www2.leicabiosystems.com Open in urlscan Pro
52.21.178.134 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Submission: On December 16 via manual (December 16th 2021, 3:02:41 pm UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 19 domains to perform 113 HTTP transactions. The main IP is 52.21.178.134, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www2.leicabiosystems.com.
TLS certificate: Issued by R3 on October 22nd 2021. Valid for: 3 months.

This is the only time www2.leicabiosystems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	13.52.45.25 13.52.45.25	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
42	143.204.98.91 143.204.98.91	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	158.255.109.19 158.255.109.19	8218 (NEO-ASN l...) (NEO-ASN legacy Neotelecoms)
10	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	143.204.98.50 143.204.98.50	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.83 143.204.98.83	16509 (AMAZON-02) (AMAZON-02)
1	99.81.19.154 99.81.19.154	16509 (AMAZON-02) (AMAZON-02)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.45 143.204.98.45	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	35.194.81.74 35.194.81.74	15169 (GOOGLE) (GOOGLE)
113	28

3 52.21.178.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-2-ue1.aws.pardot.com

www2.leicabiosystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.52.45.25 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-45-25.us-west-1.compute.amazonaws.com

www.leicabiosystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 143.204.98.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-91.fra50.r.cloudfront.net

surveys.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.255.109.19 (Orléans, France)

ASN8218 (NEO-ASN legacy Neotelecoms, FR)

track.accountinsight.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-83.fra50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.19.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-19-154.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.81.74 (Washington, United States)

ASN15169 (GOOGLE, US)
PTR: 74.81.194.35.bc.googleusercontent.com

r3.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	hotjar.com surveys.hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	193 KB
11	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com r3.visualwebsiteoptimizer.com	113 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	28 KB
6	google-analytics.com www.google-analytics.com	58 KB
5	google.de www.google.de	801 B
5	google.com www.google.com	801 B
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
5	leicabiosystems.com www2.leicabiosystems.com www.leicabiosystems.com	383 KB
4	gstatic.com fonts.gstatic.com	62 KB
3	googletagmanager.com www.googletagmanager.com	207 KB
2	pardot.com pi.pardot.com	3 KB
2	linkedin.com 1 redirects px.ads.linkedin.com px4.ads.linkedin.com	1 KB
2	bing.com bat.bing.com	11 KB
2	googleadservices.com www.googleadservices.com	29 KB
1	sentry.io sentry.io	408 B
1	accountinsight.cloud track.accountinsight.cloud	259 B
1	licdn.com snap.licdn.com	2 KB
1	jquery.com code.jquery.com	79 KB
1	googleapis.com fonts.googleapis.com	1 KB
113	19

	Domain	Requested by
42	surveys.hotjar.com	www2.leicabiosystems.com surveys.hotjar.com
10	dev.visualwebsiteoptimizer.com	www2.leicabiosystems.com dev.visualwebsiteoptimizer.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www2.leicabiosystems.com
5	www.google.de	www2.leicabiosystems.com surveys.hotjar.com
5	www.google.com	www2.leicabiosystems.com surveys.hotjar.com
4	fonts.gstatic.com	fonts.googleapis.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	www.leicabiosystems.com	www2.leicabiosystems.com www.leicabiosystems.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	www.googletagmanager.com	www2.leicabiosystems.com surveys.hotjar.com www.googletagmanager.com
2	pi.pardot.com	www2.leicabiosystems.com pi.pardot.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	bat.bing.com	www.googletagmanager.com www2.leicabiosystems.com
2	www.googleadservices.com	www.googletagmanager.com
1	r3.visualwebsiteoptimizer.com	dev.visualwebsiteoptimizer.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	surveys.hotjar.com
1	sentry.io	surveys.hotjar.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	track.accountinsight.cloud	www2.leicabiosystems.com
1	px4.ads.linkedin.com	www2.leicabiosystems.com
1	px.ads.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	code.jquery.com	www2.leicabiosystems.com
1	fonts.googleapis.com	www2.leicabiosystems.com
1	www2.leicabiosystems.com
113	29

This site contains links to these domains. Also see Links.

Domain
www.leicabiosystems.com

Subject Issuer	Validity	Valid
www2.leicabiosystems.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
leicabiosystems.com DigiCert SHA2 Secure Server CA	`2020-01-31` - `2022-02-17`	2 years	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.accountinsight.cloud Sectigo RSA Domain Validation Secure Server CA	`2020-06-09` - `2022-06-25`	2 years	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Frame ID: BF93F62997EA59377F181FBC04B78E06
Requests: 61 HTTP requests in this frame

Frame: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
Frame ID: 5B89CC8CA4EB02A2D03787FA99311D8A
Requests: 51 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 47DC14EDF95EEC9F3A5A5C5965A30E14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Are you sure you want to unsubscribe?

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

113
Requests

95 %
HTTPS

46 %
IPv6

19
Domains

29
Subdomains

28
IPs

6
Countries

1177 kB
Transfer

2877 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leicabiosystems.com/

Search URL Search Domain Scan URL

URL: https://www.leicabiosystems.com/about/legal-notice/?_ga=2.149667455.857934586.1527013194-1377342476.1485795981
Title: Legal & Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1821314&time=1639666956008&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1821314&time=1639666956008&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&e_ipv6=AQL4LG_Row30GAAAAX3DxDfyhmxtEimFhRxgwmikslCOCIP8ofQyiMrFSNFbNj9sVjuKvZeo

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0 200
OK Primary Request 620756813 Show response
www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/ 7 KB
4 KB 466ms
152ms Document
text/html 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 39ea840537bdcbb7073145204502b13af4baee504b4f9b869a2abe104ac42606

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 16 Dec 2021 15:02:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pardot-Rsp: 16/55/129
X-Robots-Tag: nofollow, noindex
Referrer-Policy: no-referrer
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3037
Content-Type: text/html; charset=utf-8
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
Server: PardotServer
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,400i,900,900i

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6bcf46730e1da1fc91a30617071b75b340dafd3d99ee4ce3d689164ac1b3a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 15:02:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 15:02:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 15:02:34 GMT

GET
H/1.1 200
OK basicstylev3.css
www.leicabiosystems.com/fileadmin/templates/responsive/css/pardot-landingpages/ 7 KB
3 KB 615ms
155ms Stylesheet
text/css 13.52.45.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leicabiosystems.com/fileadmin/templates/responsive/css/pardot-landingpages/basicstylev3.css

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.52.45.25 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-52-45-25.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4f54ce2328a5a125fd9cd528164fd4158e5fe9e1d6f7c16ff52cbd7d6f284465

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.mediatis.de https://.leicabiosystems.com https://*.cloudfront.net https://punchoutcommerce.com;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://punchoutcommerce.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 15:02:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Host,Accept-Encoding
Content-Length: 1970
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 17 Jul 2019 14:54:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://punchoutcommerce.com
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: text/css
Cache-Control: max-age=31536000, public
Content-Security-Policy: frame-ancestors 'self' https://*.mediatis.de https://*.leicabiosystems.com https://*.cloudfront.net https://punchoutcommerce.com;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Fri, 16 Dec 2022 15:02:35 GMT

GET
H/1.0 404
Not Found respond.js
www.leicabiosystems.com/fileadmin/templates/responsive/pardot-landingpages/js/ 0
0 1707ms
1246ms Script
text/html 13.52.45.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leicabiosystems.com/fileadmin/templates/responsive/pardot-landingpages/js/respond.js
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.52.45.25 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-52-45-25.us-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK lbs_logo.svg
www.leicabiosystems.com/fileadmin/templates/responsive/img/pardot-landingpages/ 13 KB
6 KB 153ms
153ms Image
image/svg+xml 13.52.45.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.leicabiosystems.com/fileadmin/templates/responsive/img/pardot-landingpages/lbs_logo.svg

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.52.45.25 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-52-45-25.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

