URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=14...
Submission: On March 30 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 52.54.96.194, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is info.squirro.com.
TLS certificate: Issued by R3 on March 12th 2023. Valid for: 3 months.
This is the only time info.squirro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
7 squirro.com
info.squirro.com
squirro.com
17 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2284
20 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
255 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5216
669 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
669 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 100
2 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4159
4 KB
2 gstatic.com
fonts.gstatic.com
75 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
29 9
Domain Requested by
5 squirro.com info.squirro.com
squirro.com
4 www.googletagmanager.com info.squirro.com
www.googletagmanager.com
3 www.google.de info.squirro.com
3 www.google.com info.squirro.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pi.pardot.com info.squirro.com
pi.pardot.com
2 stats.g.doubleclick.net www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 info.squirro.com pi.pardot.com
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com info.squirro.com
29 12

This site contains no links.

Subject Issuer Validity Valid
info.squirro.com
R3
2023-03-12 -
2023-06-10
3 months crt.sh
*.squirro.com
Thawte RSA CA 2018
2022-04-04 -
2023-05-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
www.google.de
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-13 -
2023-09-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Frame ID: 07734C5161509419F9E15C3628C7D389
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Email Preference Center

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

377 kB
Transfer

894 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request emailsettings
info.squirro.com/
9 KB
4 KB
Document
General
Full URL
https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
2289d9335d26890fe631dd8f763c0881cbeee679638d88158b87e5036938cd43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
3392
Content-Type
text/html; charset=utf-8
Date
Thu, 30 Mar 2023 14:16:14 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
referrer-policy
no-referrer
status
404 Not Found
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1
x-robots-tag
nofollow, noindex
iframe-content.min.js
squirro.com/wp-content/themes/squirro/js/
13 KB
5 KB
Script
General
Full URL
https://squirro.com/wp-content/themes/squirro/js/iframe-content.min.js
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.152.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-152-138.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
db5e4973e826e581339bc0f692c328ee8f594acb860ba54276ee89b337a06c5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 20:33:42 GMT
server
Apache/2.4.54 (Debian)
etag
"34a8-5f80fe44cf580-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5020
expires
Fri, 29 Mar 2024 14:16:14 GMT
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,600|Open+Sans:400,600
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79ec46072667c7f96c1ab0609d04e68b10542343131b4f25f35a2e625edf9685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 13:38:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Mar 2023 14:16:14 GMT
pardot-form.css
squirro.com/wp-content/themes/squirro/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://squirro.com/wp-content/themes/squirro/css/pardot-form.css?ver=5.5
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.152.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-152-138.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
791a2bb6a78764af0c94121c008b3bf15f034293dffe2572db93b31ca800dba4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 20:33:42 GMT
server
Apache/2.4.54 (Debian)
etag
"4549-5f80fe44cf580-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3507
expires
Fri, 29 Mar 2024 14:16:14 GMT
skeletonCols.css
squirro.com/gar/
4 KB
1 KB
Stylesheet
General
Full URL
https://squirro.com/gar/skeletonCols.css
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.152.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-152-138.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
4e2f225ef0df0c104834215195384c62d7952439fac0b5df2a194c5e037e9d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 20:33:40 GMT
server
Apache/2.4.54 (Debian)
etag
"102c-5f80fe42e7100-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1073
expires
Fri, 29 Mar 2024 14:16:14 GMT
js
www.googletagmanager.com/gtag/
131 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-959441643
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3dde70c27d7797b270dc81287ebc8b0ef2b3c5a3b298174e114c87e20e93e53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51588
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Mar 2023 14:16:14 GMT
garTags.js
squirro.com/gar/
4 KB
1 KB
Script
General
Full URL
https://squirro.com/gar/garTags.js
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.152.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-152-138.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
e08da80d5b2fe6a3f3f6e94dad136698b5cea19deef033cb8dfd96cf963a49da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 20:33:40 GMT
server
Apache/2.4.54 (Debian)
etag
"e36-5f80fe42e7100-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1235
expires
Fri, 29 Mar 2024 14:16:14 GMT
gtm.js
www.googletagmanager.com/
234 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9VWK86
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
471d40cc4d6fcd5c889e8435530c983eb04ac9f3c5d9419e467949c05627a362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83592
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Mar 2023 14:16:14 GMT
Asterisk7.png
squirro.com/wp-content/uploads/2021/06/
134 B
403 B
Image
General
Full URL
https://squirro.com/wp-content/uploads/2021/06/Asterisk7.png
Requested by
Host: squirro.com
URL: https://squirro.com/wp-content/themes/squirro/css/pardot-form.css?ver=5.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.152.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-152-138.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.54 (Debian) /
Resource Hash
c178be7cd83aed312a15803880f299d8dbf81124e22b79282b067e9e84b0f2e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://squirro.com/wp-content/themes/squirro/css/pardot-form.css?ver=5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:14 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 20:33:52 GMT
server
Apache/2.4.54 (Debian)
etag
"86-5f80fe4e58c00-gzip"
vary
Accept,Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
144
expires
Sat, 29 Apr 2023 14:16:14 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600|Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://info.squirro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:40 GMT
x-content-type-options
nosniff
age
20314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:40 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600|Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://info.squirro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:40 GMT
x-content-type-options
nosniff
age
20314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:40 GMT
js
www.googletagmanager.com/gtag/
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-28557532-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-959441643
