permission.click Open in urlscan Pro
13.89.172.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Submission: On December 07 via manual (December 7th 2021, 8:57:56 pm UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 27 domains to perform 76 HTTP transactions. The main IP is 13.89.172.18, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is permission.click.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 15th 2021. Valid for: a year.

This is the only time permission.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	13.89.172.18 13.89.172.18	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:7000:19:b855:600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	13.35.253.5 13.35.253.5	16509 (AMAZON-02) (AMAZON-02)
1	13.89.172.13 13.89.172.13	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	13.69.106.208 13.69.106.208	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:205... 2600:9000:2057:9000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.212.123.39 34.212.123.39	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
76	35

13 13.89.172.18 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

permission.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7000:19:b855:600:93a1 (United States)

ASN16509 (AMAZON-02, US)

transloadit.edgly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-5.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.89.172.13 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app.permissionclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71a2 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.208 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.123.39 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-123-39.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	permission.click permission.click	2 MB
7	stripe.com js.stripe.com q.stripe.com m.stripe.com	74 KB
5	hubspot.com api.hubspot.com app.hubspot.com track.hubspot.com	6 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
4	googletagmanager.com www.googletagmanager.com	196 KB
4	google.com translate.google.com analytics.google.com www.google.com	28 KB
4	googleapis.com fonts.googleapis.com translate.googleapis.com translate-pa.googleapis.com	83 KB
3	facebook.net connect.facebook.net	133 KB
3	hubapi.com api.hubapi.com feedback.hubapi.com	2 KB
3	google.de www.google.de	672 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	facebook.com www.facebook.com	386 B
2	hsappstatic.net static.hsappstatic.net	99 KB
2	stripe.network m.stripe.network	16 KB
2	visualstudio.com dc.services.visualstudio.com	281 B
1	googleadservices.com www.googleadservices.com	14 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hubspotfeedback.com js.hubspotfeedback.com	11 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	usemessages.com js.usemessages.com	21 KB
1	permissionclick.com app.permissionclick.com	106 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	hs-scripts.com js.hs-scripts.com	1 KB
1	edgly.net transloadit.edgly.net	9 KB
1	fontawesome.com pro.fontawesome.com	17 KB
76	27

	Domain	Requested by
13	permission.click	permission.click
4	www.googletagmanager.com	permission.click www.googletagmanager.com js.hsadspixel.net
3	connect.facebook.net	js.hsadspixel.net connect.facebook.net
3	q.stripe.com	permission.click
3	api.hubspot.com	az416426.vo.msecnd.net app.hubspot.com
3	js.stripe.com	permission.click js.stripe.com
3	www.google.de	permission.click
3	www.google-analytics.com	www.googletagmanager.com permission.click
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com
2	feedback.hubapi.com	static.hsappstatic.net
2	static.hsappstatic.net	app.hubspot.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	www.gstatic.com	permission.click
2	translate.googleapis.com
2	www.google.com	permission.click
2	stats.g.doubleclick.net	az416426.vo.msecnd.net www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	api.hubapi.com	az416426.vo.msecnd.net
1	track.hubspot.com
1	app.hubspot.com	js.hubspotfeedback.com
1	translate-pa.googleapis.com	srcdoc
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	app.permissionclick.com	permission.click
1	analytics.google.com	www.googletagmanager.com
1	az416426.vo.msecnd.net	permission.click
1	translate.google.com	permission.click
1	js.hs-scripts.com	permission.click
1	transloadit.edgly.net	permission.click
1	pro.fontawesome.com	permission.click
1	fonts.googleapis.com	permission.click
76	38

This site contains links to these domains. Also see Links.

Domain
translate.google.com
permissionclick.com

Subject Issuer	Validity	Valid
*.permission.click Go Daddy Secure Certificate Authority - G2	`2021-11-15` - `2022-12-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.edgly.net Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
*.permissionclick.com Go Daddy Secure Certificate Authority - G2	`2021-09-23` - `2022-10-24`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-16` - `2021-12-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Frame ID: 8488CE26BC4DB9C800BF454BAAB8DF37
Requests: 59 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback
Frame ID: 773FA148D1EF8CA6EFC446F6E9E14EB5
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 3C731374DAD0E593C2F705A6B205BC4C
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: C00CF2B7CEEBB76CED36BDD9790EF476
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E83249014D781A5A2104EC5B15AF72AF
Requests: 5 HTTP requests in this frame

Frame: https://api.hubspot.com/cors-preflight-iframe/
Frame ID: 5A3B67C0AE0A01900E57BC8B84D90382
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Permission Click

Page Statistics

76
Requests

100 %
HTTPS

80 %
IPv6

27
Domains

38
Subdomains

35
IPs

4
Countries

2687 kB
Transfer

9140 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://permissionclick.com/

Search URL Search Domain Scan URL

URL: https://permissionclick.com/privacy-policy/
Title: Legal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request us Show response
permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/ 62 KB
18 KB 600ms
323ms Document
text/html 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7f9519281ffcfb287932893c330d9cde14bf07bc41cb71cf7ee8b92a41425935

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: public, no-store, max-age=0
content-length: 17705
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Tue, 07 Dec 2021 20:57:49 GMT
last-modified: Tue, 07 Dec 2021 20:57:49 GMT
etag: ""
vary: *
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
access-control-allow-origin: https://permissionclick.com
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,origin,content-type,accept
date: Tue, 07 Dec 2021 20:57:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 50ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700|Roboto:300,400,500,700

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f01b7fd2855eebe5c550a1c717ad72cde1d028212d2bc6d71c5a547621c6500c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 20:57:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 20:57:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 20:57:49 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.9.0/css/ 81 KB
17 KB 102ms
50ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a9d7a29fe8f1823c99e7ba6a8e872a0851cb04908948ac07aa576fa1d1b169

