w6NzM96yC8dW39K4BS3RR59FW6tL41z8BJkSVW1MLp3N7RxfcZW6S79dq1_skTsW26cm772pgCtvN70vyfRDfZThN6-SthjjgpgjW3dd1Mw352dpmW7VkwQs5vmG3LW3z492b5lRyyVW5GSwmR1x0rfVW5J5JtC86SB0bW4dqDnV4DJ0k8W7XC6SB6qNpk1W6WJvRG4fjvsdN2cvbck3xQn3N9b7vsRD8NdqW52GHbL2cTG393kND1?_ud=70fbcc01-9bc2-4fdc-9a89-c44108c40760&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phVflW30_pPF5TM8dfV-N4ky4FlxqpW7Y5fJP5lw-ZqW39D9DB3Vn_0zW33p3M24njQtMW1_WbP11Z6GJxW8w6NzM96yC8dW39K4BS3RR59FW6tL41z8BJkSVW1MLp3...
info.emis.com/e3t/Btc/WX+113/cbykc04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phVflW30_pPF5TM8dfV-N4ky4FlxqpW7Y5fJP5lw-ZqW39D9DB3Vn_0zW33p3M24njQtMW1_WbP11Z6GJxW8w6NzM96yC8dW39K4BS3RR59FW6tL41z8BJkSVW1MLp3N7RxfcZW6S79dq1_skTsW26cm772pgCtvN70vyfRDfZThN6-SthjjgpgjW3dd1Mw352dpmW7VkwQs5vmG3LW3z492b5lRyyVW5GSwmR1x0rfVW5J5JtC86SB0bW4dqDnV4DJ0k8W7XC6SB6qNpk1W6WJvRG4fjvsdN2cvbck3xQn3N9b7vsRD8NdqW52GHbL2cTG393kND1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
content-type
text/html;charset=utf-8
cf-ray
6e66a5a8789d375f-MXP
last-modified
Fri, 04 Mar 2022 00:55:35 GMT
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
f5b60866-d498-44f7-b650-be4551b936ba
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ5%2FYlebXmBnqo5SV0OCdC75ZA6q7D%2FiY3yM5%2F0oJFDOcO%2BU%2FoPh3Gh%2BfJZb9fzhy7mFjZYjoR%2BEk5oFITUboCOPkMOXNH9akHcit80MPty%2FvClMImn3f%2FiNfO1rtmNYHrq0C6h76difN%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request 1K1wwTrdsROyKCm8nRhhzUwzkyt
share.hsforms.com/
Redirect Chain
  • https://info.emis.com/events/public/v1/encoded/track/tc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phVflW30_pPF5TM8dfV-N4ky4FlxqpW7Y5fJP5lw-ZqW39D9DB3Vn_0z...
  • https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14...
