urlscan.io logo urlscan.io
SecurityTrails logo

go.onapsis.com Open in urlscan Pro
3.92.120.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/...
Submission: On November 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 40 HTTP transactions. The main IP is 3.92.120.28, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.onapsis.com.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.
This is the only time go.onapsis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 3.92.120.28 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.117.30.33 396982 (GOOGLE-CL...)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.24 16509 (AMAZON-02)
1 18.66.122.74 16509 (AMAZON-02)
5 63.35.70.148 16509 (AMAZON-02)
1 3.215.172.219 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
40 19
4    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
go.onapsis.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:7100::1720:ef23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    34.117.30.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.30.117.34.bc.googleusercontent.com
pageimprove.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.32.27.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-24.fra56.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
assets-tracking.crazyegg.com
5    63.35.70.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-70-148.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com
pi.pardot.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
13 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2260
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5140
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5120
tracking.crazyegg.com — Cisco Umbrella Rank: 4127
76 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
px4.ads.linkedin.com — Cisco Umbrella Rank: 6003
2 KB
4 onapsis.com
go.onapsis.com
15 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
564 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3040
701 B
2 pageimprove.io
pageimprove.io — Cisco Umbrella Rank: 62217
5 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 778
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
178 KB
1 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4656
1 KB
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
908 B
40 12
Domain Requested by
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 tracking.crazyegg.com script.crazyegg.com
4 go.onapsis.com go.onapsis.com
3 px.ads.linkedin.com 2 redirects snap.licdn.com
2 www.google.de go.onapsis.com
2 px4.ads.linkedin.com go.onapsis.com
2 pageimprove.io go.onapsis.com
pageimprove.io
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 www.googletagmanager.com go.onapsis.com
www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 pi.pardot.com go.onapsis.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 www.google.com go.onapsis.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com go.onapsis.com
40 18

This site contains no links.

Subject Issuer Validity Valid
go.onapsis.com
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-09 -
2024-03-08		 a year crt.sh
pageimprove.io
GTS CA 1D4		 2023-10-29 -
2024-01-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Frame ID: 64306C37EDA2BF0130881F940D982199
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Are you sure you want to leave?

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

40
Requests

83 %
HTTPS

61 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

333 kB
Transfer

905 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://px.ads.linkedin.com/collect/?pid=503045572&conversionId=4600969&fmt=gif&cb=1701182876472 HTTP 302
  • https://px4.ads.linkedin.com/collect?pid=503045572&conversionId=4600969&fmt=gif&cb=1701182876472&e_ipv6=AQId7aDKqmKHWQAAAYwWZqvPGiIoktQwR0ou9eptK3oada3GufwGalwHi2Q6BaXcfV9ezhQ4WVXs
Request Chain 14
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=233121&time=1701182876588&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=233121&time=1701182876588&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&e_ipv6=AQIKxfwwA1t5FAAAAYwWZqwL26PWObd6n_7Ag9fJfmuykYX003ig9568cBZkLigrVowgnG5KGbHU

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 968609137
go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
f8f86d18c827f3f28b145cd5acac1b94862d2343043c3250d466c7a54e7f62e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
1604
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 14:47:56 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
referrer-policy
no-referrer
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1
x-robots-tag
nofollow, noindex
css
fonts.googleapis.com/ 		2 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
838fcf38d188c20c103e6e3cc1902ad8cca9e7446018d88a5c25d531f67402aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 14:47:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 14:47:56 GMT
form.css
go.onapsis.com/css/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.onapsis.com/css/form.css?ver=2021-09-20
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
last-modified
Tue, 28 Nov 2023 05:21:31 GMT
Server
PardotServer
etag
"7be2-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
text/css
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
7660
expires
Thu, 27 Nov 2025 14:47:56 GMT
gtm.js
www.googletagmanager.com/ 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T6B79CK
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73a0135555bad9844d1c68375a4529ae0eb1fad53bdd8226965437de2a3d4654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91171
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 14:47:56 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.onapsis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Fri, 24 Nov 2023 09:02:56 GMT
x-content-type-options
nosniff
age
366300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 09:02:56 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6B79CK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3a7ff26e3fea300cdd6456f976a6b7ac113ebc0e88891359313d02f448213ffe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 10:31:24 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=70969
accept-ranges
bytes
content-length
3840
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/752136785/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/752136785/?random=1701182876470&cv=11&fst=1701182876470&bg=ffffff&guid=ON&async=1&gtm=45He3b81v811990233&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&hn=www.googleadservices.com&frm=0&tiba=Are%20you%20sure%20you%20want%20to%20leave%3F&auid=33966699.1701182876&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6B79CK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25d3b537aadb0995944118e561e9e4544a22fc35125dae5e7f9755abf8e6fc5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3899.js
script.crazyegg.com/pages/scripts/0106/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0106/3899.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6B79CK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0067ebca1e46ceab5ed15fde6dde0575b30f67523099a32221600d488f46de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7831
cf-polished
origSize=5984
ce-version
11.5.152
cf-bgj
minify
last-modified
Tue, 28 Nov 2023 12:37:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
82d368b25a8c9235-FRA
/
pageimprove.io/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pageimprove.io/
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.30.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.30.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7522c2cf228f80d9b1af1172f45d04b729d43dd8b9fc7cccb06eee2dd9629fed