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6553dee42593fd02c4eb15cc50c4cd7a19e070ddc345d75fe7e50d3902f7153d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44841
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Mar 2023 14:16:15 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959441643/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959441643/?random=1680185775002&cv=11&fst=1680185775002&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&hn=www.googleadservices.com&frm=0&tiba=Email%20Preference%20Center&auid=948082302.1680185775&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9VWK86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d8b5b08eca54cad8701859b706d88c4fcd11bec1fa80958af04e8e4bf89b871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9VWK86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Mar 2023 14:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
664
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 30 Mar 2023 16:05:11 GMT
js
www.googletagmanager.com/gtag/
229 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EDT0VHER0C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9VWK86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4066dd309e7c144c7257f1ae45db8b91c491cf16ec9e61785fa6a7059e933f6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 14:16:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80824
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Mar 2023 14:16:15 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EDT0VHER0C&gtm=45je33r0&_p=1395940328&cid=750187129.1680185775&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680185775&sct=1&seg=0&dl=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&dt=Email%20Preference%20Center&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EDT0VHER0C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://info.squirro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1395940328&t=pageview&_s=1&dl=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&ul=en-us&de=UTF-8&dt=Email%20Preference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=812014373&gjid=1274252564&cid=750187129.1680185775&tid=UA-28557532-1&_gid=2069411204.1680185775&_r=1&_slc=1&gtm=45He33r0n81W9VWK86&z=1495042828
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://info.squirro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
69 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1395940328&t=pageview&_s=1&dl=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&ul=en-us&de=UTF-8&dt=Email%20Preference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=83161926&gjid=1268384841&cid=750187129.1680185775&tid=UA-28557532-1&_gid=2069411204.1680185775&_r=1&gtm=457e33r0&jsscut=1&z=14634105
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://info.squirro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/959441643/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/959441643/?random=1680185775002&cv=11&fst=1680184800000&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&frm=0&tiba=Email%20Preference%20Center&fmt=3&is_vtc=1&random=369401722&rmt_tld=0&ipr=y
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/959441643/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/959441643/?random=1680185775002&cv=11&fst=1680184800000&bg=ffffff&guid=ON&async=1&gtm=45He33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&frm=0&tiba=Email%20Preference%20Center&fmt=3&is_vtc=1&random=369401722&rmt_tld=1&ipr=y
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28557532-1&cid=750187129.1680185775&jid=812014373&gjid=1274252564&_gid=2069411204.1680185775&_u=YADAAEAAAAAAACAAI~&z=1276381038
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://info.squirro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28557532-1&cid=750187129.1680185775&jid=83161926&gjid=1268384841&_gid=2069411204.1680185775&_u=YADAAUABAAAAACAAI~&z=706035147
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://info.squirro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: info.squirro.com
URL: https://info.squirro.com/emailsettings?ehash=370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457&email_id=1460243440&epc_hash=O7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
e14cd6ae1b546c6beb885138a62fe402e1ba209e8d7cc4fbde68474f72d078c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 30 Mar 2023 14:16:15 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 30 Mar 2023 05:30:37 GMT
Server
PardotServer
etag
"15e6-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1989
expires
Sat, 29 Mar 2025 14:16:15 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28557532-1&cid=750187129.1680185775&jid=83161926&_u=YADAAUABAAAAACAAI~&z=1496801393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28557532-1&cid=750187129.1680185775&jid=83161926&_u=YADAAUABAAAAACAAI~&z=1496801393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28557532-1&cid=750187129.1680185775&jid=812014373&_u=YADAAEAAAAAAACAAI~&z=1808371928
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28557532-1&cid=750187129.1680185775&jid=812014373&_u=YADAAEAAAAAAACAAI~&z=1808371928
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 14:16:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics
pi.pardot.com/
1 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=673920373&visitor_id_sign=7a24f197d3eb8e7f5f8f4fb5527d2b9b7083846246b7d0a11ef11364958b02695b09f1508c525c3e5bfb2391ef61e461a44fe9b7&pi_opt_in=&campaign_id=3371&account_id=12312&title=Email%20Preference%20Center&url=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&referrer=&pi_s=null&pi_em=null
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
e7bade20ae06cc66097afb65c6d977d7ce7e5f4a78b1ad836173379397c942ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 30 Mar 2023 14:16:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
550
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
info.squirro.com/
50 B
997 B
Script
General
Full URL
https://info.squirro.com/analytics?conly=true&visitor_id=673920373&visitor_id_sign=7a24f197d3eb8e7f5f8f4fb5527d2b9b7083846246b7d0a11ef11364958b02695b09f1508c525c3e5bfb2391ef61e461a44fe9b7&pi_opt_in=&campaign_id=3371&account_id=12312&title=Email%20Preference%20Center&url=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&referrer=&pi_s=null&pi_em=null
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=673920373&visitor_id_sign=7a24f197d3eb8e7f5f8f4fb5527d2b9b7083846246b7d0a11ef11364958b02695b09f1508c525c3e5bfb2391ef61e461a44fe9b7&pi_opt_in=&campaign_id=3371&account_id=12312&title=Email%20Preference%20Center&url=https%3A%2F%2Finfo.squirro.com%2Femailsettings%3Fehash%3D370a3f8063c0402ed48075b99bbb6f551fd4842cc0cfb67dc58efa8606f36457%26email_id%3D1460243440%26epc_hash%3DO7AyeOm6fWsb2yKcVZn8Ef8KOnbx4FUC2fF0qah6__M&referrer=&pi_s=null&pi_em=null
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 30 Mar 2023 14:16:16 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer function| gtag string| curWindow string| emailHashVals string| sqroEmailPrefsPage string| prdtEmailPrefsPage string| sqroUnsubPage string| prdtUnsubPage string| piAId string| piCId string| piHostname object| anchors object| anchor function| sendHeight function| SqroSetCookie function| getUrlParameter string| googleAdRefCheck string| assetName object| rmrktng function| getQueryStringValue string| currAsset string| advertID string| setGtag string| k object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start number| c_end string| property function| piResponse