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Requested by
Host: info.emis.com
URL: https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phVflW30_pPF5TM8dfV-N4ky4FlxqpW7Y5fJP5lw-ZqW39D9DB3Vn_0zW33p3M24njQtMW1_WbP11Z6GJxW8w6NzM96yC8dW39K4BS3RR59FW6tL41z8BJkSVW1MLp3N7RxfcZW6S79dq1_skTsW26cm772pgCtvN70vyfRDfZThN6-SthjjgpgjW3dd1Mw352dpmW7VkwQs5vmG3LW3z492b5lRyyVW5GSwmR1x0rfVW5J5JtC86SB0bW4dqDnV4DJ0k8W7XC6SB6qNpk1W6WJvRG4fjvsdN2cvbck3xQn3N9b7vsRD8NdqW52GHbL2cTG393kND1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abbf9ab909d92d6d69da16ac1186a038b92b4f0a0f13c8f3761bc517f8c703c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://info.emis.com/e3t/Btc/WX+113/cbykc04/VWsSVz2_Y_l4W3sH1dJ1-8wWlW5n2k0f4GcrjfN6R-BZB3q3n_V1-WJV7CgKCZW2vQJWs2phVflW30_pPF5TM8dfV-N4ky4FlxqpW7Y5fJP5lw-ZqW39D9DB3Vn_0zW33p3M24njQtMW1_WbP11Z6GJxW8w6NzM96yC8dW39K4BS3RR59FW6tL41z8BJkSVW1MLp3N7RxfcZW6S79dq1_skTsW26cm772pgCtvN70vyfRDfZThN6-SthjjgpgjW3dd1Mw352dpmW7VkwQs5vmG3LW3z492b5lRyyVW5GSwmR1x0rfVW5J5JtC86SB0bW4dqDnV4DJ0k8W7XC6SB6qNpk1W6WJvRG4fjvsdN2cvbck3xQn3N9b7vsRD8NdqW52GHbL2cTG393kND1

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
content-type
text/html; charset=utf-8
x-amz-replication-status
COMPLETED
last-modified
Mon, 07 Feb 2022 08:23:43 UTC
x-amz-server-side-encryption
AES256
x-amz-meta-ao
{"allowIFrame":"tbd","reportOnly":{"allowIFrame":"self"}}
x-amz-version-id
VtfdVuIRxHSPk71Fxf8.zyJ_BRAxI5os
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-amz-cf-id
Rx_QP4oH3HrxmD8vbRHgN0M7SWYQxjpvQLfcMIQxZUOdz3IHh_0GuQ==
age
2359
access-control-allow-credentials
false
cache-control
max-age=600
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-submission-pages/static-1.1659/html/share.html&cfRay=6e66a5ae6fc559dd-IAD
x-hs-target-asset
forms-submission-pages/static-1.1659/html/share.html
x-hs-cache-status
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
6e66a5ae6fc559dd-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 04 Mar 2022 00:55:35 GMT
location
https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
cf-ray
6e66a5ad0cd7375f-MXP
link
<https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
8df4deb8-92c4-4096-80e3-e1658757b311
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVJSdTxVONMzBzjqTfB%2Bkpk1804UTP5SdUR%2FFxqxhT4d7CdCIdQv9sPl%2Bl3Ns%2BvwKveZdIMcFWKE3RJujZVsQz8yJG2OLQ6nEIFmvAK%2FI5fgJfX4%2B6S1NPVwh88lqYqCne87LbOT4Vv2N7c%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
share-legacy.js
static.hsappstatic.net/forms-submission-pages/static-1.1659/bundles/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/forms-submission-pages/static-1.1659/bundles/share-legacy.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a89a7b2c455f74bd7cd5f5305127caf3f6c2c1c11f7415787b51a919dba9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2133069
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 04 Feb 2022 22:22:17 GMT
server
cloudflare
etag
W/"25f8e8189802de8808942662c474f69e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7U4mUKT%2FXL%2FUCXxJcYKz%2FqzxqCvhwgKujwiOqv4waG8H0JfdVeIeikws3MkyBlZtJ0bzuQUW6V6d2knPabNFjVgwQAn79iS8zMU4v%2FdaKhCv62tdaOAJTaQcM8Ux4Wo6gBU7ICtvtFFwK4lYs1VipFetAo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
2_9iIUXUTs7vKtd32RW4yxFF_T8v3WYG
cache-control
public, max-age=31536000
x-amz-cf-pop
MXP63-P3
cf-ray
6e66a5b019e159bf-MXP
x-amz-cf-id
oYYdsy2UAoJ5fpb_TJ5TJHo510kohWhPLz3o-shKBtWMANqZfM7jJQ==
expires
Sat, 04 Mar 2023 00:55:35 GMT
json
forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://share.hsforms.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
content-type
text/plain; charset=utf-8
content-length
18
x-trace
2B99AB06CC6584D67986A9F1E75B15E27249E7F56F000000000000000000
allow
HEAD,GET,OPTIONS
vary
Accept-Encoding
x-hubspot-correlation-id
b845424c-1a3f-4473-937b-357a1abcd61e