Request headers

Referer
Origin
https://go.onapsis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:38:32 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1683295904
age
564
x-guploader-uploadid
ABPtcPq3mH_qEhJK9cwGeclcYHNlH8AQR08dsU2EtDI7_CNBykFyE9vAArqvdFDeoxEvIj8w3Yk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4157
last-modified
Fri, 05 May 2023 14:16:37 GMT
server
UploadServer
etag
"432676a5846e294b1a77d1170fa3e21a"
vary
Accept-Encoding
x-goog-generation
1683296197265863
x-goog-hash
crc32c=b8Pcnw==, md5=QyZ2pYRuKUsad9EXD6PiGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
4157
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 28 Nov 2023 15:38:32 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?pid=503045572&conversionId=4600969&fmt=gif&cb=1701182876472
  • https://px4.ads.linkedin.com/collect?pid=503045572&conversionId=4600969&fmt=gif&cb=1701182876472&e_ipv6=AQId7aDKqmKHWQAAAYwWZqvPGiIoktQwR0ou9eptK3oada3GufwGalwHi2Q6BaXcfV9ezhQ4WVXs
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?pid=503045572&conversionId=4600969&fmt=gif&cb=1701182876472&e_ipv6=AQId7aDKqmKHWQAAAYwWZqvPGiIoktQwR0ou9eptK3oada3GufwGalwHi2Q6BaXcfV9ezhQ4WVXs
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 418E7488CA1148C28530A578808368F8 Ref B: FRAEDGE1516 Ref C: 2023-11-28T14:47:56Z
linkedin-action
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
content-type
image/gif
x-li-proto
http/2
content-length
65
x-li-uuid
AAYLN4ETtr7YmqSvTONBbQ==

Redirect headers

date
Tue, 28 Nov 2023 14:47:56 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4F4E4C1A725C4A188BAEEA3BB6BD86CE Ref B: DUS30EDGE0710 Ref C: 2023-11-28T14:47:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?pid=503045572&conversionId=4600969&fmt=gif&cb=1701182876472&e_ipv6=AQId7aDKqmKHWQAAAYwWZqvPGiIoktQwR0ou9eptK3oada3GufwGalwHi2Q6BaXcfV9ezhQ4WVXs
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLN4EPCzE1Sh2HdHq9Rw==
/
www.google.com/pagead/1p-user-list/752136785/ 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/752136785/?random=1701182876470&cv=11&fst=1701180000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v811990233&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&frm=0&tiba=Are%20you%20sure%20you%20want%20to%20leave%3F&fmt=3&is_vtc=1&cid=CAQSGwDICaaNr_sYix35BQo9n_mqfpRmjftpaUM_JA&random=1976768130&rmt_tld=0&ipr=y
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 14:47:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/752136785/ 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/752136785/?random=1701182876470&cv=11&fst=1701180000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v811990233&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&frm=0&tiba=Are%20you%20sure%20you%20want%20to%20leave%3F&fmt=3&is_vtc=1&cid=CAQSGwDICaaNr_sYix35BQo9n_mqfpRmjftpaUM_JA&random=1976768130&rmt_tld=1&ipr=y
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 14:47:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
357f14f0abddc3ed61b762973944e3b89e20b215e6565eaeea072740b44ae4c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 10:31:24 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=71034
accept-ranges
bytes
content-length
15714
0.json
pageimprove.io/s/9c05ffb8-2432-4b2b-898e-f12358dfd768/go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pageimprove.io/s/9c05ffb8-2432-4b2b-898e-f12358dfd768/go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137/0.json?version=1.0.0
Requested by
Host: pageimprove.io
URL: https://pageimprove.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.30.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.30.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 14:47:56 GMT
cache-control
public, max-age=120
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET
go.onapsis.com.json
script.crazyegg.com/pages/data-scripts/0106/3899/site/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0106/3899/site/go.onapsis.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/3899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07626408ac06430eebe7282b74a4e581080d10325bc51a36075d7bb0750ec9a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6001
ce-version
11.5.152
content-length
2197
last-modified
Tue, 28 Nov 2023 13:07:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82d368b2d84d65be-FRA
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=233121&time=1701182876588&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610a...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=233121&time=1701182876588&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610...
0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=233121&time=1701182876588&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&e_ipv6=AQIKxfwwA1t5FAAAAYwWZqwL26PWObd6n_7Ag9fJfmuykYX003ig9568cBZkLigrVowgnG5KGbHU
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F35E94702D9A443EB3C3BA2562ED824E Ref B: FRAEDGE1516 Ref C: 2023-11-28T14:47:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLN4ETtQwWEHi5+dyiFg==