3917b35fc286bc06854b600afcaa20a7695182525b3fe62eef96d40008e17e50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.mediatis.de https://.leicabiosystems.com https://*.cloudfront.net https://punchoutcommerce.com;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://punchoutcommerce.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 15:02:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Host,Accept-Encoding
Content-Length: 5321
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 22 May 2018 17:02:08 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://punchoutcommerce.com
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000, public
Content-Security-Policy: frame-ancestors 'self' https://*.mediatis.de https://*.leicabiosystems.com https://*.cloudfront.net https://punchoutcommerce.com;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 14 Jun 2022 15:02:35 GMT

GET
H2 200 jquery-1.10.2.js Show response
code.jquery.com/ 267 KB
79 KB 104ms
41ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.js
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-42b2f"
vary: Accept-Encoding
x-hw: 1639666955.dop211.am5.t,1639666955.cds003.am5.hn,1639666955.cds210.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 80743

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 464 KB
115 KB 134ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5TBNXD

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

845b3f90de92cb9744f0ff762bb6c114b8a53f2df936fbfbcaf6ef04c1929df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117400
x-xss-protection: 0
expires: Thu, 16 Dec 2021 15:02:35 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 153ms
68ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TBNXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 15:02:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 51ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TBNXD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16E78A7B965645E3A230E07ECEAF2E84 Ref B: FRAEDGE1314 Ref C: 2021-12-16T15:02:35Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 4915.js Show response
script.crazyegg.com/pages/scripts/0060/ 5 KB
2 KB 54ms
33ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0060/4915.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TBNXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1627594e6830f32ce34458e052d5f3caa172fc6b8096c38cc86301764b11515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 115256
cf-polished: origSize=4899
cf-ray: 6be8cb2aaeb7dfcb-FRA
ce-version: 11.1.376
last-modified: Wed, 15 Dec 2021 07:01:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 30ms
9ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TBNXD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 15:02:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=47688
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/988790820/ 2 KB
2 KB 140ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988790820/?random=1639666955867&cv=9&fst=1639666955867&num=1&label=8_FUCJrukl0QpIC_1wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f6530863b8bbedfc6240d72e711ee45186a5d5be9cbd9f1fd436663a3a466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4915.json Show response
script.crazyegg.com/pages/data-scripts/0060/ 5 KB
2 KB 34ms
17ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0060/4915.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0060/4915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864ee8b819fd001e9190dc7b1b848764fbd0d387f46a69e6668225fee18a8493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 115257
ce-version: 11.1.376
content-length: 1739
timing-allow-origin: *
last-modified: Wed, 15 Dec 2021 07:01:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6be8cb2afabd3258-FRA

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1821314&time=1639666956008&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1821314&time=1639666956008&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F62...

0
155 B

406ms
135ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1821314&time=1639666956008&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&e_ipv6=AQL4LG_Row30GAAAAX3DxDfyhmxtEimFhRxgwmikslCOCIP8ofQyiMrFSNFbNj9sVjuKvZeo
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: IfCw5mhEwRawtQqB/CoAAA==

Redirect headers

date: Thu, 16 Dec 2021 15:02:36 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 37CE632DB9C241CEB0C19CA07BE435D5 Ref B: VIEEDGE2617 Ref C: 2021-12-16T15:02:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1821314&time=1639666956008&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&e_ipv6=AQL4LG_Row30GAAAAX3DxDfyhmxtEimFhRxgwmikslCOCIP8ofQyiMrFSNFbNj9sVjuKvZeo
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTRLZ6Ts1Jx/shYjRcig==

GET
H2 200 11.1.376.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 71 KB
23 KB 28ms
26ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0060/4915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 14:25:17 GMT
server: cloudflare
age: 526531
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6be8cb2c6988dfcb-FRA
content-length: 23366

GET
H2 200 /
www.google.com/pagead/1p-user-list/988790820/ 42 B
548 B 156ms
58ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/988790820/?random=1639666955867&cv=9&fst=1639666800000&num=1&label=8_FUCJrukl0QpIC_1wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&async=1&fmt=3&is_vtc=1&random=4142426030&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/988790820/ 42 B
548 B 157ms
55ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/988790820/?random=1639666955867&cv=9&fst=1639666800000&num=1&label=8_FUCJrukl0QpIC_1wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&async=1&fmt=3&is_vtc=1&random=4142426030&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f49f243c-300d-4700-b18e-be7c2c62390d Show response
surveys.hotjar.com/ Frame 5B89 5 KB
2 KB 157ms
103ms Document
text/html 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

b0d39892c60cba355b0bea2dc90d05fee662b9ed85f77b4bdb13ad325a0b8070

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
content-length: 1709
date: Thu, 16 Dec 2021 15:02:36 GMT
accept-ranges: bytes
cache-control: max-age=60
content-encoding: gzip
etag: "4985cde85d8d88e584bb257a5dbdc6b1"
last-modified: Thu, 16 Dec 2021 14:26:38 GMT
x-robots-tag: none
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LK5GAr3yX_lxgTBWJOXJqXxUVM5apmCZFXHix3gI9OQ96p6F9tPijg==

GET
H/1.1 200
OK waves.png
www.leicabiosystems.com/fileadmin/templates/responsive/img/pardot-landingpages/ 370 KB
371 KB 155ms
155ms Image
image/png 13.52.45.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.leicabiosystems.com/fileadmin/templates/responsive/img/pardot-landingpages/waves.png

Requested by

Host: www.leicabiosystems.com
URL: https://www.leicabiosystems.com/fileadmin/templates/responsive/css/pardot-landingpages/basicstylev3.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.52.45.25 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-52-45-25.us-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

404012c5fd47ab5c05558bae557bd29700f39fc65a1796fe084690c4eee2406a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.mediatis.de https://.leicabiosystems.com https://*.cloudfront.net https://punchoutcommerce.com;
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://punchoutcommerce.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.leicabiosystems.com/fileadmin/templates/responsive/css/pardot-landingpages/basicstylev3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 15:02:36 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Host
Content-Length: 379302
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 22 May 2018 17:02:09 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://punchoutcommerce.com
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Type: image/png
Cache-Control: max-age=15552000, public
Content-Security-Policy: frame-ancestors 'self' https://*.mediatis.de https://*.leicabiosystems.com https://*.cloudfront.net https://punchoutcommerce.com;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Tue, 14 Jun 2022 15:02:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 145ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,400i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www2.leicabiosystems.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 523368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:39:48 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 189ms
104ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,400i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www2.leicabiosystems.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 04:33:52 GMT
x-content-type-options: nosniff
age: 556124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15604
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 04:33:52 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 136ms
55ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,400i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www2.leicabiosystems.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 248835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 17:55:21 GMT

GET jquery.cookie.min.js
www.leicabiosystems.com/fileadmin/templates/responsive/js/ 0
0

GET salesforce-form.js
www.leicabiosystems.com/fileadmin/templates/responsive/js/pardot-landingpages/ 0
0

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 155ms
93ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,400i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www2.leicabiosystems.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 524685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:17:51 GMT

GET
H2 204 0
bat.bing.com/action/ 0
173 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=undefined&tm=gtm002&Ver=2&mid=a2be628d-ee6c-471f-b787-28bb00d227ee&sid=34489b905e8111ecb57a27c4c76c8b82&vid=344ab2e05e8111eca3fd33cbd8d32112&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Are%20you%20sure%20you%20want%20to%20unsubscribe%3F&kw=KEYWORDS&p=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&r=&lt=2230&evt=pageLoad&msclkid=N&sv=1&rn=465282
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F35C53DA5174A90A2E0BDF5353C1CC3 Ref B: FRAEDGE1314 Ref C: 2021-12-16T15:02:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TBNXD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5262
date: Thu, 16 Dec 2021 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Dec 2021 15:34:54 GMT

GET
H/1.1 200
OK 97 Show response
track.accountinsight.cloud/track/ 2 B
259 B 238ms
100ms Script
application/json 158.255.109.19
NEO-ASN legacy Ne...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.accountinsight.cloud/track/97
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 158.255.109.19 Orléans, France, ASN8218 (NEO-ASN legacy Neotelecoms, FR),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 15:02:36 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
Content-Length: 2
Expires: -1

