go.omnicell.com Open in urlscan Pro
52.202.69.186 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/...
Submission: On January 25 via manual (January 25th 2021, 6:08:59 pm UTC) from US

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 30 domains to perform 49 HTTP transactions. The main IP is 52.202.69.186, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.omnicell.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 30th 2020. Valid for: 3 months.

This is the only time go.omnicell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	52.202.69.186 52.202.69.186	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:295::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	13.224.102.20 13.224.102.20	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1 4	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.233.206 2.18.233.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3036::6815:37c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.44.242.176 52.44.242.176	14618 (AMAZON-AES) (AMAZON-AES)
1	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 2	63.35.200.21 63.35.200.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.102.122 13.224.102.122	16509 (AMAZON-02) (AMAZON-02)
1	13.224.102.36 13.224.102.36	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.220.33.83 3.220.33.83	14618 (AMAZON-AES) (AMAZON-AES)
1	52.19.70.84 52.19.70.84	16509 (AMAZON-02) (AMAZON-02)
1	13.224.102.34 13.224.102.34	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
49	34

5 52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com

go.omnicell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:295::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-20.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.206 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-206.deploy.static.akamaitechnologies.com

8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:37c2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.digitalreachagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.242.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-242-176.compute-1.amazonaws.com

track.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.200.21 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-36.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.33.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-33-83.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.70.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-70-84.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-34.zrh50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::622 (Ascension Island)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	adroll.com 1 redirects s.adroll.com d.adroll.com	15 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
3	twitter.com analytics.twitter.com	1 KB
3	t.co t.co	698 B
3	pardot.com go.pardot.com pi.pardot.com	13 KB
2	lltrck.com 1 redirects lltrck.com	520 B
2	hubspot.com track.hubspot.com forms.hubspot.com	2 KB
2	facebook.com www.facebook.com	556 B
2	google.de www.google.de	637 B
2	google.com www.google.com	637 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	94 KB
2	omnicell.com go.omnicell.com	3 KB
1	wistia.com fast.wistia.com	110 KB
1	hotjar.io vc.hotjar.io	256 B
1	hs-banner.com js.hs-banner.com	14 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hsleadflows.net js.hsleadflows.net	77 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	linkedin.com px.ads.linkedin.com	605 B
1	ipinfo.io ipinfo.io	521 B
1	leadlander.com track.leadlander.com	1 KB
1	digitalreachagency.com cdn.digitalreachagency.com	3 KB
1	rackcdn.com 8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com
1	hs-scripts.com js.hs-scripts.com	911 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
49	30

	Domain	Requested by
4	s.adroll.com	1 redirects www.googletagmanager.com go.omnicell.com s.adroll.com
3	analytics.twitter.com	static.ads-twitter.com
3	t.co	go.omnicell.com
2	lltrck.com	1 redirects
2	pi.pardot.com	go.omnicell.com pi.pardot.com
2	www.facebook.com	go.omnicell.com
2	www.google.de	go.omnicell.com
2	www.google.com	go.omnicell.com
2	www.google-analytics.com	www.googletagmanager.com go.omnicell.com
2	connect.facebook.net	go.omnicell.com connect.facebook.net
2	go.omnicell.com	pi.pardot.com
1	forms.hubspot.com	js.hsleadflows.net
1	fast.wistia.com	pi.pardot.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	track.hubspot.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	d.adroll.com	go.omnicell.com
1	d.adroll.mgr.consensu.org	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px.ads.linkedin.com	go.omnicell.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ipinfo.io	www.googletagmanager.com
1	track.leadlander.com	go.omnicell.com
1	cdn.digitalreachagency.com	go.omnicell.com
1	8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com	go.omnicell.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	go.omnicell.com
1	go.pardot.com	go.omnicell.com
49	37

This site contains links to these domains. Also see Links.