Redirect headers

date
Tue, 28 Nov 2023 14:47:56 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1D0F5B7E0DF9407D804B6EA4F48E6727 Ref B: DUS30EDGE0710 Ref C: 2023-11-28T14:47:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=233121&time=1701182876588&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&e_ipv6=AQIKxfwwA1t5FAAAAYwWZqwL26PWObd6n_7Ag9fJfmuykYX003ig9568cBZkLigrVowgnG5KGbHU
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLN4EP8NpwJ+X928XxXg==
5eed7f6c8e63a2eb03636c01fb3fb7b2.js
script.crazyegg.com/pages/versioned/common-scripts/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/5eed7f6c8e63a2eb03636c01fb3fb7b2.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/3899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e479daac2ce514ef31b888f7c8b46b90c075a2fab2768f4d3abb3d96725f37f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 15:38:07 GMT
server
cloudflare
age
72219
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82d368b31aff9235-FRA
content-length
31874
go.onapsis.com.json
script.crazyegg.com/pages/data-scripts/0106/3899/sampling/ 		154 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0106/3899/sampling/go.onapsis.com.json?t=472550
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5eed7f6c8e63a2eb03636c01fb3fb7b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c144135f0d1deb045e395f3a434c264fa3d9bfb3091e5a1658815e3e1eb3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5829
ce-version
11.5.152
content-length
143
last-modified
Tue, 28 Nov 2023 13:10:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82d368b348cb65be-FRA
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5eed7f6c8e63a2eb03636c01fb3fb7b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
6008669
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
1DS8xcb8bzDqUmTeb6cwD5_SqYrHFvJCMJ9fwx3aGpXmsy-rvNZ9_A==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5eed7f6c8e63a2eb03636c01fb3fb7b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Sat, 19 Aug 2023 04:00:49 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
8765228
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
40wMa4CfIxuXJYy4o2YW6xpAMYd-DtM8WvnmlR_ZaBHwpWWamfdshQ==
ab1ff8eb-38db-4bf9-9236-a68bca310e01
https://go.onapsis.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://go.onapsis.com/ab1ff8eb-38db-4bf9-9236-a68bca310e01
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/ 		30 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1701182876829&tk=f05b4f5450cb80a5c3adcd19711e831c&s=385440&p=%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&u=1063899&v=74a1567ce8f6f8ea60a0e61544ae7589c50c255b&f=go.onapsis.com%2Flistunsubscribeheader%2Fu%2F*%2F*%2F*&ul=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5eed7f6c8e63a2eb03636c01fb3fb7b2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-70-148.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
64010549d891a8e75be02810b513850ab1396e77f923746a81f5272531bb17f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 14:47:57 GMT
cache-control
no-store
server
awselb/2.0
content-length
30
content-type
text/plain
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/3899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 15:38:18 GMT
server
cloudflare
age
72219
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82d368b59c939235-FRA
content-length
8025
57249da5-1b1f-433b-86cc-24a65c752868
https://go.onapsis.com/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://go.onapsis.com/57249da5-1b1f-433b-86cc-24a65c752868
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d16934ea19112ed9998b70aa3d2207e6cb4a18162bc6135fda45a17c6ec6cef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length
241
Content-Type
text/javascript
/
px.ads.linkedin.com/wa/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 14:47:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F7D709D1A129420F943F96DEB175EE3E Ref B: DUS30EDGE0710 Ref C: 2023-11-28T14:47:57Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://go.onapsis.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYLN4EXKDY9l7Yqm5kboQ==
fb6b2c9922f0fc0cfc17e642c41aafa6.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/fb6b2c9922f0fc0cfc17e642c41aafa6.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/3899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c44faa5219c63be035fb0eb18bd9dca99ace6f12f8246721b7776bc2536131