access-control-allow-origin
https://share.hsforms.com
access-control-allow-methods
OPTIONS, GET
access-control-allow-headers
content-type
access-control-allow-credentials
false
access-control-max-age
180
cache-control
max-age=0, no-cache, no-store
x-robots-tag
none
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
6e66a5afce4959fb-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
new-embed-script.js
js.hsforms.net/forms/ 		622 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/new-embed-script.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1df3a3f9ee36081ef1223bfa1891db40626f18e0530d0744276a90d37d3ed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
via
1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.1709/bundles/project.js&cfRay=6e66a5afce3559ef-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Feb 2022 10:01:23 UTC
server
cloudflare
etag
W/"f14e8ed9552278470de5307a04782fb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkmfOyYpE65gZDJNtTyCWkWe8iBXQUb1KSlFuCSBYmfLBIcAK3oSvous%2FZRKD2HRCvy6%2FsDjcOS29pKFjZA4k0tNqLJnqrQOlO4grP5j9btSDyEZ5LjjdBexqVdrdtemJI6%2FtaizdbMBG716"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
4TWNmPon_8V3kMAGr7L60rGf7qxXPrPz
access-control-allow-origin
*
cache-control
max-age=600
x-hs-cache-status
HIT
cf-ray
6e66a5afce3559ef-MXP
x-amz-cf-id
p9qnHLM6ILnOKYKgrkm-FgqO-nokctX_nVcHFbv9XrioGhg41O2ZPg==
x-hs-target-asset
forms-embed/static-1.1709/bundles/project.js
json
forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/ 		76 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/1660133/2b5c304e-b76c-44ec-8a0a-6f2746187353/json
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4553d03d6172c94160f6889b5be9a91c2146d2ab1885985cdc177f508e63efd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://share.hsforms.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
bf5fa5c8-e9fb-4d71-a539-6c25ea33fc4f
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
none
server
cloudflare
x-trace
2B6F7BED9D81F4D565A2CFDB919BF0A332BAD9ACEA000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6e66a5b0a80659fb-MXP
access-control-allow-headers
*
1660133.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/1660133.js
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8788927c496b509cff39272803233f58881809006a8b88a6638f35aa8853589f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
7011d66b-c9b2-49e7-994e-68537d8b9067
last-modified
Fri, 04 Mar 2022 00:29:06 GMT
server
cloudflare
x-trace
2BED0105D2DC9C0F56EEF852C221A27540927C739E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://share.hsforms.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6e66a5afdf4b0dfe-MXP
expires
Fri, 04 Mar 2022 00:56:35 GMT
conversations-embed.js
js.usemessages.com/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bea4db66d928709d6a4fc8ac5914dfd7c92249fde44cbb2994fd180af3895af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
via
1.1 1b6db55df4d0459558669f7d008cda9c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
396
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9719/bundles/project.js&cfRay=6e669c00d8c0374d-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 01 Mar 2022 07:23:13 UTC
server
cloudflare
etag
W/"85c4f9fe96740daa235a2cd1f8c2cfcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
XRjafJw7fIUN0n4RHORPrPOpV4wf53ae
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6e66a5b0ffa03753-MXP
x-amz-cf-id
6pOsnSUW2MQTJ-X8n5tO1_4iQzMS_UX250rY4ev9fK5nCy8Q3d734w==
x-hs-target-asset
conversations-embed/static-1.9719/bundles/project.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e74e8023df55898fdc5f9b80056d0a2135bd3dd4767b955c998d2604f6f0264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
via
1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
196