Request headers

Referer: https://permission.click/
Origin: https://permission.click
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:49 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1118887
x-amz-request-id: 4MW3TWRVDH6NDJR3
x-amz-id-2: 0Mls+lxe52R11wnWs3rkCPXIiWx5bQKgnEwbjpAG9hBV6wCdJMB1cPuQGD6J4D5OY4rObhIjpKQ=
last-modified: Mon, 28 Jun 2021 17:42:06 GMT
server: cloudflare
etag: W/"99fdcce3ee72649d41648e469aae48e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ba0ab261c02145a-FRA

GET
H2 200 uppy.min.css
transloadit.edgly.net/releases/uppy/v1.6.0/ 49 KB
9 KB 74ms
14ms Stylesheet
text/css 2600:9000:211e:7000:19:b855:600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://transloadit.edgly.net/releases/uppy/v1.6.0/uppy.min.css
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7000:19:b855:600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f49095d3ae0cb027502278e6e498babbc744aab0d4dc5ef8649c09add8501bd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 16:04:39 GMT
server: AmazonS3
age: 82942
etag: W/"9579d521b404c85634a550bacabe86f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, max-age=31536000, s-max-age=31536000
date: Mon, 06 Dec 2021 21:55:28 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: hF-u635BV9DmXpb_RAEy11qneF6o4gEkXXAihGoLsZfkLiBE8vMesA==

GET
H2 200 responses-9d2e7c0340c4b4dffaf7.css
permission.click/Content/build/ 302 KB
40 KB 422ms
422ms Stylesheet
text/css 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c46cab52f7885fd1e8813ce0c866ed6618d3273fe2b0edb9cf2ceb591f8265a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:49 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 19:58:33 GMT
server: Microsoft-IIS/10.0
etag: "80ba14fcb6e7d71:0",""
vary: Accept-Encoding
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 40328

GET
H2 200 modernizr Show response
permission.click/bundles/ 11 KB
5 KB 132ms
132ms Script
text/javascript 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://permission.click/bundles/modernizr?v=K-FFpFNtIXPUlQamnX3qHX_A5r7TM2xbAgcuEmpm3O41
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9f0fab72c8a1fea1df1d6c5d128115031a8c44ccbc7f37e314acee6acb98779b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:49 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 20:57:49 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
etag: ""
vary: User-Agent
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://permissionclick.com
cache-control: public
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 5284
expires: Wed, 07 Dec 2022 20:57:49 GMT

GET
H2 200 vendor-353536343442745699e6.js Show response
permission.click/Content/build/ 3 MB
852 KB 132ms
132ms Script
application/x-javascript 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://permission.click/Content/build/vendor-353536343442745699e6.js
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f40bc366b5c1f7fff3de7d5f9b7929bad7d50daf869d255680951d987c213582

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:49 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 19:58:34 GMT
server: Microsoft-IIS/10.0
etag: "051adfcb6e7d71:0",""
vary: Accept-Encoding
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 870721

GET
H2 200 responses-52574c62128a2891638d.js Show response
permission.click/Content/build/ 3 MB
791 KB 625ms
624ms Script
application/x-javascript 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://permission.click/Content/build/responses-52574c62128a2891638d.js
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 711cac9df73b0d571d7db009f18b630dc0d31f340673be88016afbab98107a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:49 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 19:58:33 GMT
server: Microsoft-IIS/10.0
etag: "80ba14fcb6e7d71:0",""
vary: Accept-Encoding
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 808245

GET
H2 200 2443279.js Show response
js.hs-scripts.com/ 2 KB
1 KB 187ms
165ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2443279.js
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 908032af5b1d5588493f9396643e1cc3362055ff70ea1d043ba22445b75ab446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 7d46eebf-f6cc-48e1-bd89-3bc4bba85104
last-modified: Tue, 07 Dec 2021 20:35:11 GMT
server: cloudflare
x-trace: 2B2B790B37F501C9FB1742B89A4C5643845A560269000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://permission.click
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6ba0ab294beb0746-FRA
expires: Tue, 07 Dec 2021 20:58:50 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 64ms
34ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0c9931beb8aeb26ef55cf1517481fe99817d38cb208cee25a9f665a0990aeaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tail.svg
permission.click/Content/build/assets/ 8 KB
1018 B 348ms
347ms Image
image/svg+xml 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://permission.click/Content/build/assets/tail.svg
Requested by: Host: permission.click
URL: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7355f53db9e962876b1385c0e5bd11c1878a51ef10be5e4daeae18877feba658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:49 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 19:58:36 GMT
server: Microsoft-IIS/10.0
etag: "07edefdb6e7d71:0",""
vary: Accept-Encoding
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 918

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://permission.click
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:45:42 GMT
x-content-type-options: nosniff
age: 537128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:45:42 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 31ms
8ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Dec 2021 20:57:50 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 718
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1f9dc6da-101e-0076-5cab-eb623d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Tue, 07 Dec 2021 21:27:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
57 KB 60ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFL7XKL&gtm_auth=ADAC9ZMbCABMsSTzSxd5bw&gtm_preview=env-25&gtm_cookies_win=x

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ee0fdb97412e4f3d5edfc5fc728e374011f8b3741279fa1871e311c8b12e720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58241
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 20:57:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 38ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V35XNSWVXJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFL7XKL&gtm_auth=ADAC9ZMbCABMsSTzSxd5bw&gtm_preview=env-25&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63c6ed8b37dd0f719d4dd5858f9174982aeb1a97211de40934d48ceb5a9acd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62191
x-xss-protection: 0
expires: Tue, 07 Dec 2021 20:57:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFL7XKL&gtm_auth=ADAC9ZMbCABMsSTzSxd5bw&gtm_preview=env-25&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7003
date: Tue, 07 Dec 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 21:01:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 50ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-120072262-4&cid=1965980804.1638910670&jid=1040820186&gjid=1390371751&_gid=1616113063.1638910670&_u=YGBAgEABAAAAAE~&z=1283516480

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://permission.click/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 20:57:50 GMT
content-type: text/plain
access-control-allow-origin: https://permission.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1058495060&t=pageview&_s=1&dl=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus&ul=en-us&de=UTF-8&dt=Permission%20Click&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1040820186&gjid=1390371751&cid=1965980804.1638910670&tid=UA-120072262-4&_gid=1616113063.1638910670&gtm=2wgc10PFL7XKL&z=2061714781