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 15:38:15 GMT
server
cloudflare
age
72218
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82d368b5ccb49235-FRA
content-length
30703
v11
tracking.crazyegg.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1063899&st=385440&ss=1e589c30-8dfd-11ee-bb30-1393969d2b3c&p=0b666d30fc3071e3cbceebf3dbf62a94&tk=f05b4f5450cb80a5c3adcd19711e831c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-70-148.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://go.onapsis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
content-length
0
content-type
application/octet-stream
date
Tue, 28 Nov 2023 14:47:57 GMT
server
awselb/2.0
v11
tracking.crazyegg.com/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1063899&st=385440&ss=1e589c30-8dfd-11ee-bb30-1393969d2b3c&p=0b666d30fc3071e3cbceebf3dbf62a94&tk=f05b4f5450cb80a5c3adcd19711e831c
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5eed7f6c8e63a2eb03636c01fb3fb7b2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-70-148.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type
application/gzip

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 14:47:57 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
aed5547f-8a41-4b40-8710-56fa44ceff59
https://go.onapsis.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://go.onapsis.com/aed5547f-8a41-4b40-8710-56fa44ceff59
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d372edb49a5ae087d8e451fa0560c2439b3a836c09c9d2a083800e10b190c2f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length
5451
Content-Type
41a56455-fe17-4104-9410-6ce00edfbb2c
https://go.onapsis.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://go.onapsis.com/41a56455-fe17-4104-9410-6ce00edfbb2c
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a996996ec921d516899c0d3df103e5eca5a71cf9afec9c057ae240e11ab7be

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length
4517
Content-Type
bc60755a-30f5-42c2-abe1-2faf24e30e2a
https://go.onapsis.com/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://go.onapsis.com/bc60755a-30f5-42c2-abe1-2faf24e30e2a
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27679f83066894b3641524b2746e25ae2dd7c6b635ab7f2f7506223a74173f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length
1604
Content-Type
text/javascript
pd.js
go.onapsis.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.onapsis.com/pd.js
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/listUnsubscribeHeader/u/127021/ef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae/968609137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Tue, 28 Nov 2023 14:47:57 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
last-modified
Tue, 28 Nov 2023 05:21:31 GMT
Server
PardotServer
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Thu, 27 Nov 2025 14:47:57 GMT
analytics
go.onapsis.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.onapsis.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=128021&title=Are%20you%20sure%20you%20want%20to%20leave%3F&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&referrer=
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
f4c26047c70a5ca144ea220685d68f0ecdb58e353bcf4d0d1e0b48bfc3b123ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
Date
Tue, 28 Nov 2023 14:47:57 GMT
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1439
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
pi.pardot.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?conly=true&visitor_id=583440019&visitor_id_sign=2ac04d0f698c6d7839aa6219812acd6f1992cc33c2ab516d423327c6b91faeb433abc167cb6422fae5673d17bcfabd099ac63c6e&pi_opt_in=&campaign_id=40411&account_id=128021&title=Are%20you%20sure%20you%20want%20to%20leave%3F&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&referrer=
Requested by
Host: go.onapsis.com
URL: https://go.onapsis.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=128021&title=Are%20you%20sure%20you%20want%20to%20leave%3F&url=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-172-219.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
Date
Tue, 28 Nov 2023 14:47:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
v11
tracking.crazyegg.com/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1063899&st=385440&ss=1e589c30-8dfd-11ee-bb30-1393969d2b3c&p=0b666d30fc3071e3cbceebf3dbf62a94&tk=f05b4f5450cb80a5c3adcd19711e831c
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5eed7f6c8e63a2eb03636c01fb3fb7b2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-70-148.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type
application/gzip