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.267/bundles/pixels-release.js&cfRay=6e66a0e57fc959d7-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 22 Feb 2022 02:08:45 UTC
server
cloudflare
etag
W/"06eb4f66eb63af900e184afb62a0e749"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
qWKNTxbLt9Op0SuQkozrcwC2H7kJu2oM
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6e66a5b10d1959d1-MXP
x-amz-cf-id
9bLHSQXLJqZ-PeUrczEiro5vYf37TP9LZlQxYShHeVPcSPqDSamlCA==
x-hs-target-asset
adsscriptloaderstatic/static-1.267/bundles/pixels-release.js
1660133.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/1660133.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81a7640351ef6b32199211a731eeb548c71ae17fd536db1f24247f870fa7b75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
W0R43DMDGW43P56Y
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
CGUiWlRElb3NK3z6Tf1IT60cXwO0UZMdr2eCT3E0Hm+S5mFXo7c+sQ+MiGGmYjmobvfxsS+da+Q=
timing-allow-origin
*
last-modified
Thu, 17 Feb 2022 20:42:17 GMT
server
cloudflare
etag
W/"ad74b27cc8f6a3e6c39c66aedc9e5a10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
PMKoe6dx3rMgnkUgYeDUB875GVMptxgB
access-control-allow-origin
https://www.emis.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6e66a5b13a2a83a0-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 04 Mar 2022 01:00:36 GMT
1660133.js
js.hs-analytics.net/analytics/1646355300000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1646355300000/1660133.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0704128e7b070c13fe43cf5dafb85612ce2a3ed05d936febd25693d4cd561296

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
XJASFSZDD6SEGCGW
x-amz-server-side-encryption
AES256
cf-ray
6e66a5b10a37374c-MXP
x-amz-id-2
8MFJCJEMIv5gCnqSEPu7/d9rjxTpEtSrCZbDXbmEryZeMHO0rLZkKLbW3bECBT8kxdxJDdUXEPw=
last-modified
Thu, 24 Feb 2022 12:05:48 GMT
server
cloudflare
etag
W/"d8d370e254a875cf40f3d3a3ef42f25e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Fri, 04 Mar 2022 01:00:35 GMT
leadflows.js
js.hsleadflows.net/ 		534 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221

Request headers

Referer
https://share.hsforms.com/
Origin
https://share.hsforms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:35 GMT
via
1.1 9349b115ae66d16aae68deb9bb5eebc2.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
53726
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js&cfRay=6e618605099d59f5-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 01 Mar 2022 09:57:40 UTC
server
cloudflare
etag
W/"57a8210ba9519a68ae76dcc1857db0f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
qE7M39zrJ2dCa.o34UdW.NnTPVZDG9U3
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
6e66a5b1093a59b9-MXP
x-amz-cf-id
SC7a4Uiv8sNhz3amTGtdi3751q3-q248v2oOoZ9oHZtLS6DOI383YA==
x-hs-target-asset
lead-flows-js/static-1.1080/bundle/main/lead-flows-release.js
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-DEFINITION_SUCCESS&count=1
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
9eaa55d2-94dc-4aab-87ba-4a76bdcf401e
x-trace
2BC8B930AB2C5743A6DAA673F7DB8412C3948FA1F2000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e66a5b1ee240f6a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/new-embed-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 00:18:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 04 Mar 2022 00:55:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Mar 2022 00:55:35 GMT
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=embed-script&valueInMs=231.89999961853027
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
01e2b3cd-2c13-4c5d-ba1b-55d8d0daf9fc
cf-ray
6e66a5b1fcc759dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Fri, 04 Mar 2022 00:55:36 GMT
server
cloudflare
x-trace
2BEBFFCEE72885269F87DBC00F2C8CBE42CF2083A1000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=fetch-definition&valueInMs=337.5999984741211