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
195 B 14ms
14ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-V35XNSWVXJ&gtm=2oec10&_p=1058495060&sr=1600x1200&_gaz=1&ul=en-us&cid=1965980804.1638910670&_s=1&dl=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus&dt=Permission%20Click&sid=1638910670&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V35XNSWVXJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://permission.click/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://permission.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 29ms
16ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V35XNSWVXJ&cid=1965980804.1638910670&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V35XNSWVXJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://permission.click/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://permission.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V35XNSWVXJ&cid=1965980804.1638910670&gtm=2oec10&aip=1&z=1785568282

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 57ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120072262-4&cid=1965980804.1638910670&jid=1040820186&_u=YGBAgEABAAAAAE~&z=2076044235

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120072262-4&cid=1965980804.1638910670&jid=1040820186&_u=YGBAgEABAAAAAE~&z=2076044235

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 resume-rostered-list Show response
permission.click/form/517259f5-3f06-4caa-9534-9be1dba994fe/6645e563-f8c3-4d92-973d-bb351010bf18/us/response/ 458 B
573 B 407ms
406ms Fetch
application/json 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://permission.click/form/517259f5-3f06-4caa-9534-9be1dba994fe/6645e563-f8c3-4d92-973d-bb351010bf18/us/response/resume-rostered-list?email=benjamin.hershock%40washgas.com&organizationId=d9b4dc92-7fbd-47b7-a332-04e89d741142
Requested by: Host: permission.click
URL: https://permission.click/Content/build/responses-52574c62128a2891638d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 792619b497417ba1a9084575b46ee9eddc475b4c22bd47ada21bacf05eb0334a

Request headers

Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
PC-App-Version: 2021.12.02.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
content-encoding: gzip
x-aspnet-version: 4.0.30319
content-length: 456
x-aspnetmvc-version: 5.2
last-modified: Tue, 07 Dec 2021 20:57:50 GMT
server: Microsoft-IIS/10.0
etag: ""
vary: *
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://permissionclick.com
cache-control: public, no-store, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,origin,content-type,accept
expires: Tue, 07 Dec 2021 20:57:50 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 268 KB
71 KB 84ms
10ms Script
application/javascript 13.35.253.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: permission.click
URL: https://permission.click/Content/build/responses-52574c62128a2891638d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-5.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eb36695b7145bcd2d27c15014df1c887b44dedd005a787193049d359b0a49729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 49
x-cache: Hit from cloudfront
date: Tue, 07 Dec 2021 20:57:02 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Tue, 07 Dec 2021 16:57:44 GMT
server: Cloudfront
etag: W/"5f461d884c0e8dd6c1527c179a26f61d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: lJeD0NcdejOzchHoKwH7dL-x3LBZtzxnWY0alggAjHq116DrLYN2vA==

GET
H2 200 logo
app.permissionclick.com/organization/d9b4dc92-7fbd-47b7-a332-04e89d741142/us/ 106 KB
106 KB 671ms
145ms Image
application/octet-stream 13.89.172.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.permissionclick.com/organization/d9b4dc92-7fbd-47b7-a332-04e89d741142/us/logo
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.13 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9303f7b70ea30abeebc819868e04484281315f527081ae792b55474d0c0e3824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
etag: ""
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://permissionclick.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 108079

GET
H2 200 pc-logo-white-horz.png
permission.click/Images/logo/ 19 KB
20 KB 189ms
188ms Image
image/png 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://permission.click/Images/logo/pc-logo-white-horz.png
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 323b3fe51dddc362035d637e4aa9b8bd1573fe99f83a5ed7b0e353468e43dc7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
last-modified: Thu, 02 Dec 2021 19:58:27 GMT
server: Microsoft-IIS/10.0
etag: "de212f9b6e7d71:0",""
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 19931

GET
H2 200 pci_dss.png
permission.click/Images/ 4 KB
4 KB 189ms
188ms Image
image/png 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://permission.click/Images/pci_dss.png
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 356c31decb92225a558511537658e519377b141bec7d22d50700563260fe7b52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
last-modified: Thu, 02 Dec 2021 19:58:27 GMT
server: Microsoft-IIS/10.0
etag: "e5e716f9b6e7d71:0",""
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 4290

GET
H2 200 secure_connection.png
permission.click/Images/ 4 KB
4 KB 136ms
135ms Image
image/png 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://permission.click/Images/secure_connection.png
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 897d0c6ba882018b0df6fa151be32e1e25696ee57a4d31092ce1fc963fce8ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
last-modified: Thu, 02 Dec 2021 19:58:27 GMT
server: Microsoft-IIS/10.0
etag: "425e15f9b6e7d71:0",""
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 3837

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 47ms
8ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.znFVCVQEnYw.O/d=1/rs=AN8SPfqa026dRVF0FOvsPMSPe5BM2qCeRg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 21:55:07 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.znFVCVQEnYw.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfo0-L5Li-ayZYgkbdtPLVYvBCluNA/ 223 KB
76 KB 47ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.znFVCVQEnYw.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfo0-L5Li-ayZYgkbdtPLVYvBCluNA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.znFVCVQEnYw.O/d=1/rs=AN8SPfqa026dRVF0FOvsPMSPe5BM2qCeRg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b967938a5792fd7d88d6d18fd5ce3d85b1be4757a0616d1aaf0a8b872ef4d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77957
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:22:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 15:55:09 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://permission.click
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 2995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:07:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 25ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://permission.click
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 573872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 05:33:18 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 49ms
26ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2443279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768e9f571558630520b67b0e5cbd1906edbbe0d47a4b8270bbbf1147da30c1a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626579.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 213
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9460/bundles/project.js&cfRay=6ba0a5fb5cc342fd-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 06 Dec 2021 10:01:49 UTC
server: cloudflare
etag: W/"b3a6c7ed04580e98000c3a5a624db248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _jOiiD.XOuBgizKr1hEb1wt0v8fSgzSl
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6ba0ab2dcf364e1a-FRA
x-amz-cf-id: Z4vb98NjoYLS-WaNM29T8vMLijNe1kq8RghBhNW9h8EXhGZX2AZoCA==
x-hs-target-asset: conversations-embed/static-1.9460/bundles/project.js