Domain
www.omnicell.com

Subject Issuer	Validity	Valid
go.omnicell.com Let's Encrypt Authority X3	`2020-11-30` - `2021-02-28`	3 months	crt.sh
go.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.ssl.cf5.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-02-12` - `2021-05-13`	a year	crt.sh
*.leadlander.com Go Daddy Secure Certificate Authority - G2	`2020-04-28` - `2022-04-28`	2 years	crt.sh
ipinfo.io GTS CA 1D2	`2021-01-24` - `2021-04-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2020-09-23` - `2021-09-23`	a year	crt.sh
*.hotjar.io Amazon	`2020-09-15` - `2021-10-15`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Frame ID: 16B0E3F7DC3E09368EDBCA8E04DA1EEF
Requests: 48 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 6E03AA22ADA0B5D8E06EE670A7C41299
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

49
Requests

100 %
HTTPS

53 %
IPv6

30
Domains

37
Subdomains

34
IPs

5
Countries

505 kB
Transfer

2069 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.omnicell.com/us/en_us/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://s.adroll.com/j/exp/ETIZT3WSKZCL7CUAC6U5IC/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 27

https://d.adroll.mgr.consensu.org/consent/iabcheck/ETIZT3WSKZCL7CUAC6U5IC?_s=c3b8fec5faab0a6a15763db0129c2994&_b=2 HTTP 302
https://d.adroll.com/consent/check/ETIZT3WSKZCL7CUAC6U5IC/?_s=c3b8fec5faab0a6a15763db0129c2994&_b=2

Request Chain 40

https://lltrck.com/api/tracking?accountId=33276&page=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&referer=&fp=&uuid=ls450ea7-3ace-4265-b913-add7ab206274&cl=0 HTTP 302
https://lltrck.com/tracking.png

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0 200
OK Primary Request Cookie set 156736010 Show response
go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/ 1 KB
1 KB 564ms
151ms Document
text/html 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: eb6e891952ff20c4fd6a20148806b4794d5136fc2fe2bfcd457e742c6e0a59c2

Request headers

Host: go.omnicell.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:08:43 GMT
Set-Cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pardot-Rsp: 16/125/152
X-Robots-Tag: nofollow, noindex
Referrer-Policy: no-referrer
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 841
Content-Type: text/html; charset=utf-8
X-Pardot-Route: 32427ff3465437d362f61c790f7d2406
Server: PardotServer
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
Connection: keep-alive

GET
H/1.1 200
OK form.css
go.pardot.com/css/ 31 KB
8 KB 428ms
109ms Stylesheet
text/css 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.pardot.com/css/form.css?ver=2020-10-19
Requested by: Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:08:43 GMT
Content-Encoding: gzip
X-Pardot-Route: 32427ff3465437d362f61c790f7d2406
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
Last-Modified: Thu, 29 Oct 2020 20:56:48 GMT
Server: PardotServer
ETag: "7bd2-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 7657
Expires: Wed, 25 Jan 2023 18:08:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
52 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a890ec8edab54cf6305582b9578e9f3627bf979a5df411e22647af2381f09e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52716
x-xss-protection: 0
expires: Mon, 25 Jan 2021 18:08:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: /4whEsidHyGrawrYvdgSbkI5eRwScHxMPGZduAYZg1nqe1ViXLG1gsxsYKDYJcZi3dMBTkYiEpHnez39xbyyQQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 25 Jan 2021 18:08:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 21ms
7ms Script
application/x-javascript 2a02:26f0:6c00:295::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:08:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=85668
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 51ms
50ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12189
x-xss-protection: 0
server: cafe
etag: 8926089356025331971
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jan 2021 18:08:43 GMT

GET
H2 200 hotjar-1753536.js Show response
static.hotjar.com/c/ 6 KB
2 KB 170ms
82ms Script
application/javascript 13.224.102.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1753536.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.20 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-20.zrh50.r.cloudfront.net

Software

Resource Hash

27b3d8b817e022b8d8e3cb137a7d3b9b1ae02f2da1f47e4274962c353e3d71e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/59f7c116969c6b1fff9ce90beba08b28
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1984
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
x-amz-cf-id: 4aPTOfWoQKef7hMfZZgodUmM1rHVoTW_RKAhSJq7EBFGhm9biHfYXA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 688
date: Mon, 25 Jan 2021 17:57:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 25 Jan 2021 19:57:15 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 40 KB
13 KB 84ms
28ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding: gzip
ETag: "0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id: A153E367E4F64E44
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12695
x-amz-id-2: 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified: Thu, 10 Dec 2020 18:09:34 GMT
Server: AmazonS3
Date: Mon, 25 Jan 2021 18:08:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 80ms
26ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 62271
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1611598124.684374,VS0,VE0
x-served-by: cache-hhn11547-HHN