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
7f709a98-84f1-400f-bd63-95a1a7725ca5
cf-ray
6e66a5b1fccb59dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Fri, 04 Mar 2022 00:55:36 GMT
server
cloudflare
x-trace
2B71834746C6049DAC79799368651434275024F8CF000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
timings.gif
perf.hsforms.com/embed/v3/ 		35 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/timings.gif?key=render&valueInMs=26.600000381469727
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
d0ae2f9c-77bc-4f7e-9c38-c2855c073e61
cf-ray
6e66a5b1fcca59dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Fri, 04 Mar 2022 00:55:36 GMT
server
cloudflare
x-trace
2BCBCB1BD17D317210C456AC3074CF892D1E0597FE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-RENDER_SUCCESS&count=1
Requested by
Host: share.hsforms.com
URL: https://share.hsforms.com/1K1wwTrdsROyKCm8nRhhzUwzkyt?utm_campaign=EMIS%20Russia%20%26%20Ukraine%20Daily%20Newsletter&utm_medium=email&_hsmi=205714770&_hsenc=p2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q&utm_content=205716109&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
4555f67c-b955-4368-84f6-9b8e637ff663
x-trace
2B1A5236AFD4429CB9C34248A4970DB9501AE84B12000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e66a5b1fe310f6a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-robots-tag
none
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://share.hsforms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 06:04:00 GMT
x-content-type-options
nosniff
age
240696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 06:04:00 GMT
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://share.hsforms.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
content-type
application/octet-stream
content-length
0
access-control-allow-origin
https://share.hsforms.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e66a5b53ac583be-MXP
__ptq.gif
track.hubspot.com/ 		45 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=2b5c304e-b76c-44ec-8a0a-6f2746187353&fci=84848c3b-ae62-4e3b-a224-b18a11fb3cd1&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=1660133&ccu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt&pu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt%3Futm_campaign%3DEMIS%2520Russia%2520%2526%2520Ukraine%2520Daily%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D205714770%26_hsenc%3Dp2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q%26utm_content%3D205716109%26utm_source%3Dhs_email&t=Form&cts=1646355336446&vi=c8b1414d3a5794f8b8e7328e525fc617&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
552e5a18-2022-4b76-a565-e57e6cbbee30
cf-ray
6e66a5b52e7e0e0e-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vx63JpZZZZKPdiA37b874EYr7rC2k5oZCvB%2B882pHfmCvFIv4pCuvNsty2EHqCPDFx9xOMfQkIxOFM6%2Bs%2FzqGS5SmqCj9lOu3JyMoAM2u2C5inRUDSLv5O9q8ylOdvgetcIpPQo%2B5BgdyR95Abfr"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=2b5c304e-b76c-44ec-8a0a-6f2746187353&fci=84848c3b-ae62-4e3b-a224-b18a11fb3cd1&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=1660133&ccu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt&pu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt%3Futm_campaign%3DEMIS%2520Russia%2520%2526%2520Ukraine%2520Daily%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D205714770%26_hsenc%3Dp2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q%26utm_content%3D205716109%26utm_source%3Dhs_email&t=Form&cts=1646355336447&vi=c8b1414d3a5794f8b8e7328e525fc617&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
2609f747-c1a6-4687-ba38-a841d23dce0e
cf-ray