GET
H2 200 2443279.js Show response
js.hs-analytics.net/analytics/1638910500000/ 62 KB
20 KB 204ms
180ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1638910500000/2443279.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2443279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b02538b2e2e62e09091ec44fa5efb2ad647ac0c001bd8e53d9a053e5a460d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: C51N5RY6FX4ZB5GJ
x-amz-server-side-encryption: AES256
cf-ray: 6ba0ab2dcafb6967-FRA
x-amz-id-2: uFz2ucxTprUS5/I26Hi3f1isEffVy3kKzfLgr9zshk7RtJTQBA2M9Jx9IBCuhXKYt8JfE6z80Qc=
last-modified: Mon, 19 Jul 2021 14:23:56 GMT
server: cloudflare
etag: W/"5661cdc8487feb169cdf3f4c2a848b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Tue, 07 Dec 2021 21:02:51 GMT

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 30 KB
11 KB 185ms
152ms Script
application/javascript 2606:4700::6811:71a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2443279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda36c3bc6dc8015acc8edb9b702dcd1d5cc47501b07dcaa8542e72d7dd35154

Request headers

Referer: https://permission.click/
Origin: https://permission.click
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.8305/bundles/popupInjector.js&cfRay=6ba0ab2dc8a668f8-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6ba0ab2dc8a668f8-FRA
last-modified: Thu, 04 Nov 2021 09:43:51 UTC
server: cloudflare
etag: W/"216bdd355659be20d66c1e6e9bee72bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: XhuTLbh9BrCvQlF0c4BTV.3ztoRC.Zob
access-control-allow-origin: *
cache-control: max-age=600
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: zrKDwuKtCJWWAI8U-XnTd7xRTR8vPqXhUFCaonC_nSRlceWAz3xRbg==
x-hs-target-asset: feedback-web-renderer-ui/static-1.8305/bundles/popupInjector.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 49ms
18ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2443279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830fcab93c12b9ad2a820fed85e456077ed189a100a59b3080fd807d844eeef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 210
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.257/bundles/pixels-release.js&cfRay=6ba0a60e2f92d6f5-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 29 Nov 2021 05:24:28 UTC
server: cloudflare
etag: W/"a5963a9ccf6657b39b543985ec7b9634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: QEftXf9SpA6LuHCJA7K_EhxXH0zSJ6Zm
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
cf-ray: 6ba0ab2dcb1e5c3e-FRA
x-amz-cf-id: -TfJPtSnxa3xOI6vJyMRjVVEEBH07Db53Gsd0tpsX0Zx1bHts3Nbjw==
x-hs-target-asset: adsscriptloaderstatic/static-1.257/bundles/pixels-release.js

GET
H2 200 2443279.js Show response
js.hs-banner.com/ 61 KB
16 KB 470ms
436ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2443279.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2443279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f9e31830ac670122bfc3d57f228297c60e2f7f43912d04e1b772c2465f3f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 2EPQX75TYZKENDWR
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 6BPk4HDhLOMoijt562EUIEGTrJogs2j6XHjoNgU9CBu2A3TAY8I0NZWUIvBhIJXtOPKZmDlfv5o=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 19:36:32 GMT
server: cloudflare
etag: W/"ab4bf4ed35f3649bdf2f4331127fe6a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: Pzvb01CpTgTCgxc8.Y1XvUzINL.daR_O
access-control-allow-origin: https://permission.click
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6ba0ab2dcf402b7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Tue, 07 Dec 2021 21:02:51 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
959 B 33ms
9ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:46:05 GMT
x-content-type-options: nosniff
age: 706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 07 Dec 2022 20:46:05 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 32ms
9ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:08:15 GMT
x-content-type-options: nosniff
age: 103776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Dec 2022 16:08:15 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 180ms
160ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2443279&conversations-embed=static-1.9460&mobile=false&messagesUtk=982a4d9104464538bb8d91521de499ab&traceId=982a4d9104464538bb8d91521de499ab

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://permission.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6ba0ab2ebfcc16e6-FRA
access-control-allow-origin: https://permission.click
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 46c408c9-e658-4b7a-8b25-15b5944a96b1
x-trace: 2B7C18FD0F0E93253650C18C4DC486129348610635000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1juCuaDfAKM8Z7hriv1%2BmzKilIvFxs%2BNj4Q6xLVYNewfCHBNQfqalPexjSscmRyF%2Fu%2FcU4qrlcjXBZJrlCLjWLZUxGLtHK%2Fav3dLuIZcvK8AZL6kJ1aFP3VAZTb3ibW44hrThBWpTSorNV9%2Bxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 315 B
1 KB 167ms
154ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5621411f20174db283d1bce647c560489e6d73272ff9344dd43932a3b0c5d3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://permission.click/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us#/signee

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f279dacd-1a16-4cc4-92b6-0b0b3a026885
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 254
server: cloudflare
x-trace: 2B930CDA2D2E6B6DF23AB0C297280BD1232B9001EE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YWoNintBAtOKipYcAtmHNqT9vI6VXh1JbwZRq7pJ6nfpLQ%2BnSxQzzGgFHf%2BkmBPFQb7x8V0nJpdjY5HvyZ79xBVZWu5jq9Z0p3EOgjhasWcU%2Frz0tLOfyRRaIts1MvSMJ1AH8VqWhRWpqMtXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://permission.click
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6ba0ab2fdbdb6939-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 supportedLanguages Show response
translate-pa.googleapis.com/v1/ Frame 773F 14 KB
2 KB 60ms
22ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-length: 1213
x-xss-protection: 0
expires: Tue, 07 Dec 2021 20:57:51 GMT