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
3 KB 80ms
20ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=280751&u=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&f=1&r=0.5026507841665862
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 77e96bf15c6e1c0f8cf518a3a12d734aab9c01c91bb1906ae8525d957c83e36c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 15:02:36 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 4915.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0060/ 170 B
248 B 33ms
28ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0060/4915.json?t=455463
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f05ca62fdccefe681b4a16b4592b7f29effad06cd917d9a8c3751102261b1ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 98170
ce-version: 11.1.376
content-length: 154
timing-allow-origin: *
last-modified: Wed, 15 Dec 2021 11:46:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6be8cb2cfdfb3258-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
419 B 48ms
14ms XHR
binary/octet-stream 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 5646061
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: 4oyhL8AszbRdDnaBzTPFsXBeWGiIbG_Yo6I0JtCBAQL3V8e1oHfVqQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 47ms
14ms XHR
binary/octet-stream 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 5646061
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: NckOQQIWAeAkeL-_fvjpkLscAdMDgePW_dP779bWOxQoUC-Tx5Aeow==

GET
BLOB 200
OK 524b90c2-82ae-43e7-908e-da7cf3fc8604
https://www2.leicabiosystems.com/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www2.leicabiosystems.com/524b90c2-82ae-43e7-908e-da7cf3fc8604
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H3 200 va-652056e03ddf7788e78300128e9ddb25.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 219 KB
62 KB 73ms
47ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-652056e03ddf7788e78300128e9ddb25.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=280751&u=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&f=1&r=0.5026507841665862
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 18af039f894d051e8a245f8b1bc5945604d1950fac42f30d53d8c1ddefff63b2

Request headers

Referer
Origin: https://www2.leicabiosystems.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
content-encoding: br
last-modified: Thu, 16 Dec 2021 11:27:18 GMT
server: gams1
etag: "61bb2296-f93f"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63807
via: 1.1 google

GET
H3 200 track-652056e03ddf7788e78300128e9ddb25.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 71ms
46ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-652056e03ddf7788e78300128e9ddb25.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=280751&u=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&f=1&r=0.5026507841665862
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: daa301d38a20753a0b63d9b8114a0e0869120179a69b266621d2aa331e54836f

Request headers

Referer
Origin: https://www2.leicabiosystems.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: br
last-modified: Thu, 16 Dec 2021 11:27:18 GMT
server: gams1
etag: "61bb2296-e5d"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3677
via: 1.1 google

GET
H3 200 opa-5ad3a568fb608b1d8d6d9257ee8062c4.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 102 KB
26 KB 91ms
66ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-5ad3a568fb608b1d8d6d9257ee8062c4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=280751&u=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&f=1&r=0.5026507841665862
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 8e0a061a5896c84124c77856f4afa83cf8328e0698e84f4fa5f03a78f4192b80

Request headers

Referer
Origin: https://www2.leicabiosystems.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: br
last-modified: Thu, 16 Dec 2021 11:27:13 GMT
server: gams1
etag: "61bb2291-699e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27038
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 165ms
155ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=280751&d=www2.leicabiosystems.com&u=D080F32C449FFDE7E95181BC246C6C2D8&h=fd51090af417a8fc826dc8da46ea2eff&t=false&r=0.14083284831860898

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 7285.hash-fe9175.js Show response
surveys.hotjar.com/static/ Frame 5B89 7 KB
3 KB 17ms
6ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/7285.hash-fe9175.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

465b96014077484dd88b801e15279d1904e08c4f611b68b7f5f79288bffd8ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "771d65e4d1b5c941af7b90b04827cc78"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dcZKZT5EVihciPB-Ec9CeTXCTFpwgBYCtYpIKv_xn20s2f4KJPDbQw==

GET
H2 200 923.hash-7351d6.js Show response
surveys.hotjar.com/static/ Frame 5B89 3 KB
2 KB 33ms
23ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/923.hash-7351d6.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

93b914e9fe111b94a1a836ff02be15ad25cc3d4c59ba5ff8d20c5c3ee75fc837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1593
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:16 GMT
etag: "00a34a17b1a462a4ef3cd6bc83a1dfc3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 8N0u8wRxy1cZUbGLE2LMe-vM--3lFySl1YOqWplCZ18otq_-tfgOHg==

GET
H2 200 5661.hash-d01ab7.js Show response
surveys.hotjar.com/static/ Frame 5B89 328 B
774 B 28ms
18ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/5661.hash-d01ab7.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

09547487bf818224b4f4602dc88332f926e9d20a342604bb1377326f93a81772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:24 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154992
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 328
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "7a302286df9243fbce1378f0d0f14afd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ldIq-ul9uBZPCBtjNBg-g7anC8071iQExHvlrQLG0sqHsL4QCkPBSg==

GET
H2 200 902.hash-3678d1.js Show response
surveys.hotjar.com/static/ Frame 5B89 172 B
619 B 28ms
19ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/902.hash-3678d1.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

0aea72a3ba8bbd42b24e52848751241e4aa1e4c6cadc87ed1d66f31b30d4d2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 172
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "818c5afcf340a7619c780d7c51942292"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: qhuzEMZx1yvp5dIt-RkU_eCa0zmRK3u6FSE9jwUOSi7v-olAhta66w==

GET
H2 200 891.hash-17a3ea.js Show response
surveys.hotjar.com/static/ Frame 5B89 582 B
1 KB 30ms
20ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/891.hash-17a3ea.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

1eb69f138d6240e213531cd3b9c9c2b62b25a9521ae217bbbe11760bce05f040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 582
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "7f8b8baafbbb24623b9637690e7022f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: y0nQ8gwIA_vo2ZZHxJPXLUYGnyuA7n2ZYfdVHRtB7IqJeHI8y4a_Xg==

GET
H2 200 7079.hash-95cadb.js Show response
surveys.hotjar.com/static/ Frame 5B89 240 B
687 B 31ms
21ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/7079.hash-95cadb.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

b586a1b7bd8a43f1e5cced65c695ba132e2f7183f2225117c36708819edf8596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 240
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "8070b7444c7001ec915207af7c42ff2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: DJAjNCUwwT-GMUU3fQqxH9P5LzyR0SDM9tPj1cP-0TeP2SnAduWs3A==

GET
H2 200 9704.hash-f1f606.js Show response
surveys.hotjar.com/static/ Frame 5B89 196 B
643 B 30ms
20ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/9704.hash-f1f606.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

ca72b671b50402155f5b6af76ef80af6c92c325617c0be5b9c9ba291af65ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 196
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:16 GMT
etag: "92c646875e0850f921ec4de49090edd5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -c1cVaEwCPkqOVkAT06mcnYGyKYVPBakRwrAjF8tKHfObdoYJohLYw==

GET
H2 200 378.hash-d47f86.js Show response
surveys.hotjar.com/static/ Frame 5B89 335 B
782 B 33ms
24ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/378.hash-d47f86.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

f3bea5a28525d6ccea54cb78cdee04f1556deeeca11c10c6bb4c79bcda212859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:32 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154984
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 335
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "1c4223f9c44d718665a6eac6783cbc25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1kCnAKb_-SW6Iip2UDq3YvhUi89WzF0X2Q2GgdNNMB4OmWnwjepo_w==

GET
H2 200 2558.hash-212c21.js Show response
surveys.hotjar.com/static/ Frame 5B89 56 KB
19 KB 33ms
24ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/2558.hash-212c21.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

b62131b663767dd479584955c9a6f219cbc3df69fa99c1e70205d92471be6c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154992
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "e7f4843d743827349794aa8a39679b22"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bKTO19sKLEOUGfIVpI5fP-gqTgGc6sQVNIGvHxupftCCFBKFSDEuuA==

GET
H2 200 datadog-init.hash-ed3c29.js Show response
surveys.hotjar.com/static/ Frame 5B89 2 KB
1 KB 41ms
33ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/datadog-init.hash-ed3c29.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

c144ac302cd99e90d5b2c17dedc69d0c76515fb7f20dfdcd199c894b6d386aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533849
x-cache: Hit from cloudfront
content-length: 1075
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Dec 2021 10:45:01 GMT
etag: "a85a09166138b8db2b071b58359f76bc"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vWB_xfYG0lMVZy0QWkfpzqMmpUWNi_3VqrjwmJtMDWiJ_IDWniGb3w==