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 14:47:59 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
v11
tracking.crazyegg.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1063899&st=385440&ss=1e589c30-8dfd-11ee-bb30-1393969d2b3c&p=0b666d30fc3071e3cbceebf3dbf62a94&tk=f05b4f5450cb80a5c3adcd19711e831c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-70-148.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://go.onapsis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
content-length
0
content-type
application/octet-stream
date
Tue, 28 Nov 2023 14:47:59 GMT
server
awselb/2.0
js
www.googletagmanager.com/gtag/ 		262 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2HEPRR6DH5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6B79CK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a008a368898b728c29c455705330b34b1b52eecaeca392db0be1afc458f12b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 28 Nov 2023 14:47:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90090
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 14:47:59 GMT
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2HEPRR6DH5&gtm=45je3b81v876365165z8811990233&_p=1701182876319&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=122852780.1701182880&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701182879&sct=1&seg=0&dl=https%3A%2F%2Fgo.onapsis.com%2FlistUnsubscribeHeader%2Fu%2F127021%2Fef21c564997aa3171c3abd2d0cbe604c7227cd802577610afca7033a9ffa81ae%2F968609137&dt=Are%20you%20sure%20you%20want%20to%20leave%3F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.demandbase_audience=(Non-Company%20Visitor)&ep.demandbase_sid=(Non-Company%20Visitor)&ep.demandbase_company_name=(Non-Company%20Visitor)&ep.demandbase_industry=(Non-Company%20Visitor)&ep.demandbase_sub_industry=(Non-Company%20Visitor)&ep.demandbase_employee_range=(Non-Company%20Visitor)&ep.demandbase_revenue_range=(Non-Company%20Visitor)&ep.demandbase_audience_segment=(Non-Company%20Visitor)&ep.demandbase_website=(Non-Company%20Visitor)&ep.demandbase_city=(Non-Company%20Visitor)&ep.demandbase_state=(Non-Company%20Visitor)&ep.demandbase_country_name=(Non-Company%20Visitor)&ep.demandbase_account_type=(Non-Company%20Visitor)&ep.demandbase_account_type_c=(Non-Company%20Visitor)&ep.demandbases_salesforce_type=(Non-Company%20Visitor)&ep.demandbase_target_account=(Non-Company%20Visitor)&ep.demandbase_type=(Non-Company%20Visitor)&ep.demandbase_experience_name=No%20Experience&tfd=3803
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2HEPRR6DH5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 14:47:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.onapsis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2HEPRR6DH5&cid=122852780.1701182880&gtm=45je3b81v876365165z8811990233&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2HEPRR6DH5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 14:47:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.onapsis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2HEPRR6DH5&cid=122852780.1701182880&gtm=45je3b81v876365165z8811990233&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1602299149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 14:47:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| dataLayer object| anchors undefined| anchor function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id object| GooglebQhCsO string| piAId string| piCId string| piHostname object| iframe object| process boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| lintrk boolean| _already_called_lintrk string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API object| ORIBILI undefined| cesrk024702525948391885 string| cesrk024702525948391885_path function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse function| onYouTubeIframeAPIReady object| gaGlobal