GET
H2 200 163420.js Show response
js.hs-scripts.com/ 1 KB
911 B 147ms
127ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/163420.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347b9a32241d6e8698d26eb9405ac0fed4840e69cb3392736b54613965f88884

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BE91ACB8FCE5631A44F472B0654101230B65BD392000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6173f0f0cfc12be9-FRA
cf-request-id: 07dc54ea7b00002be9409f3000000001
expires: Mon, 25 Jan 2021 18:09:43 GMT

GET
H/1.1 404
Not Found 11004.js
8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com/ 0
0 214ms
141ms Script
text/html 2.18.233.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com/11004.js
Requested by: Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.206 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 mole.min.js Show response
cdn.digitalreachagency.com/assets/mole/1/ 8 KB
3 KB 49ms
14ms Script
application/javascript 2606:4700:3036::6815:37c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.digitalreachagency.com/assets/mole/1/mole.min.js?v=2.1
Requested by: Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:37c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc1c196084caef95d6ee257d8283fd52be2012f31f3667890bdc18d6d677e41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6624640
x-cache: HIT
cf-request-id: 07dc54ea8b0000d72d77085000000001
last-modified: Wed, 28 Oct 2020 18:56:29 GMT
server: cloudflare
etag: W/"5f99bedd-1e95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GOfcBvngSXjamu8no7ECmATXNJQ7E2ql745GBLLWWRMQKb8p41nZAwH%2FgUoxmv97GfTMo3so%2BYcXzNFmKkkSaenSTbd%2BmdqisMwLRc%2B75FCOisSL9kbBjPaeSNm%2F2nPUuT8IqsOkPQ%3D%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6173f0f0d858d72d-FRA

GET
H2 200 lt-v2.min.js Show response
track.leadlander.com/ 936 B
1 KB 325ms
103ms Script
application/javascript 52.44.242.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://track.leadlander.com/lt-v2.min.js

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.242.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-242-176.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

5860771fcd971f0550e445042c677ee63ad53bd617e271ec7dd3fb0f8a5698d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:08:43 GMT
last-modified: Thu, 21 Jan 2021 14:25:33 GMT
server: Kestrel
etag: "1d6f00146f36f28"
strict-transport-security: max-age=2592000
content-type: application/javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 936
expires: -1

GET
H2 200 json Show response
ipinfo.io/ 552 B
521 B 170ms
129ms Script
text/javascript 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/json?format=jsonp&callback=getIP

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNPJDS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 Los Gatos, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

Resource Hash

c5c4c50f6c3ee197df9dd766950501029eaa50bd738b474d65507e643e2792a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
via: 1.1 google
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-118012149-1&cid=462633495.1611598124&jid=1832105508&gjid=402733172&_gid=971668685.1611598124&_u=YGBAgEABAAAAAE~&z=1723889703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Jan 2021 18:08:43 GMT
content-type: text/plain
access-control-allow-origin: https://go.omnicell.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 19ms
5ms Image
image/gif 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1290681309&t=pageview&_s=1&dl=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&dp=%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&ul=en-us&de=UTF-8&dt=Unsubscribe%20Confirm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1832105508&gjid=402733172&cid=462633495.1611598124&tid=UA-118012149-1&_gid=971668685.1611598124&gtm=2wg1d0MXNPJDS&z=2128896935

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 16:19:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6537
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
px.ads.linkedin.com/ 0
605 B 231ms
163ms Image
application/javascript 2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1422652&time=1611598123650&url=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010
Requested by: Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: xx/gdPSLXRbQDAWMoCsAAA==