GET
H2 200 arrowdown.png
permission.click/Content/build/assets/ 303 B
366 B 131ms
130ms Image
image/png 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://permission.click/Content/build/assets/arrowdown.png
Requested by: Host: permission.click
URL: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fb94f4d09b44dc23124312c1ace6c32b00c962f025fce5fc1c3f5b5123dcace3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:50 GMT
last-modified: Thu, 02 Dec 2021 19:58:36 GMT
server: Microsoft-IIS/10.0
etag: "b9b61feb6e7d71:0",""
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 303

GET
H2 200 exclamation-circle.png
permission.click/Content/build/assets/ 2 KB
2 KB 130ms
130ms Image
image/png 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://permission.click/Content/build/assets/exclamation-circle.png
Requested by: Host: permission.click
URL: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b79e88c50148be1a719a7ad829bceae5ab9b94f2e72ac0c72648b4bb368cdcd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
last-modified: Thu, 02 Dec 2021 19:58:36 GMT
server: Microsoft-IIS/10.0
etag: "1c411feb6e7d71:0",""
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 1870

GET
H2 200 carret-right.png
permission.click/Content/build/assets/ 282 B
367 B 130ms
129ms Image
image/png 13.89.172.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://permission.click/Content/build/assets/carret-right.png
Requested by: Host: permission.click
URL: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.18 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 67954ace899be2a111f0644e7f89e7db138149a86cd967610ade2e2e3fc09295

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/Content/build/responses-9d2e7c0340c4b4dffaf7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:51 GMT
last-modified: Thu, 02 Dec 2021 19:58:36 GMT
server: Microsoft-IIS/10.0
etag: "e07f0feb6e7d71:0",""
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: https://permissionclick.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,origin,content-type,accept
content-length: 282

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame 3C73 240 B
956 B 9ms
9ms Document
text/html 13.35.253.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-5.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 07 Dec 2021 20:57:26 GMT
cache-control: max-age=60
etag: "f7902241893e7a497417843cb15dc858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: mxt2be9SqCjOzKEGTXuy_6O--stNssKYFlcxMbiXOzP50VnVtnLieA==
age: 25

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame C00C 2 KB
2 KB 164ms
144ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee220ecac6b954755c3e109de1d5e52fa6d20d98ad96d34f7dbcb0ad4befa4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
content-type: text/html; charset=utf-8
cf-ray: 6ba0ab335a2f1756-FRA
age: 1862
cache-control: max-age=0, no-cache, no-store
etag: W/"2c79e84cc06030797f364599ad3858f2"
last-modified: Thu, 04 Nov 2021 09:43:51 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hs-analytics.net *.hsappstatic.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com js.hubspotfeedback.com *.usemessages.com js.hubspot.com js.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com *.fullstory.com fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com tpc.googlesyndication.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com fast.wistia.net s.yimg.jp www.redditstatic.com 'unsafe-inline' 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.8305/html/fetcher.html&cfRay=6ba0ab335a2f1756&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fpermission.click%2F&cfenv=prod&csp=ro
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: G9RvzyJCqKCoZDjV8dSgTSeS353AmdDyl2iI8jXrnfClTZo73jvT8Q==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: PwxeyN7AvF5fX3AAIqZB7piD6OxCHr3A
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-hs-worker-debug-mode: false
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1001 B 151ms
139ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=808429732&v=1.1&a=2443279&pu=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus%23%2Fsignee&t=Permission+Click&cts=1638910671879&vi=3047d61dc4f04bb5d57cc2aea79427c1&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8f94be40-53da-4b95-b3f4-48c78bee4325
cf-ray: 6ba0ab335a321756-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1uSZ4yhtLVo4mg9zi0GFByyRlJl8y7xo%2B5KJCENL6Ru79G9c51MDQv9zYKABETH%2FCgV9QBTUrDXtwS2L2px9m6dr3ttR68ThGMgmCfsoYXOsMrkWwArx1%2BkFDr7fB2ldMhnhT0qE1RY7ZVDp%2Fr2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 140 B
976 B 300ms
263ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2443279

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b7d3bc64184cd7a714626b354a38ecc31b62004384064553ae686c1c6ecbb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0c967dde-9a45-4d4d-8690-5d81305c4ba2
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2BAAD426F992655DEDC315C30B2ADFF828B4A94E18000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3agjG9gLhi25I%2FfgJ1AjVzwgLP%2FJwgTa73kNU7yAaOIfcYDkhcbgPAPcd0ixFMeTUhN8C3KbqguObFun6bObnan1ty1TNSWYM4Iz46KyeEiU4w0hb7hvgzyoLq7OrZ7dDdVmGhAtjZUfTJj"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://permission.click
access-control-allow-credentials: false
cf-ray: 6ba0ab338f985364-FRA
access-control-allow-headers: *

POST
H2 200 csp-report
q.stripe.com/ Frame 3C73 0
349 B 928ms
589ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 414
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1058495060&t=timing&_s=2&dl=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus&ul=en-us&de=UTF-8&dt=Permission%20Click&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2767&pdt=1&dns=20&rrt=0&srt=324&tcp=256&dit=1848&clt=1848&_gst=1253&_gbt=1299&_cst=1167&_cbt=1245&_u=YGBAgEABAAAAAE~&jid=&gjid=&cid=1965980804.1638910670&tid=UA-120072262-4&_gid=1616113063.1638910670&gtm=2wgc10PFL7XKL&z=530563427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 494
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3C73 1 KB
1 KB 9ms
9ms Script
application/javascript 13.35.253.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-5.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 41
x-cache: Hit from cloudfront
date: Tue, 07 Dec 2021 20:57:27 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Cloudfront
etag: W/"5213886b88cd72e6d0aebc89868e5d13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: Hr__5JWbpYtX00IX7ZEVIgWxvK5gbD-kRPgPd2hbN2rwiILa_FFPkQ==