12 Cookies

Domain/Path Name / Value
info.squirro.com/ Name: visitor_id11312
Value: 673920373
info.squirro.com/ Name: visitor_id11312-hash
Value: 7a24f197d3eb8e7f5f8f4fb5527d2b9b7083846246b7d0a11ef11364958b02695b09f1508c525c3e5bfb2391ef61e461a44fe9b7
.squirro.com/ Name: _gcl_au
Value: 1.1.948082302.1680185775
.squirro.com/ Name: _ga_EDT0VHER0C
Value: GS1.1.1680185775.1.0.1680185775.0.0.0
.squirro.com/ Name: _ga
Value: GA1.2.750187129.1680185775
.squirro.com/ Name: _gid
Value: GA1.2.2069411204.1680185775
.squirro.com/ Name: _gat_UA-28557532-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.squirro.com/ Name: _gat_gtag_UA_28557532_1
Value: 1
.pardot.com/ Name: visitor_id11312
Value: 673920373
.pardot.com/ Name: visitor_id11312-hash
Value: 7a24f197d3eb8e7f5f8f4fb5527d2b9b7083846246b7d0a11ef11364958b02695b09f1508c525c3e5bfb2391ef61e461a44fe9b7
pi.pardot.com/ Name: lpv11312
Value: aHR0cHM6Ly9pbmZvLnNxdWlycm8uY29tL2VtYWlsc2V0dGluZ3M%2FZWhhc2g9MzcwYTNmODA2M2MwNDAyZWQ0ODA3NWI5OWJiYjZmNTUxZmQ0ODQyY2MwY2ZiNjdkYzU4ZWZhODYwNmYzNjQ1NyZlbWFpbF9pZD0xNDYwMjQzNDQwJmVwY19oYXNoPU83QXllT202ZldzYjJ5S2NWWm44RWY4S09uYng0RlVDMmZGMHFhaDZfX00%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
info.squirro.com
pi.pardot.com
region1.google-analytics.com
squirro.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
18.193.152.138
2001:4860:4802:34::36
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c0d::9a
52.54.96.194
2289d9335d26890fe631dd8f763c0881cbeee679638d88158b87e5036938cd43
4066dd309e7c144c7257f1ae45db8b91c491cf16ec9e61785fa6a7059e933f6c
471d40cc4d6fcd5c889e8435530c983eb04ac9f3c5d9419e467949c05627a362
4e2f225ef0df0c104834215195384c62d7952439fac0b5df2a194c5e037e9d72
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d8b5b08eca54cad8701859b706d88c4fcd11bec1fa80958af04e8e4bf89b871
6553dee42593fd02c4eb15cc50c4cd7a19e070ddc345d75fe7e50d3902f7153d
791a2bb6a78764af0c94121c008b3bf15f034293dffe2572db93b31ca800dba4
79ec46072667c7f96c1ab0609d04e68b10542343131b4f25f35a2e625edf9685
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c178be7cd83aed312a15803880f299d8dbf81124e22b79282b067e9e84b0f2e7
c3dde70c27d7797b270dc81287ebc8b0ef2b3c5a3b298174e114c87e20e93e53
db5e4973e826e581339bc0f692c328ee8f594acb860ba54276ee89b337a06c5b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08da80d5b2fe6a3f3f6e94dad136698b5cea19deef033cb8dfd96cf963a49da
e14cd6ae1b546c6beb885138a62fe402e1ba209e8d7cc4fbde68474f72d078c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bade20ae06cc66097afb65c6d977d7ce7e5f4a78b1ad836173379397c942ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629