GET
H2 200 366095420765676 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/366095420765676?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e47161e664b5b28642435cb736865b4ab8287779151d9996ef3064a70df3c56b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70537
x-fb-rlafr: 0
pragma: public
x-fb-debug: vSAAS04pFX7wIk3XegPO1MXd9cA5lHvWCpxYP4l9XgjACNEXNjhNpWGckQtnCyopJch/XdWJrQNMx8YcjjWKWg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 25 Jan 2021 18:08:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 302819425
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-118012149-1&cid=462633495.1611598124&jid=1832105508&_u=YGBAgEABAAAAAE~&z=141849325

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-118012149-1&cid=462633495.1611598124&jid=1832105508&_u=YGBAgEABAAAAAE~&z=141849325

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1055127207/ 2 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1055127207/?random=1611598123672&cv=9&fst=1611598123672&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&tiba=Unsubscribe%20Confirm&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bbf062f6165b6a53dc394a167406d4d8e64d22c372ea79dc26bf91b24e51303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=366095420765676&ev=PageView&dl=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&rl=&if=false&ts=1611598123685&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611598123684.1070872280&it=1611598123656&coo=false&rqm=GET

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 25 Jan 2021 18:08:43 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 183ms
135ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4axy&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Mon, 25 Jan 2021 18:08:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 56ae89f0eda76f013df3a19d2e4fde8d
x-transaction: 005f6d6f006fbbee
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
124 B 187ms
142ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4pck&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Mon, 25 Jan 2021 18:08:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 56ae89f0eda76f013df3a19d2e4fde8d
x-transaction: 0018272900b78cbe
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
125 B 172ms
141ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4t10&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Mon, 25 Jan 2021 18:08:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 56ae89f0eda76f013df3a19d2e4fde8d
x-transaction: 00b6f1640058b8c3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/ETIZT3WSKZCL7CUAC6U5IC/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

25ms
24ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Mon, 25 Jan 2021 18:08:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 25 Jan 2021 18:08:43 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ETIZT3WSKZCL7CUAC6U5IC/RJXERGVBHBEG7BF7MU3UHK/ 0
773 B 68ms
24ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ETIZT3WSKZCL7CUAC6U5IC/RJXERGVBHBEG7BF7MU3UHK/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: RHzL9THFZGMuoqdVI2aXYyRIpcg3952E
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: E3ED5BACAAF495A3
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: Ah+ltSWx0lPazAcq3VbfSG2LFQQAcC7rnncT+7xPdgZbG4xHTrYK9KBRdKPAHhdFeJlzs84x8dA=
Last-Modified: Mon, 25 Jan 2021 06:13:41 GMT
Server: AmazonS3
Date: Mon, 25 Jan 2021 18:08:43 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/ETIZT3WSKZCL7CUAC6U5IC/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/ETIZT3WSKZCL7CUAC6U5IC?_s=c3b8fec5faab0a6a15763db0129c2994&_b=2
https://d.adroll.com/consent/check/ETIZT3WSKZCL7CUAC6U5IC/?_s=c3b8fec5faab0a6a15763db0129c2994&_b=2

395 B
487 B

40ms
34ms

Script
application/javascript

63.35.200.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ETIZT3WSKZCL7CUAC6U5IC/?_s=c3b8fec5faab0a6a15763db0129c2994&_b=2
Requested by: Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.200.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-200-21.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 99abed825d39b5a4640e617b6830ef4eebf36278c6a6cd62419b49b0c9a866fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
server: nginx/1.18.0
content-length: 395
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/ETIZT3WSKZCL7CUAC6U5IC/?_s=c3b8fec5faab0a6a15763db0129c2994&_b=2
date: Mon, 25 Jan 2021 18:08:43 GMT
server: nginx/1.18.0
content-length: 105

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1055127207/ 42 B
530 B 48ms
34ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1055127207/?random=1611598123672&cv=9&fst=1611597600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&tiba=Unsubscribe%20Confirm&async=1&fmt=3&is_vtc=1&random=1749195671&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1055127207/ 42 B
530 B 51ms
36ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1055127207/?random=1611598123672&cv=9&fst=1611597600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&tiba=Unsubscribe%20Confirm&async=1&fmt=3&is_vtc=1&random=1749195671&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:08:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 448 KB
77 KB 49ms
32ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/163420.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4