GET
H2 200 3912.hash-39731d.js Show response
surveys.hotjar.com/static/ Frame 5B89 32 KB
12 KB 55ms
46ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/3912.hash-39731d.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

f3a452111885477f47bfbbc103920e674e65c002a2454d7b392e0824642b6114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533849
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Dec 2021 10:44:59 GMT
etag: "9ef63b2ac4e1b545646c24baaf787bf9"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dyEXRYZuKNUKR72wjibT6iaCSJedL__opiUF0z_O6bWhofme-bw1Rg==

GET
H2 200 datadog-browser-logs-init.hash-60c4b3.js Show response
surveys.hotjar.com/static/ Frame 5B89 2 KB
1 KB 55ms
47ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/datadog-browser-logs-init.hash-60c4b3.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

8cc5c9b4ceea13d833162d6bdaf3a5736191274585ebbe191609858fd4197663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533849
x-cache: Hit from cloudfront
content-length: 1032
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Dec 2021 10:45:01 GMT
etag: "621969fd2ca049645ec1093e854edec5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -vMmqeF_iK0wF31EcjwdcKxeHNtfYjEoTgeb5HT8Ysk1FwPbARIvfg==

GET
H2 200 479.hash-a67eaa.js Show response
surveys.hotjar.com/static/ Frame 5B89 237 B
686 B 54ms
46ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/479.hash-a67eaa.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

f3b846c6c7a40e78f8c4dac9378dc11c268243761db4bff96a031176a8ac36be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 237
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "3f9cd88a7fd358f15d1b29085f415386"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vkSvOpqk34nqGZiw3FFIE4I3fpe1qRYSHZbw0zpvnZD-Q_lt-wYirQ==

GET
H2 200 2834.hash-d7e6c4.js Show response
surveys.hotjar.com/static/ Frame 5B89 1 KB
1 KB 54ms
47ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/2834.hash-d7e6c4.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

9d9425c71234c89e483b38b01c0d7fd8bc9aed2661a505461d44be2c5de9e3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 830
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "a0ebea107ce52b9f11c42a5eb2bd4339"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QbKH0V6mdwJ_RrPwtrYVjnOZRZLYR_IvpgImXaHI3x0KEU23kVusag==

GET
H2 200 3496.hash-a8cb96.js Show response
surveys.hotjar.com/static/ Frame 5B89 414 B
864 B 54ms
47ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/3496.hash-a8cb96.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

4846aeb6300daa32ca040f2c58548e37132783803d2f13c72bc0e5a3bda11cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 414
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "d5c5d251df5064bf9b6456fad37c4fff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zHILJvUzoj-05KbkAyNUThXXfvM4QJSMyTSeAlEkENWvQZp5DKNlZQ==

GET
H2 200 5621.hash-e37153.js Show response
surveys.hotjar.com/static/ Frame 5B89 433 B
880 B 54ms
47ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/5621.hash-e37153.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

68cc630104dd97756926be97d661f48d94417f9967ad155105af98517f24e2a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 433
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "8b4a1235b42be72775e95b03c0df7d3c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MTacd1fwNieLFLw5H8Ytzzpdv2kD_xYefG2oErAV7d1G8E_DzI4HFA==

GET
H2 200 9318.hash-f1ba1f.js Show response
surveys.hotjar.com/static/ Frame 5B89 355 B
804 B 54ms
48ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/9318.hash-f1ba1f.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

3869c06e6a76d73be1143f359bc78255118f70792169cf403e69b7cfd322e694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 355
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:16 GMT
etag: "597318e9c4fbf0767dc5c395addffeac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XBHmuKxast949XHrSLV5a2hUhkKqvfV5f9kTk7N6jHu6BKftXxSVQA==

GET
H2 200 8923.hash-f0243f.js Show response
surveys.hotjar.com/static/ Frame 5B89 200 B
647 B 54ms
48ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/8923.hash-f0243f.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

c346aad976bd22b93c5529bcfacc2379fc87895ca1f90564829b6c1b152f9611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 200
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "498ebefb264623bd0fb963934b3b0f6e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: V0ny9fauLaCByptp4p1g31ujk3FEG5Y7rIuAIjY0rTAlNknd9VFKbA==

GET
H2 200 8185.hash-5dd078.js Show response
surveys.hotjar.com/static/ Frame 5B89 7 KB
3 KB 55ms
48ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/8185.hash-5dd078.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

d2740fa6b0a78fccf7658caa0b29c8dc1dc2449b9cf85249b06bed33c7d17c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 09:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104772
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 09:56:20 GMT
etag: "25649b4eb9c425bb18fc5914704ae246"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: BhK9XSX_FFhLMyM0_F8THsUDXvBMbjLXECwUp6ZceuZPuuaTmGoJtw==

GET
H2 200 5219.hash-3e72d9.js Show response
surveys.hotjar.com/static/ Frame 5B89 508 B
956 B 56ms
49ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/5219.hash-3e72d9.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

30d2d075d9b9b052859f125d3ca15955beb2ab8a4c10fee069b299994f575732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 508
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "97b87e653f9fa40aa4c05ac001fff6e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TWWyANpyfCQIY9Z8VK1ByaKmHWz694gnHnnQTP9fwG_X9uh9mHTGMQ==

GET
H2 200 5360.hash-2f79cb.js Show response
surveys.hotjar.com/static/ Frame 5B89 12 KB
5 KB 55ms
49ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/5360.hash-2f79cb.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

1794a610974f9ae3244db01b991be64b6bfc47f5f0b299962458cdcb3107da71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 09:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104772
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 09:56:19 GMT
etag: "e4b66d5bfab7f6b17488adb73c1d7cc6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Eo5QLaUjtpcxHiXf0cMgh3LRGjabHG2MsJofYWt-inKEpJWYfrEC_Q==

GET
H2 200 3460.hash-fa693e.js Show response
surveys.hotjar.com/static/ Frame 5B89 765 B
1 KB 74ms
68ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/3460.hash-fa693e.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

16d297edb2904e0bf643736eab6342312b3b0ae2d73c7115e0dd9ae25f71b21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 765
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "9d6deb7774a50a932bccee1478653853"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XUfXolf83QwWvO80f-Md5Xqixd7TIdatVIRwKNMKZpO_kE8yHWV1lw==

GET
H2 200 129.hash-28bcca.js Show response
surveys.hotjar.com/static/ Frame 5B89 1 KB
1001 B 72ms
66ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/129.hash-28bcca.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

285a7705e73243eff75eaa44f6e1a31a068683fd007a04ba00c5baccb3f369bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Nov 2021 11:30:03 GMT
age: 2518345
etag: W/"d3da6130257ccadd1888ce15e8e6bc2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: none
x-amz-cf-id: kki6AvAXKbD2SOkgCjYtLR-Wquk3XUycVSET5GzOT4ekAqIgIJdvZw==
x-xss-protection: 1; mode=block

GET
H2 200 5572.hash-279369.js Show response
surveys.hotjar.com/static/ Frame 5B89 532 B
980 B 56ms
50ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/5572.hash-279369.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

041c0f00b0d8d99aa3929646a10802d857a6a8cf2d5e91dde75a418dbd530dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 532
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "ddda41b246580f39c755a883118300dc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6IdAtDWPrDWbZj_qAs_laaabnCtfBrxRn6pBgXKJLUJI-7odHQ-6IQ==

GET
H2 200 8859.hash-50c084.js Show response
surveys.hotjar.com/static/ Frame 5B89 2 KB
1 KB 56ms
50ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/8859.hash-50c084.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

7d2da3f1aaf4380da2e7250a17b865c86851182dae2268a9d2e71e9edc83c25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2518345
x-cache: Hit from cloudfront
content-length: 1066
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Nov 2021 11:30:05 GMT
etag: "bafd0aacdf8cb404c42d0cfb9ceb4195"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: fsAohyUJVcwLXZTrZGKp_fI8E-WSm0fTWaomCv4WQl67P0o9c4DNzA==