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 217ms
16ms Preflight 13.69.106.208
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://permission.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 20:57:52 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 727ms
727ms XHR
application/json 13.69.106.208
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7e3023a4d58210c2652ee76c9f6fd279a4cc49ba63c9792252e3d8fb8e832b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://permission.click/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 70809D04-527E-4D85-85EA-A00BEBC4326D
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 20:57:52 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E832 932 B
2 KB 49ms
9ms Document
text/html 2600:9000:2057:9000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Tue, 07 Dec 2021 20:55:45 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 1EGXuOQ3-rFmtvlQ4Lvlh_WzdcSBn3ws9RorbVPW3wzHVQJBxthxNg==
age: 129

POST
H2 200 csp-report
q.stripe.com/ Frame E832 0
122 B 888ms
625ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
x-envoy-upstream-service-time: 458
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame E832 0
121 B 852ms
590ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: permission.click
URL: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
x-envoy-upstream-service-time: 421
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame E832 85 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:2057:9000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 118
x-cache: Hit from cloudfront
date: Tue, 07 Dec 2021 20:55:54 GMT
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: hXxQLaDOEns9G_mahVh7Npv4FEjaInzH63IUYeiiJ0pBhTTj4iF6Wg==

POST
H2 200 6 Show response
m.stripe.com/ Frame E832 156 B
522 B 528ms
184ms XHR
application/json 34.212.123.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.212.123.39 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-212-123-39.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

56f04a52e8cec2b2d0d7503802a71bd9bb75bceb0b262e09207992e6a519ec33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.178/ Frame C00C 292 KB
92 KB 79ms
60ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.178/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

045dd0541404dc8d6646f10246a6783753969d6f315cf9b35c282cd91f368bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1664609
x-amz-server-side-encryption: AES256
cf-ray: 6ba0ab34cce5701b-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 21 Oct 2021 14:21:26 GMT
server: cloudflare
etag: W/"d799fa9e88a0f0a3078be08bdeeb93d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wHyx7dRlAjDa6%2FniCnwowa0DDS6WSrBpYqqQxygCG3RPJF%2F5dcjf8EdxKQLDb%2BLC93CuC7viojx9e2DlJq6zUnGdo28ieLmb7dCfwag8zAQdGKHCqJ4fOWM2VomDcRBU2oxunksSvaK7xw%2BdUASMZ%2BXxaQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NBABkiYWCGZdvHAdnH6dEuO0DbFLq32F
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: hm266eQmyxvvQ65ecnXjbvcBbyU4Dg-p3RkvMSJ2PacNJW5fOvsKJw==
expires: Wed, 07 Dec 2022 20:57:52 GMT

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.8305/bundles/ Frame C00C 18 KB
8 KB 64ms
46ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.8305/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190753d716235e0e5cf75cb640085e1dd503074f67626d03499fb5a2fb2ce24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 472136
x-amz-server-side-encryption: AES256
cf-ray: 6ba0ab34ccf2701b-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Nov 2021 00:37:32 GMT
server: cloudflare
etag: W/"970ea5efbccf12a7de2539a6ce067ef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BE%2B2BKHwdareWQ02752nrGCAGTud36DYCOKs4a5Q%2B%2B4LXKfElx3Zjv9FBGWfRHOkgeTflF37xwqAKx3DdRq3tducK1T4jjU345rrGnmi%2FmcpIVQXRWB4f8kzIabeIzGIwPbUB0vcbnfjDayavqsNDghE5g%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: v43l7b69I0HfQiBs_5rumGqK1FHx8hbR
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: vWveO9EfMAZZD8Bm-1YoaTyZUX2ymVxN2PvGspCRW53PI2h22M4isQ==
expires: Wed, 07 Dec 2022 20:57:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-796250685

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d11b858196244e2d1606205afa8f7130f167b6402300970bc44ae73ff08e4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39587
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 20:57:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-796250685&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFL7XKL&gtm_auth=ADAC9ZMbCABMsSTzSxd5bw&gtm_preview=env-25&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97840a03d632f725777fd03ce720e283a1e74f823c3e8e17304d909e09e02f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39596
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 20:57:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 1/g/yHlKBGgCJO43s1nCC7uCidTweFX6Wi2kRaUdBQ75l+l8RZ+oviql2XnNG3MtRg2JSzQFlKnJ7ORI+JdqAg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 07 Dec 2021 20:57:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
api.hubspot.com/cors-preflight-iframe/ Frame 5A3B 171 B
1 KB 59ms
44ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cors-preflight-iframe/

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
content-type: text/html; charset=utf-8
cf-ray: 6ba0ab355b876951-FRA
age: 109164
cache-control: public, max-age=31536000
etag: W/"e0a6d24f4774b193114cde59bad7a9b7"
expires: Wed, 07 Dec 2022 20:57:52 GMT
last-modified: Mon, 06 Dec 2021 02:38:19 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 3d65275b81abaf880be10de6f2c71e9b.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: NP-Vi3gnXhE1MYQDbOyB6y_srziWZFVcXUvt27R5twqXZXgY4D1uSQ==
x-amz-cf-pop: IAD89-P1
x-amz-meta-ao: {}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: TN.NbVnDJFjudAJ_ZmWb3asrIJ4SSTHP
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-hs-target-asset: cors-preflight-iframe/static-1.69/html/iframe.html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBVsk%2FO6uYpVV8r82QrLT2THwj6j5tqeFhqgQzLaap7%2BXostASyoKUNjTn5hKnZ8%2FVv4zotRxlOpVR5XV3PCCeRu2FRZqly%2BoodYCAfec6uCLAVHHr63Vzfd%2BsT1JvQNLFI4Rkn6BgWe2LgS6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame C00C 36 B
895 B 165ms
137ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=2443279&utk=3047d61dc4f04bb5d57cc2aea79427c1&bundleVersion=1.8305&pageUrl=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus%23%2Fsignee

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.8305/bundles/fetcher.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-HS-Referer: https://permission.click/response/6645e563-f8c3-4d92-973d-bb351010bf18/us#/signee