18 Cookies

Domain/Path Name / Value
.onapsis.com/ Name: _gcl_au
Value: 1.1.33966699.1701182876
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2689:u=1:x=1:i=1701182876:t=1701269276:v=2:sig=AQG3z23vvmkjAPJW0qHEKst8nj8loStg"
.onapsis.com/ Name: _ce.irv
Value: new
.onapsis.com/ Name: cebs
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&eea9b352-aa42-4b2a-898f-572a91cb7aff"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDExODI4NzY7MjswMjFFhHk7Z0cfTliyRwt1UBXv9DvZnC4eBFlsv5/at7/Dbw==
.onapsis.com/ Name: _ce.clock_event
Value: 1
.onapsis.com/ Name: _ce.clock_data
Value: 43%2C217.114.218.22%2C1%2Cb0bd3ce3c19504a4290f0ae2ae855676
.onapsis.com/ Name: cebsp_
Value: 1
.onapsis.com/ Name: _ce.s
Value: v~74a1567ce8f6f8ea60a0e61544ae7589c50c255b~lcw~1701182877118~lva~1701182876733~vpv~0~v11.fs~1~v11.cs~385440~v11.s~1e589c30-8dfd-11ee-bb30-1393969d2b3c~v11ls~1e589c30-8dfd-11ee-bb30-1393969d2b3c~v11.sla~1701182877118~v11nv~1~lcw~1701182877122
go.onapsis.com/ Name: visitor_id127021
Value: 583440019
go.onapsis.com/ Name: visitor_id127021-hash
Value: 2ac04d0f698c6d7839aa6219812acd6f1992cc33c2ab516d423327c6b91faeb433abc167cb6422fae5673d17bcfabd099ac63c6e
go.onapsis.com/ Name: lpv127021
Value: aHR0cHM6Ly9nby5vbmFwc2lzLmNvbS9saXN0VW5zdWJzY3JpYmVIZWFkZXIvdS8xMjcwMjEvZWYyMWM1NjQ5OTdhYTMxNzFjM2FiZDJkMGNiZTYwNGM3MjI3Y2Q4MDI1Nzc2MTBhZmNhNzAzM2E5ZmZhODFhZS85Njg2MDkxMzc%3D
.pardot.com/ Name: visitor_id127021
Value: 583440019
.pardot.com/ Name: visitor_id127021-hash
Value: 2ac04d0f698c6d7839aa6219812acd6f1992cc33c2ab516d423327c6b91faeb433abc167cb6422fae5673d17bcfabd099ac63c6e
.onapsis.com/ Name: _ga
Value: GA1.1.122852780.1701182880
.onapsis.com/ Name: _ga_2HEPRR6DH5
Value: GS1.1.1701182879.1.0.1701182879.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
fonts.googleapis.com
fonts.gstatic.com
go.onapsis.com
googleads.g.doubleclick.net
pageimprove.io
pagestates-tracking.crazyegg.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.crazyegg.com
snap.licdn.com
stats.g.doubleclick.net
tracking.crazyegg.com
www.google.com
www.google.de
www.googletagmanager.com
13.107.42.14
13.32.27.24
18.66.122.74
2001:4860:4802:32::36
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c09::9b
2a02:26f0:7100::1720:ef23
3.215.172.219
3.92.120.28
34.117.30.33
63.35.70.148
07626408ac06430eebe7282b74a4e581080d10325bc51a36075d7bb0750ec9a4
10a996996ec921d516899c0d3df103e5eca5a71cf9afec9c057ae240e11ab7be
25d3b537aadb0995944118e561e9e4544a22fc35125dae5e7f9755abf8e6fc5e
27679f83066894b3641524b2746e25ae2dd7c6b635ab7f2f7506223a74173f3f
357f14f0abddc3ed61b762973944e3b89e20b215e6565eaeea072740b44ae4c1
3a7ff26e3fea300cdd6456f976a6b7ac113ebc0e88891359313d02f448213ffe
3e479daac2ce514ef31b888f7c8b46b90c075a2fab2768f4d3abb3d96725f37f
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
64010549d891a8e75be02810b513850ab1396e77f923746a81f5272531bb17f3
6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559
73a0135555bad9844d1c68375a4529ae0eb1fad53bdd8226965437de2a3d4654
7522c2cf228f80d9b1af1172f45d04b729d43dd8b9fc7cccb06eee2dd9629fed
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
838fcf38d188c20c103e6e3cc1902ad8cca9e7446018d88a5c25d531f67402aa
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90c144135f0d1deb045e395f3a434c264fa3d9bfb3091e5a1658815e3e1eb3f8
9a008a368898b728c29c455705330b34b1b52eecaeca392db0be1afc458f12b7
be0067ebca1e46ceab5ed15fde6dde0575b30f67523099a32221600d488f46de
d16934ea19112ed9998b70aa3d2207e6cb4a18162bc6135fda45a17c6ec6cef8
d372edb49a5ae087d8e451fa0560c2439b3a836c09c9d2a083800e10b190c2f5
d4c44faa5219c63be035fb0eb18bd9dca99ace6f12f8246721b7776bc2536131
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c26047c70a5ca144ea220685d68f0ecdb58e353bcf4d0d1e0b48bfc3b123ef
f8f86d18c827f3f28b145cd5acac1b94862d2343043c3250d466c7a54e7f62e2