GET
H2 200 5426.hash-602d48.js Show response
surveys.hotjar.com/static/ Frame 5B89 475 B
893 B 56ms
50ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/5426.hash-602d48.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

d255fa07d6f4d8f0cc85fa7bd93bd5d20fb72f01db743c534062cf8a7164091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:30:11 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2518345
x-cache: Hit from cloudfront
content-length: 475
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Nov 2021 11:30:04 GMT
etag: "655dee4f06a7d3ab4127e84cc42648c2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OGxzKasHVNM_D6ywtXAT9HG43f5sF4fjUODsB55s1ZBu5l_gwgmybQ==

GET
H2 200 4410.hash-df61a5.js Show response
surveys.hotjar.com/static/ Frame 5B89 2 KB
1 KB 77ms
71ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/4410.hash-df61a5.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

d6c69423d66ee0cf67a6129eda1cd6870a207ce70b4775737f9584ef930e95fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 701
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "fd0242c2184853f56b479507a17b85ea"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 50Oz0WlkrbfTewFYa8SYIi-P1Hzv5rokpZy8Op937QzyHVSTA9TfKQ==

GET
H2 200 4216.hash-33892f.js Show response
surveys.hotjar.com/static/ Frame 5B89 101 B
547 B 56ms
51ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/4216.hash-33892f.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

003681833802df3b3756b6f17e46ebc46a26915d5a96489870a2c66c6488e463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 101
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "0770a2b4c6c6bdd1cdca7299e696e8c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hNIR3R5o8DsYt-9MLkopv1UgxPz7J6rtAnHx8JGcS6BU61bnBRei9Q==

GET
H2 200 survey-v2.hash-8dcaab.js Show response
surveys.hotjar.com/static/ Frame 5B89 7 KB
3 KB 59ms
53ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/survey-v2.hash-8dcaab.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

ab14cb951ceaf1a25ffac09b095e983b741fd827603ff27338b0588f7280a173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 09:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104772
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 09:56:22 GMT
etag: "0923a98fbf457c82f44b6dd7331e9ce4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cu326B48Z8bpJBpWvtnY3rkK3H-CCPn0j-wvUOkiBWfR8A5J2cL8jw==

GET
H2 200 1286.hash-1f0e51.js Show response
surveys.hotjar.com/static/ Frame 5B89 1 KB
967 B 59ms
54ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/1286.hash-1f0e51.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

e983b35a86d6098a0fa0856672677caa614239c2febc7d1b45d576b86d588fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:13 GMT
etag: W/"8fed4ef245702f9da672f1c722d52b4c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: none
x-amz-cf-id: DnOT4I2b5dScg3dZ5-E2RES_BJerIPV99egPk1gc4MpPlkfKKRZdFQ==

GET
H2 200 1182.hash-df7145.js Show response
surveys.hotjar.com/static/ Frame 5B89 5 KB
3 KB 62ms
57ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/1182.hash-df7145.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

3ca5adf9ca9ceb0e9248a9c6e92f6fdf15b52ddfe2e2bc89098768db6608a1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "6a05c72cdb0edaa034f6d263ae18fed5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UlzVQnYna8d_nCKbio2aMGnxrGryRSH3ep06sCIGW0XeHa1Z2R3FKQ==

GET
H2 200 4946.hash-d461ce.js Show response
surveys.hotjar.com/static/ Frame 5B89 4 KB
2 KB 77ms
72ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/4946.hash-d461ce.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

57fa8b9b247c271ce9693b135d9c89aa06618c19b1ec1fed18af79be3f7a294c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1833
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "c494f2e812e67d407c1f39b0ce617460"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: wIeLqOB4f2ydRuYgrwI8MmeR7UOoVRFcOliqGerz4kk4Lv2khVFPnw==

GET
H2 200 537.hash-87dbfe.js Show response
surveys.hotjar.com/static/ Frame 5B89 472 B
919 B 70ms
65ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/537.hash-87dbfe.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

ea6a2c83763fad68a2de1a5a3df27439f3a618d3335717bdbee8ecd2fc818ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 472
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "d48cc85e6d1f71cb735b121a801cf9df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QZkqtzL9ZNSlzyQh308UrAiQ1jH9qnqj7nDs_HS2nsq7OkquNYhaLg==

GET
H2 200 9160.hash-3946df.js Show response
surveys.hotjar.com/static/ Frame 5B89 4 KB
2 KB 62ms
57ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/9160.hash-3946df.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

3e968ba2773142399929e36c60e52b6f68ac704210943b4be2405cd274889ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1918
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:15 GMT
etag: "c728f0884fcc1174c5c075a95bf11cf4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 5EzE7sykaQFQojARGhoN7l5l10Wy8bafFz-Yd47ZO5DQi2uCMNyVHQ==

GET
H2 200 9988.hash-c2cb25.js Show response
surveys.hotjar.com/static/ Frame 5B89 173 B
621 B 70ms
65ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/9988.hash-c2cb25.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

a48d34094c2e6b7e84da7d6a76d57a7b54c15f6dd7f9ef6dedb1697cb5fdc8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 173
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:16 GMT
etag: "98e44b3432f776b614197c5a72f8dba7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LUUkILnEtybY0C7-U_ozHYiAX7D15K9-Drz0OdobR2HIQEUeAAbTqA==

GET
H2 200 3731.hash-29a8d0.js Show response
surveys.hotjar.com/static/ Frame 5B89 5 KB
2 KB 92ms
88ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/3731.hash-29a8d0.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

922c3df9c8629aa3c5e0b5f40ca92313fa22ce746943da31f0f30ecace010982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255289
x-cache: Hit from cloudfront
content-length: 1918
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Dec 2021 16:07:37 GMT
etag: "20388464cda4acb7ddd79adf1a49234f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cHwBwZFFui84FLXCDz6hbGKSfvuQ1fSf_qX_r5zLTT6sweeYBc1hHw==

GET
H2 200 2831.hash-3b726a.js Show response
surveys.hotjar.com/static/ Frame 5B89 151 B
598 B 73ms
68ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/2831.hash-3b726a.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

a0555c09f1d9c9edaa738905e08aaedb10dae869b05fa7488abc25c0fe597677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:19:20 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6154996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 151
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 09:17:14 GMT
etag: "f7364a3703eab12a1d315f50108d7403"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6JTgpTHn4yAIO0OzJ7NJFuVBTZZM3O705672k_fDkbV1biyQiDg4oA==

GET
H2 200 6531.hash-c2c576.js Show response
surveys.hotjar.com/static/ Frame 5B89 546 B
964 B 93ms
88ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/6531.hash-c2c576.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

15be22672fe02de0153aed6b47f119d4d72ee4a51f9abbd1134357c2043f9a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:56:27 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3135969
x-cache: Hit from cloudfront
content-length: 546
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Nov 2021 07:56:16 GMT
etag: "ae9bcf7efa1dd2c8ca56a4e9aab970bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3uQptRR628p_5Gs80CTUFs_tBhd5bYaBuPQpNNJ-vXU-AG116Gs_nQ==

GET
H2 200 4785.hash-0220fb.js Show response
surveys.hotjar.com/static/ Frame 5B89 123 KB
35 KB 73ms
68ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/4785.hash-0220fb.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

b3cc9e8b2c40f94bfa4e4c019389f824c3ff606027d3f822e6927d8021da1eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255289
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Dec 2021 16:07:37 GMT
etag: "355bfc1813c5658ca730f36c136634bb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 11qLHqqPJxQSs3DlcxHzglm5yPgDY1WMnvt5hlzVu_XvRO-rGzk5KQ==

GET
H2 200 sentry-init.hash-6ffc3e.js Show response
surveys.hotjar.com/static/ Frame 5B89 4 KB
2 KB 105ms
100ms Script
application/javascript 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys.hotjar.com/static/sentry-init.hash-6ffc3e.js

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-91.fra50.r.cloudfront.net

Software

Resource Hash

d347f764400af739844e36265a051c7dc549bddfc010005e1451e24a62c184a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:26:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2157
x-cache: Hit from cloudfront
content-length: 1668
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 14:26:35 GMT
etag: "cf4b31fc31f5a7dc13aaa24466da9cdf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MsD0IIM3FqMos-eM30_MlG-WeYSrJRJ_ViaZkDoPuia5OXnIAUWj1g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5B89 146 KB
53 KB 82ms
82ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWWVRK