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: faf6a384-8c46-4438-923b-e22d936e8437
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36
server: cloudflare
x-trace: 2B062EA43BABBDFEF461722127AB041867B8BB1984000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGeIyFSAZcoRYCIJ9sBwrM0rX5YzOP5baGO9HljUm9fM9Pxaj7SMGnosAN3SqvrF%2F21wc9QUcbizCUDZ%2B6a669Pf47cG146MDIdt5QBNEzQWrR5Vo6Z1%2B4Jg1c%2BxptBLZ0NLJ3S11nqzUA04IJQ8P2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6ba0ab366b0edfe7-FRA
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 148ms
139ms Preflight
text/plain 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hs-referer
Origin: https://app.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2B123C842E188CF9B50B61B4AF95AFAFD05C741CEF000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
x-hubspot-correlation-id: 97a4bcac-8c62-4bf8-b1ea-f68f8c130ba9
access-control-allow-credentials: true
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Cmgiei9a%2FSUxpbyT290kPN72nKQZSzuih0FktEpSq5TemNW4%2F8WFxjJQ78cyVBskUj3d7aXTwwSj3x6%2Ffp26IAoEv4w3NtYXTOvGMxgs1wx9Z9QZijbBZw3k2IQlEwBCkXkMufQuwnVx3c%2BqjRIOdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6ba0ab355bf85364-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 98ms
74ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-796250685&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 20:57:52 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: 9gtFzuJvfyyDQr/1AoWydszHN/hPnj1jU1WaYnY9FvH0C9ahyJZbFBeBWLE7Or29mZnms9VRpG+Lt2awE8zdhA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 20:57:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 356682595141263 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 134ms
125ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/356682595141263?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cf0c76b9a944494b565105805ca1179bda8f3e8622ec38c29f78b87b311c296

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6SHOAtK8tjosHIcoSN2bV8x+Vi/dxlkvkAftCBoiN/mXfh2jgggDzRdlKf6BydBuijVD60hErr5dc6vuaESeFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 20:57:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/796250685/ 2 KB
2 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796250685/?random=1638910672328&cv=9&fst=1638910672328&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus&tiba=Permission%20Click&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