6e66a5b52e800e0e-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbkOQmKiuxAfSOkY3Vv8IEt7HR%2BeLIhpWJTHvDTXCAwtU1rhPdOYU4rSqZ42IpzZdp%2FF375yJHjVZs%2BZTyaTQwaeI%2BhP1tL3soI2qsJBldae5A0OwxwLD6BvR6ImSJlhXdVhe4av1fbqAK5ZQ2wz"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2203515711&v=1.1&a=1660133&ccu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt&pu=https%3A%2F%2Fshare.hsforms.com%2F1K1wwTrdsROyKCm8nRhhzUwzkyt%3Futm_campaign%3DEMIS%2520Russia%2520%2526%2520Ukraine%2520Daily%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D205714770%26_hsenc%3Dp2ANqtz-8jKeIB-QEvWSBWJoRgRLcV1NkaTWO14al6RR0PzwnENj-WTFPUpA29yCetplRCnsLzNsvx7jmSQT-STRdQ6M1VE5Kt9Q%26utm_content%3D205716109%26utm_source%3Dhs_email&t=Form&cts=1646355336448&vi=c8b1414d3a5794f8b8e7328e525fc617&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://share.hsforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 00:55:36 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
f0e9d3fa-07a0-43de-ac83-77374b35785b
cf-ray
6e66a5b52e820e0e-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBf%2BqhMv5TuMz0UWworGSTo7ppYEQ6AAwJdgGsQ55vU7uPQv4%2BMs2LetQbQF2I0GiunkVdWn1260ewD1C5BqB9A%2ForyddAUlC4g8GNWYrkSubpEd1vtLJsWlG7PBYSe%2FPA7koVTJVOiPOptiCYES"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/1660133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://share.hsforms.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Fri, 04 Mar 2022 00:55:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
88fc4322-5e18-49c6-87cd-3b58c5582033
x-trace
2B85CA84C06F784EB6218D4A548E0845AD2095C62A000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://share.hsforms.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
cf-ray
6e66a5b7ee1383be-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| hsFormsOnReady object| _hsq object| disabledHsPopups boolean| isQa string| apiHubspotUrl string| formsHsFormsUrl string| perfHsFormsUrl string| jsHsFormsUrl string| jsHsScriptsUrl object| hs_RequestParams object| hubspot object| _hsp function| bindToWindowOnError function| OutpostErrorReporter object| HubSpotForms object| hbspt boolean| PIXELS_RAN boolean| hubspot_live_messages_running object| globalRoot undefined| hns function| defineProperties object| leadflows boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

2 Cookies

Domain/Path Name / Value
.info.emis.com/ Name: __cfruid
Value: d11ffc6e64028ca40bd5da351f5812e11d85cc17-1646355335
.hubspot.com/ Name: __cf_bm
Value: NoZN_o60ydN6F4m3kHAAo3iaQ2E3U4nHiJH.nesSCGc-1646355336-0-AbeZ7DJHbPqffTRbioKqxO9QUX2pL/Et/Q7Gi7cVa/kIap3V24AuYsnAxuUdKQz9RFIURM45brNfzDri0pOIKq0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
info.emis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
perf.hsforms.com
share.hsforms.com
static.hsappstatic.net
track.hubspot.com
2606:2c40::c73c:67e3
2606:4700::6810:5805
2606:4700::6811:43b0
2606:4700::6811:70b0
2606:4700::6811:7d2
2606:4700::6811:ba49
2606:4700::6811:d6cc
2606:4700::6811:e7cc
2606:4700::6811:eecc
2606:4700::6812:15bf
2606:4700::6813:9a53
2a00:1450:4001:803::2003
2a00:1450:4001:82b::200a
0704128e7b070c13fe43cf5dafb85612ce2a3ed05d936febd25693d4cd561296
0e74e8023df55898fdc5f9b80056d0a2135bd3dd4767b955c998d2604f6f0264
2bea4db66d928709d6a4fc8ac5914dfd7c92249fde44cbb2994fd180af3895af
4553d03d6172c94160f6889b5be9a91c2146d2ab1885985cdc177f508e63efd5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8788927c496b509cff39272803233f58881809006a8b88a6638f35aa8853589f
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
947d6c755989ac2b8e761deb8f7c3d38c30f9e01ce86b4ce1c8f3a2e1d1e5221
9abbf9ab909d92d6d69da16ac1186a038b92b4f0a0f13c8f3761bc517f8c703c
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
b4a89a7b2c455f74bd7cd5f5305127caf3f6c2c1c11f7415787b51a919dba9a1
c81a7640351ef6b32199211a731eeb548c71ae17fd536db1f24247f870fa7b75
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de1df3a3f9ee36081ef1223bfa1891db40626f18e0530d0744276a90d37d3ed8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855