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2075510f30d4d4a4869eb550b97511b0dab9b641853569d57b005009343511f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54441
x-xss-protection: 0
expires: Thu, 16 Dec 2021 15:02:36 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 104 KB
37 KB 190ms
96ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-THGNDJ6&t=gtm22&cid=1454937077.1639666956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f6d5254aa9fcbbbbe8960d4a8561da7f8d8682dfb084a5567cf4546ce0c9fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38100
x-xss-protection: 0
expires: Thu, 16 Dec 2021 15:02:36 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 29 B
136 B 217ms
70ms XHR
text/plain 99.81.19.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1639666956454
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.19.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-19-154.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3debef172d9958220cd44aef7a037881792b82af2e118b09233892aabfef52a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Dec 2021 15:02:36 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5B89 97 KB
39 KB 93ms
93ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-697111050

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWWVRK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27b0caa5deb46bb1a1c9cb7cd2a4ac711003e4c7a96a58e4c2e1318e2b453c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39578
x-xss-protection: 0
expires: Thu, 16 Dec 2021 15:02:36 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1803156/envelope/ Frame 5B89 2 B
408 B 536ms
117ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1803156/envelope/?sentry_key=75786e51fd834ac5a70737db81a4b9d8&sentry_version=7

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/static/4785.hash-0220fb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://surveys.hotjar.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Dec 2021 15:02:37 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://surveys.hotjar.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 f49f243c-300d-4700-b18e-be7c2c62390d Show response
surveys.hotjar.com/api/v1/sites-info/ Frame 5B89 17 B
280 B 120ms
119ms XHR
application/json 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys.hotjar.com/api/v1/sites-info/f49f243c-300d-4700-b18e-be7c2c62390d
Requested by: Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/static/4785.hash-0220fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-91.fra50.r.cloudfront.net
Software: /
Resource Hash: 9e15210fdb0e8c21888f7d90c83a4e9371c62a4321402dca0777c2bc527371e1

Request headers

Accept: application/json, text/plain, */*
Referer: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-cache, no-store
content-length: 17
x-amz-cf-id: vavkqY3FHioHG4hfpS8G9GxTLKPWvBW3nmJOByTeGw1ihNK024DDZQ==

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 55 KB
4 KB 92ms
91ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=280751&settings_type=1&vn=7.0&r=0.12242501656256466&exc=21|23|22|27|37|38
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-652056e03ddf7788e78300128e9ddb25.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: cc3ce247a1c030b92d78fa964e846823d7aec497c2dac5e3555079d45ee68a3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 118ms
117ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=280751&u=D080F32C449FFDE7E95181BC246C6C2D8&s=1639666956&p=1&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221639666956636%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&cu=https%253A%252F%252Fwww2.leicabiosystems.com%252FlistUnsubscribeHeader%252Fu%252F48532%252F4c316a4f3ac8dd78680e5dff98fde6cf%252F620756813&r=0&cq=1&vn=7.0.181&vns=undefined&vno=undefined&eTime=1639666956646&random=0.15822316679969006

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 c.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 98ms
98ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/c.gif?account_id=280751&experiment_id=22&goal_id=2&ru=&u=D080F32C449FFDE7E95181BC246C6C2D8&s=1639666956&ifs=1&t=1&cu=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&gt=1_23&f={%2223%22:%222,1:1639666956%22}&vn=7.0.181&vns=undefined&vno=undefined&eTime=1639666956697&random=0.6975121715356369

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 hotjar-55484.js Show response
static.hotjar.com/c/ Frame 5B89 60 KB
11 KB 103ms
43ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-55484.js?sv=6

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/static/survey-v2.hash-8dcaab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

6a73f60364a8f9e83806cf06e15fc380e4c3c07d5ff44e5d5e95abdb843fda3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/ca2376fe2949592d4a5ae547e105e92b
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: LpQrVHeCBliVvtgKhGzTp1Jnli1wHXbdi-xxqF5fPby_WTq2DBOmSw==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 40ms
40ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-5ad3a568fb608b1d8d6d9257ee8062c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:35 GMT
content-encoding: br
last-modified: Thu, 16 Dec 2021 11:27:13 GMT
server: gams1
etag: "61bb2291-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 101ms
101ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=280751&u=D080F32C449FFDE7E95181BC246C6C2D8&s=1639666956&p=1&tags={%22si%22:{%2227%22:%221%22,%2222%22:%221%22,%2221%22:%221%22}}&eg=5,2,1&update=1&cq=1&vn=7.0.181&vns=undefined&vno=4.0.119&_cu=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F6207&eTime=1639666956716&random=0.45075791001965326

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
BLOB 200
OK add6300b-b7d3-4ae5-8b67-c5f04fea45ee
https://www2.leicabiosystems.com/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www2.leicabiosystems.com/add6300b-b7d3-4ae5-8b67-c5f04fea45ee
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 5B89 37 KB
14 KB 107ms
58ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-697111050

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Dec 2021 15:02:36 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 42ms
42ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 14:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Dec 2021 15:57:51 GMT

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ Frame 5B89 227 KB
60 KB 31ms
10ms Script
application/javascript 143.204.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-55484.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-45.fra50.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 689190
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Cb3EwIar_DB7kaRxXjtdmx2pEO0-vq6Ko5OYbYbi8WUYAlyUN4iN2A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=28995249&gjid=2125278479&_gid=1576910137.1639666956&_u=aGDAiEAjRAAAAE~&z=1241125997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 15:02:36 GMT
content-type: text/plain
access-control-allow-origin: https://www2.leicabiosystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 49ms
48ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=660669016&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&ul=en-us&de=UTF-8&dt=Are%20you%20sure%20you%20want%20to%20unsubscribe%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Browser%20Navigation&ea=Support&el=1&ev=1&_u=aGDACEAjRAAAAG~&jid=501028296&gjid=2066300589&cid=1454937077.1639666956&tid=UA-3055778-12&_gid=1576910137.1639666956&_r=1&gtm=2wgc105TBNXD&cd9=event&cd11=61455f73-c95f-426b-906d-3d59e7530cf1&cm3=1&z=1334948835&cd2=545

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.leicabiosystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 53ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=501028296&gjid=2066300589&_gid=1576910137.1639666956&_u=aGDACEAjRAAAAG~&z=1944104870

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 15:02:36 GMT
content-type: text/plain
access-control-allow-origin: https://www2.leicabiosystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=660669016&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&ul=en-us&de=UTF-8&dt=Are%20you%20sure%20you%20want%20to%20unsubscribe%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjR~&jid=28995249&gjid=2125278479&cid=1454937077.1639666956&tid=UA-3055778-12&_gid=1576910137.1639666956&gtm=2wgc105TBNXD&cm1=2.23&cm2=0&cd9=pageview&z=94084150&cd2=455

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 22:30:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59554
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/697111050/ Frame 5B89 2 KB
1 KB 146ms
96ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/697111050/?random=1639666956847&cv=9&fst=1639666956847&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fsurveys.hotjar.com%2Ff49f243c-300d-4700-b18e-be7c2c62390d&tiba=Hotjar%20Survey&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

045e2e1ac6f96875dba75f8f618fcf900feeccde5563e115426812ba4edc2bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 47DC 2 KB
1 KB 28ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-55484.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4_SgmU8Z9DFDx_4FueLe1Omj74-Er31ReeyZG6HCpvjYH6Zel3jEPw==
age: 1206570

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 23ms
23ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Dec 2021 15:02:36 GMT
content-type: text/plain
access-control-allow-origin: https://www2.leicabiosystems.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 112ms
62ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=28995249&_u=aGDAiEAjRAAAAE~&z=806586638

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 113ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=28995249&_u=aGDAiEAjRAAAAE~&z=806586638

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 111ms
62ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=501028296&_u=aGDACEAjRAAAAG~&z=1082889407

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 112ms
63ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=501028296&_u=aGDACEAjRAAAAG~&z=1082889407

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 90ms
61ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=501028296&_u=aGDACEAjRAAAAG~&z=1820554422