053cd2f6fc0180e3fdfa11392c2ba8b89c25288cd3f5163ec650ee1af0369ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/796250685/ 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/796250685/?random=1638910672328&cv=9&fst=1638907200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus&tiba=Permission%20Click&async=1&fmt=3&is_vtc=1&random=1908602060&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/796250685/ 42 B
64 B 41ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/796250685/?random=1638910672328&cv=9&fst=1638907200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus&tiba=Permission%20Click&async=1&fmt=3&is_vtc=1&random=1908602060&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 20:57:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=356682595141263&ev=PageView&dl=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus%23%2Fsignee&rl=&if=false&ts=1638910672578&sw=1600&sh=1200&ud[external_id]=3047d61dc4f04bb5d57cc2aea79427c1&v=2.9.48&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1638910672577.75583802&it=1638910672235&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 20:57:52 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=356682595141263&ev=Microdata&dl=https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus%23%2Fsignee&rl=&if=false&ts=1638910673081&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Permission%20Click%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fpermission.click%2Fresponse%2F6645e563-f8c3-4d92-973d-bb351010bf18%2Fus%22%2C%22og%3Atitle%22%3A%22Permission%20Click%22%2C%22og%3Adescription%22%3A%22This%20form%20is%20powered%20by%20Permission%20Click.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpermission.click%2FImages%2Flogo%2Fpc-social.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fpermission.click%2FImages%2Flogo%2Fpc-social.png%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%221200%22%2C%22og%3Aimage%3Aalt%22%3A%22Permission%20Click%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=3047d61dc4f04bb5d57cc2aea79427c1&v=2.9.48&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1638910672577.75583802&it=1638910672235&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://permission.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:57:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 07 Dec 2021 20:57:53 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
permission.click/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: Pm013tZgow21rGPGYK3o3sEnkz13OldXG3iqV4xz9Ldth1K6_K7VtMsTPO6TRfaSw18d9N8i7PNy607Hdt9HDpqdNb2eUb24q0uti54C8pk1
permission.click/	1970-01-20 08:00:46	Name: ai_user Value: 540ql\|2021-12-07T20:57:50.305Z
.permission.click/	1970-01-19 23:16:37	Name: _gid Value: GA1.2.1616113063.1638910670
.permission.click/	1970-01-19 23:15:10	Name: _dc_gtm_UA-120072262-4 Value: 1
.permission.click/	1970-01-20 16:46:22	Name: _ga Value: GA1.1.1965980804.1638910670
permission.click/	1970-01-19 23:15:12	Name: ai_session Value: 0sRkk\|1638910670460.8\|1638910670460.8
permission.click/	1970-01-20 08:36:46	Name: __hstc Value: 28459683.3047d61dc4f04bb5d57cc2aea79427c1.1638910671868.1638910671868.1638910671868.1
permission.click/	1970-01-20 08:36:46	Name: hubspotutk Value: 3047d61dc4f04bb5d57cc2aea79427c1
permission.click/	1969-12-31 23:59:59	Name: __hssrc Value: 1
permission.click/	1970-01-19 23:15:12	Name: __hssc Value: 28459683.1.1638910671868
.permission.click/	1970-01-20 16:46:22	Name: _ga_V35XNSWVXJ Value: GS1.1.1638910670.1.0.1638910671.59
.hubspot.com/	1970-01-19 23:15:12	Name: __cf_bm Value: j9129ivXYHM20OIIzkHURogshHIyQyd.85AJqzrAnJo-1638910672-0-AZ0kmx0OddK2w3F0yE7C8+OErjm4lpgrpEc6LTdIP6L9D1L5uY8KJzg+rrOSUYK/Iqtoe99KzVV3kXevWikDf/A=
.permission.click/	1970-01-20 01:24:46	Name: _gcl_au Value: 1.1.827348405.1638910672
.doubleclick.net/	1970-01-19 23:15:11	Name: test_cookie Value: CheckForPermission
.permission.click/	1970-01-20 01:24:46	Name: _fbp Value: fb.1.1638910672577.75583802
m.stripe.com/	1970-01-20 16:46:22	Name: m Value: 7cbb8c2c-1d4b-44e4-851c-aec38c28cb6a1a6eb4
.permission.click/	1970-01-20 08:00:46	Name: __stripe_mid Value: f707f666-5224-4819-bd99-650a10256a3319e181
.permission.click/	1970-01-19 23:15:12	Name: __stripe_sid Value: 70fb1fd4-bb3e-43fc-b32f-db82338d2e6514ec7e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
app.permissionclick.com
az416426.vo.msecnd.net
connect.facebook.net
dc.services.visualstudio.com
feedback.hubapi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspotfeedback.com
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
permission.click
pro.fontawesome.com
q.stripe.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
transloadit.edgly.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
13.35.253.5
13.69.106.208
13.89.172.13
13.89.172.18
142.250.185.194
2600:9000:2057:9000:19:7d10:bd80:93a1
2600:9000:211e:7000:19:b855:600:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6811:44b0
2606:4700::6811:70b0
2606:4700::6811:71a2
2606:4700::6811:7d2
2606:4700::6811:cccc
2606:4700::6811:d2cc
2606:4700::6811:eccc
2606:4700::6812:14bf
2606:4700::6812:1634
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.212.123.39
54.187.159.182
045dd0541404dc8d6646f10246a6783753969d6f315cf9b35c282cd91f368bb0
053cd2f6fc0180e3fdfa11392c2ba8b89c25288cd3f5163ec650ee1af0369ca8
0b7d3bc64184cd7a714626b354a38ecc31b62004384064553ae686c1c6ecbb71
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f9e31830ac670122bfc3d57f228297c60e2f7f43912d04e1b772c2465f3f04
190753d716235e0e5cf75cb640085e1dd503074f67626d03499fb5a2fb2ce24e
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1b02538b2e2e62e09091ec44fa5efb2ad647ac0c001bd8e53d9a053e5a460d7b
1d11b858196244e2d1606205afa8f7130f167b6402300970bc44ae73ff08e4e0
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
323b3fe51dddc362035d637e4aa9b8bd1573fe99f83a5ed7b0e353468e43dc7b
356c31decb92225a558511537658e519377b141bec7d22d50700563260fe7b52
4cf0c76b9a944494b565105805ca1179bda8f3e8622ec38c29f78b87b311c296
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5621411f20174db283d1bce647c560489e6d73272ff9344dd43932a3b0c5d3f7
56f04a52e8cec2b2d0d7503802a71bd9bb75bceb0b262e09207992e6a519ec33
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63c6ed8b37dd0f719d4dd5858f9174982aeb1a97211de40934d48ceb5a9acd2d
67954ace899be2a111f0644e7f89e7db138149a86cd967610ade2e2e3fc09295
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
711cac9df73b0d571d7db009f18b630dc0d31f340673be88016afbab98107a71
7355f53db9e962876b1385c0e5bd11c1878a51ef10be5e4daeae18877feba658
75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f
768e9f571558630520b67b0e5cbd1906edbbe0d47a4b8270bbbf1147da30c1a2
792619b497417ba1a9084575b46ee9eddc475b4c22bd47ada21bacf05eb0334a
7f9519281ffcfb287932893c330d9cde14bf07bc41cb71cf7ee8b92a41425935
830fcab93c12b9ad2a820fed85e456077ed189a100a59b3080fd807d844eeef2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
897d0c6ba882018b0df6fa151be32e1e25696ee57a4d31092ce1fc963fce8ee9
8b967938a5792fd7d88d6d18fd5ce3d85b1be4757a0616d1aaf0a8b872ef4d28
908032af5b1d5588493f9396643e1cc3362055ff70ea1d043ba22445b75ab446
91a9d7a29fe8f1823c99e7ba6a8e872a0851cb04908948ac07aa576fa1d1b169
9303f7b70ea30abeebc819868e04484281315f527081ae792b55474d0c0e3824
97840a03d632f725777fd03ce720e283a1e74f823c3e8e17304d909e09e02f06
9ee0fdb97412e4f3d5edfc5fc728e374011f8b3741279fa1871e311c8b12e720
9f0fab72c8a1fea1df1d6c5d128115031a8c44ccbc7f37e314acee6acb98779b
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a7e3023a4d58210c2652ee76c9f6fd279a4cc49ba63c9792252e3d8fb8e832b6
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b79e88c50148be1a719a7ad829bceae5ab9b94f2e72ac0c72648b4bb368cdcd0
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c46cab52f7885fd1e8813ce0c866ed6618d3273fe2b0edb9cf2ceb591f8265a6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cda36c3bc6dc8015acc8edb9b702dcd1d5cc47501b07dcaa8542e72d7dd35154
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb36695b7145bcd2d27c15014df1c887b44dedd005a787193049d359b0a49729
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01b7fd2855eebe5c550a1c717ad72cde1d028212d2bc6d71c5a547621c6500c
f0c9931beb8aeb26ef55cf1517481fe99817d38cb208cee25a9f665a0990aeaa
f40bc366b5c1f7fff3de7d5f9b7929bad7d50daf869d255680951d987c213582
f49095d3ae0cb027502278e6e498babbc744aab0d4dc5ef8649c09add8501bd8
fb94f4d09b44dc23124312c1ace6c32b00c962f025fce5fc1c3f5b5123dcace3
fee220ecac6b954755c3e109de1d5e52fa6d20d98ad96d34f7dbcb0ad4befa4c

permission.click Open in urlscan Pro 13.89.172.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

76 Requests

100 %HTTPS

80 %IPv6

27 Domains

38 Subdomains

35 IPs

4 Countries

2687 kBTransfer

9140 kBSize

18 Cookies

3 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

permission.click Open in urlscan Pro
13.89.172.18 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

80 %
IPv6

27
Domains

38
Subdomains

35
IPs

4
Countries

2687 kB
Transfer

9140 kB
Size

18
Cookies

76 HTTP transactions
0 data transactions