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 94ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3055778-12&cid=1454937077.1639666956&jid=501028296&_u=aGDACEAjRAAAAG~&z=1820554422

Requested by

Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/697111050/ Frame 5B89 42 B
64 B 59ms
59ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/697111050/?random=1639666956847&cv=9&fst=1639666800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fsurveys.hotjar.com%2Ff49f243c-300d-4700-b18e-be7c2c62390d&tiba=Hotjar%20Survey&async=1&fmt=3&is_vtc=1&random=524015481&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/697111050/ Frame 5B89 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/697111050/?random=1639666956847&cv=9&fst=1639666800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fsurveys.hotjar.com%2Ff49f243c-300d-4700-b18e-be7c2c62390d&tiba=Hotjar%20Survey&async=1&fmt=3&is_vtc=1&random=524015481&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: surveys.hotjar.com
URL: https://surveys.hotjar.com/f49f243c-300d-4700-b18e-be7c2c62390d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://surveys.hotjar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 15:02:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 92aba290-aa18-4d59-a047-67a6e9046472
https://www2.leicabiosystems.com/ 47 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www2.leicabiosystems.com/92aba290-aa18-4d59-a047-67a6e9046472
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 47679
Content-Type: text/javascript

POST
H2 200 analyze Show response
r3.visualwebsiteoptimizer.com/ 0
143 B 394ms
191ms XHR
application/javascript 35.194.81.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://r3.visualwebsiteoptimizer.com/analyze?_a=280751&_u=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-5ad3a568fb608b1d8d6d9257ee8062c4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.194.81.74 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 74.81.194.35.bc.googleusercontent.com
Software: r3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCwTlYNSzL8dxVd9K

Response headers

access-control-allow-origin: *
date: Thu, 16 Dec 2021 15:02:37 GMT
content-encoding: gzip
server: r3
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 390ms
98ms Script
application/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www2.leicabiosystems.com
URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 15:02:37 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified: Wed, 15 Dec 2021 05:14:54 GMT
Server: PardotServer
ETag: "1547-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1950
Expires: Sat, 16 Dec 2023 15:02:37 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=660669016&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&ul=en-us&de=UTF-8&dt=Are%20you%20sure%20you%20want%20to%20unsubscribe%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Uncaught%20Javascript%20Errors&ea=Uncaught%20TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27childNodes%27)&el=2%3Ahttps%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&_u=aGDACEAjRAAAAG~&jid=&gjid=&cid=1454937077.1639666956&tid=UA-3055778-12&_gid=1576910137.1639666956&gtm=2wgc105TBNXD&cd9=event&cd11=7a645ef2-e654-4f9c-af81-8116dfd10627&z=1358328831&cd2=733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 22:30:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59555
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 86 B
838 B 175ms
175ms Script
text/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=undefined&account_id=49532&title=Are%20you%20sure%20you%20want%20to%20unsubscribe%3F&url=https%3A%2F%2Fwww2.leicabiosystems.com%2FlistUnsubscribeHeader%2Fu%2F48532%2F4c316a4f3ac8dd78680e5dff98fde6cf%2F620756813&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-2-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

87cbe75c6b69403cfb1f42fc2b3dc2bd7df5e1a69200e7db8d9d5afa24dddc32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Dec 2021 15:02:37 GMT
Content-Encoding: gzip
X-Pardot-Route: c2c10298b36224142948b084fe4d7b30
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp: 16/70/79
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 93
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.leicabiosystems.com
URL: http://www.leicabiosystems.com/fileadmin/templates/responsive/js/jquery.cookie.min.js

Domain: www.leicabiosystems.com
URL: http://www.leicabiosystems.com/fileadmin/templates/responsive/js/pardot-landingpages/salesforce-form.js

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leicabiosystems.com/	1970-01-20 01:37:22	Name: _gcl_au Value: 1.1.1889977870.1639666956
.bing.com/	1970-01-20 08:49:22	Name: MUID Value: 04AA10694722665E3AC4016646F067AA
.leicabiosystems.com/	1970-01-19 23:29:13	Name: _uetsid Value: 34489b905e8111ecb57a27c4c76c8b82
.leicabiosystems.com/	1970-01-20 08:49:22	Name: _uetvid Value: 344ab2e05e8111eca3fd33cbd8d32112
.leicabiosystems.com/	1970-01-20 03:46:58	Name: __utmzz Value: utmcsr=(direct)>false\|utmcmd=(none)\|utmccn=(not set)
.leicabiosystems.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:59:40	Name: bcookie Value: "v=2&1a6b079f-1966-4f7f-8236-0889ac90e4b2"
.linkedin.com/	1970-01-20 16:54:02	Name: li_gc Value: MTswOzE2Mzk2NjY5NTY7MjswMjHBgS/S0MiX1tPEQon19Ayee3uoQP2P+UG+WgpDxnwcoQ==
.linkedin.com/	1970-01-19 23:29:13	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2376:u=1:x=1:i=1639666956:t=1639753356:v=2:sig=AQFHuJqKTtiyx3OjJBrOQxgtZTuFkUDq"
.www2.leicabiosystems.com/	1970-01-20 08:14:49	Name: _vwo_uuid_v2 Value: D080F32C449FFDE7E95181BC246C6C2D8\|fd51090af417a8fc826dc8da46ea2eff
.leicabiosystems.com/	1970-01-20 16:58:58	Name: _ga Value: GA1.2.1454937077.1639666956
.leicabiosystems.com/	1970-01-19 23:29:13	Name: _gid Value: GA1.2.1576910137.1639666956
.leicabiosystems.com/	1970-01-20 01:51:46	Name: _vis_opt_s Value: 1%7C
.leicabiosystems.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.leicabiosystems.com/	1970-01-23 15:03:46	Name: _vwo_uuid Value: D080F32C449FFDE7E95181BC246C6C2D8
.leicabiosystems.com/	1970-01-19 23:27:48	Name: _vwo_sn Value: 0%3A1%3Ar3.visualwebsiteoptimizer.com%3A1%3A1
.leicabiosystems.com/	1970-01-20 00:10:58	Name: _vwo_ds Value: 3%3Aa_1%2Ct_1%3A0%241639666956%3A15.90816808%3A23_2_1_0_2%3A5_1%2C2_2%2C1_1%3A38_1%2C37_1%3A0
.leicabiosystems.com/	1970-01-19 23:27:47	Name: _dc_gtm_UA-3055778-12 Value: 1
.leicabiosystems.com/	1970-01-19 23:27:47	Name: _gat_UA-3055778-12 Value: 1
.doubleclick.net/	1970-01-20 08:49:22	Name: IDE Value: AHWqTUmOMLAY8Z23Lt1utLbqlApXWGw51CK-sHmYUKZnSqJjY2NujhvwkCxbNrOq

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.leicabiosystems.com/fileadmin/templates/responsive/pardot-landingpages/js/respond.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813(Line 107) Message: Mixed Content: The page at 'https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www2.leicabiosystems.com/unsubscribe/u/48532/fd8b0b234e9ceb3aaf55781da953970c2a84fb71d81fb656dcbc2f2bfb7774c4/432669299'. This endpoint should be made available over a secure connection.
security	error	URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813 Message: Mixed Content: The page at 'https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813' was loaded over HTTPS, but requested an insecure script 'http://www.leicabiosystems.com/fileadmin/templates/responsive/js/jquery.cookie.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813 Message: Mixed Content: The page at 'https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813' was loaded over HTTPS, but requested an insecure script 'http://www.leicabiosystems.com/fileadmin/templates/responsive/js/pardot-landingpages/salesforce-form.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-5ad3a568fb608b1d8d6d9257ee8062c4.js Message: Mixed Content: The page at 'https://www2.leicabiosystems.com/listUnsubscribeHeader/u/48532/4c316a4f3ac8dd78680e5dff98fde6cf/620756813' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www2.leicabiosystems.com/unsubscribe/u/48532/fd8b0b234e9ceb3aaf55781da953970c2a84fb71d81fb656dcbc2f2bfb7774c4/432669299'. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
bat.bing.com
code.jquery.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagestates-tracking.crazyegg.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
r3.visualwebsiteoptimizer.com
script.crazyegg.com
script.hotjar.com
sentry.io
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
surveys.hotjar.com
track.accountinsight.cloud
tracking.crazyegg.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.leicabiosystems.com
www2.leicabiosystems.com
www.leicabiosystems.com
108.174.10.14
13.52.45.25
142.250.186.66
143.204.98.32
143.204.98.45
143.204.98.50
143.204.98.83
143.204.98.91
143.204.98.93
158.255.109.19
2001:4de0:ac18::1:a:3a
2606:4700::6813:9408
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
2a02:26f0:6c00::210:ba20
34.96.102.137
35.188.42.15
35.194.81.74
52.21.178.134
99.81.19.154
003681833802df3b3756b6f17e46ebc46a26915d5a96489870a2c66c6488e463
041c0f00b0d8d99aa3929646a10802d857a6a8cf2d5e91dde75a418dbd530dc5
045e2e1ac6f96875dba75f8f618fcf900feeccde5563e115426812ba4edc2bb6
09547487bf818224b4f4602dc88332f926e9d20a342604bb1377326f93a81772
0aea72a3ba8bbd42b24e52848751241e4aa1e4c6cadc87ed1d66f31b30d4d2ed
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
15be22672fe02de0153aed6b47f119d4d72ee4a51f9abbd1134357c2043f9a81
16d297edb2904e0bf643736eab6342312b3b0ae2d73c7115e0dd9ae25f71b21d
1794a610974f9ae3244db01b991be64b6bfc47f5f0b299962458cdcb3107da71
18af039f894d051e8a245f8b1bc5945604d1950fac42f30d53d8c1ddefff63b2
1eb69f138d6240e213531cd3b9c9c2b62b25a9521ae217bbbe11760bce05f040
27b0caa5deb46bb1a1c9cb7cd2a4ac711003e4c7a96a58e4c2e1318e2b453c8f
285a7705e73243eff75eaa44f6e1a31a068683fd007a04ba00c5baccb3f369bc
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
30d2d075d9b9b052859f125d3ca15955beb2ab8a4c10fee069b299994f575732
3869c06e6a76d73be1143f359bc78255118f70792169cf403e69b7cfd322e694
3917b35fc286bc06854b600afcaa20a7695182525b3fe62eef96d40008e17e50
39ea840537bdcbb7073145204502b13af4baee504b4f9b869a2abe104ac42606
3ca5adf9ca9ceb0e9248a9c6e92f6fdf15b52ddfe2e2bc89098768db6608a1a8
3e968ba2773142399929e36c60e52b6f68ac704210943b4be2405cd274889ed4
404012c5fd47ab5c05558bae557bd29700f39fc65a1796fe084690c4eee2406a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
465b96014077484dd88b801e15279d1904e08c4f611b68b7f5f79288bffd8ed8
4846aeb6300daa32ca040f2c58548e37132783803d2f13c72bc0e5a3bda11cf8
4f54ce2328a5a125fd9cd528164fd4158e5fe9e1d6f7c16ff52cbd7d6f284465
57fa8b9b247c271ce9693b135d9c89aa06618c19b1ec1fed18af79be3f7a294c
68cc630104dd97756926be97d661f48d94417f9967ad155105af98517f24e2a4
6a73f60364a8f9e83806cf06e15fc380e4c3c07d5ff44e5d5e95abdb843fda3e
6f05ca62fdccefe681b4a16b4592b7f29effad06cd917d9a8c3751102261b1ea
77e96bf15c6e1c0f8cf518a3a12d734aab9c01c91bb1906ae8525d957c83e36c
7d2da3f1aaf4380da2e7250a17b865c86851182dae2268a9d2e71e9edc83c25a
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845b3f90de92cb9744f0ff762bb6c114b8a53f2df936fbfbcaf6ef04c1929df4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
864ee8b819fd001e9190dc7b1b848764fbd0d387f46a69e6668225fee18a8493
87cbe75c6b69403cfb1f42fc2b3dc2bd7df5e1a69200e7db8d9d5afa24dddc32
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8cc5c9b4ceea13d833162d6bdaf3a5736191274585ebbe191609858fd4197663
8e0a061a5896c84124c77856f4afa83cf8328e0698e84f4fa5f03a78f4192b80
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
922c3df9c8629aa3c5e0b5f40ca92313fa22ce746943da31f0f30ecace010982
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b914e9fe111b94a1a836ff02be15ad25cc3d4c59ba5ff8d20c5c3ee75fc837
9d9425c71234c89e483b38b01c0d7fd8bc9aed2661a505461d44be2c5de9e3ad
9e15210fdb0e8c21888f7d90c83a4e9371c62a4321402dca0777c2bc527371e1
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
9f6d5254aa9fcbbbbe8960d4a8561da7f8d8682dfb084a5567cf4546ce0c9fea
a0555c09f1d9c9edaa738905e08aaedb10dae869b05fa7488abc25c0fe597677
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2075510f30d4d4a4869eb550b97511b0dab9b641853569d57b005009343511f
a48d34094c2e6b7e84da7d6a76d57a7b54c15f6dd7f9ef6dedb1697cb5fdc8b3
a6bcf46730e1da1fc91a30617071b75b340dafd3d99ee4ce3d689164ac1b3a20
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
ab14cb951ceaf1a25ffac09b095e983b741fd827603ff27338b0588f7280a173
b0d39892c60cba355b0bea2dc90d05fee662b9ed85f77b4bdb13ad325a0b8070
b3cc9e8b2c40f94bfa4e4c019389f824c3ff606027d3f822e6927d8021da1eda
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027
b586a1b7bd8a43f1e5cced65c695ba132e2f7183f2225117c36708819edf8596
b62131b663767dd479584955c9a6f219cbc3df69fa99c1e70205d92471be6c2d
c144ac302cd99e90d5b2c17dedc69d0c76515fb7f20dfdcd199c894b6d386aca
c346aad976bd22b93c5529bcfacc2379fc87895ca1f90564829b6c1b152f9611
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ca72b671b50402155f5b6af76ef80af6c92c325617c0be5b9c9ba291af65ab5a
cc3ce247a1c030b92d78fa964e846823d7aec497c2dac5e3555079d45ee68a3a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1627594e6830f32ce34458e052d5f3caa172fc6b8096c38cc86301764b11515
d255fa07d6f4d8f0cc85fa7bd93bd5d20fb72f01db743c534062cf8a7164091f
d2740fa6b0a78fccf7658caa0b29c8dc1dc2449b9cf85249b06bed33c7d17c93
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d347f764400af739844e36265a051c7dc549bddfc010005e1451e24a62c184a2
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97
d6c69423d66ee0cf67a6129eda1cd6870a207ce70b4775737f9584ef930e95fc
daa301d38a20753a0b63d9b8114a0e0869120179a69b266621d2aa331e54836f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3debef172d9958220cd44aef7a037881792b82af2e118b09233892aabfef52a
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e983b35a86d6098a0fa0856672677caa614239c2febc7d1b45d576b86d588fc1
ea6a2c83763fad68a2de1a5a3df27439f3a618d3335717bdbee8ecd2fc818ecb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a452111885477f47bfbbc103920e674e65c002a2454d7b392e0824642b6114
f3b846c6c7a40e78f8c4dac9378dc11c268243761db4bff96a031176a8ac36be
f3bea5a28525d6ccea54cb78cdee04f1556deeeca11c10c6bb4c79bcda212859
f8f6530863b8bbedfc6240d72e711ee45186a5d5be9cbd9f1fd436663a3a466f
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www2.leicabiosystems.com Open in urlscan Pro 52.21.178.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

95 %HTTPS

46 %IPv6

19 Domains

29 Subdomains

28 IPs

6 Countries

1177 kBTransfer

2877 kBSize

21 Cookies

2 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www2.leicabiosystems.com Open in urlscan Pro
52.21.178.134 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

95 %
HTTPS

46 %
IPv6

19
Domains

29
Subdomains

28
IPs

6
Countries

1177 kB
Transfer

2877 kB
Size

21
Cookies

113 HTTP transactions
0 data transactions