Request headers

Origin: https://go.omnicell.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
via: 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 39912
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.969/bundle/main/lead-flows-release.js&cfRay=6170228798ba6467-IAD
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 07dc54eb2d000005f588a4b000000001
last-modified: Thu, 17 Dec 2020 10:03:39 UTC
server: cloudflare
etag: W/"a566ab0a8f74bc7424c04febd0ea0ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: rhp8gAMuDbTLsXApeWVaA5lKkewB4A5p
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 6173f0f1eaa305f5-FRA
x-amz-cf-id: mOQMeAL5K7IleNmKQQBM7Xc2qzOpD0z-VhljfvxFGDjGfwlO_Gqj8A==

GET
H2 200 163420.js Show response
js.hs-analytics.net/analytics/1611597900000/ 60 KB
18 KB 117ms
99ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1611597900000/163420.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/163420.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95bace49bab9a1f9178ce8f9d9c6afabc371dabe21bcfa5f1c4b26b175bafc17

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 124
x-amz-server-side-encryption: AES256
x-amz-request-id: 00CAA12BFEB1DF9E
x-amz-id-2: A0E3LGaSyZTF79qNSHhN4vgf/4ORa1YRsd/o6V2nAGKbe8XncUe4ypoHxTzHLatWMh9hE0iQF0o=
last-modified: Thu, 14 Jan 2021 16:45:27 GMT
server: cloudflare
etag: W/"33bd893e80f59387f5999d5b6b2bdeba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 07dc54eb600000dfa5d8848000000001
cf-ray: 6173f0f21feadfa5-FRA
expires: Mon, 25 Jan 2021 18:11:39 GMT

GET
H2 200 163420.js Show response
js.hs-banner.com/ 56 KB
14 KB 40ms
23ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/163420.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/163420.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b26d99c7ea428db7b5288f390743f173e12feb9132bcf619b8dd9ac89fc7d83

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=IE6RhQ==, md5=fFLp/DS3GwHzD29YGW1CnA==
date: Mon, 25 Jan 2021 18:08:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 124
x-guploader-uploadid: ABg5-UyuoQI-auv-4sp8lhayldlcfh43Q7RT2VphzPNrkO83382iikGlhL5I8-61qP9N44NEgIWrJ7QIvCzZns8z4UM
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 07dc54eb510000062584a67000000001
timing-allow-origin: *
last-modified: Tue, 05 Jan 2021 17:13:45 GMT
server: cloudflare
etag: W/"7c52e9fc34b71b01f30f6f58196d429c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1609866825826631
access-control-allow-origin: https://www.omnicell.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 56872
cf-ray: 6173f0f21da00625-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 25 Jan 2021 18:11:39 GMT

GET
H2 200 modules.59fae23e8e8310b9fca6.js Show response
script.hotjar.com/ 223 KB
59 KB 136ms
47ms Script
application/javascript 13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.59fae23e8e8310b9fca6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1753536.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-122.zrh50.r.cloudfront.net

Software

Resource Hash

05cd215b7b218de7ab7c87c2b051c3be0d336780bbd627df696563580d5de2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 16:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265375
x-cache: Hit from cloudfront
content-length: 59724
access-control-allow-origin: *
last-modified: Fri, 22 Jan 2021 16:22:44 GMT
etag: "474bf4f62df1bb58f039e2f05cbd9062"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: O_TmWcl5TxPJ-9h2ga3N3jYb-iuuMJVKvdVvB_BXxVOpdnlA-P4kpQ==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 6E03 0
0 126ms
41ms Document
text/html 13.224.102.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1753536.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-36.zrh50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 7_sqSG0PtQBxDFeHV8CUFZwwJ7QTBkSsZhChOSzQEK9a9Z4rN-8UXQ==
age: 5447259

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 402ms
100ms Script
application/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: go.omnicell.com
URL: https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:08:44 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
Last-Modified: Fri, 13 Mar 2020 19:43:37 GMT
Server: PardotServer
ETag: "1442-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1842
Expires: Wed, 25 Jan 2023 18:08:44 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
239 B 205ms
147ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4axy&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Mon, 25 Jan 2021 18:08:44 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 186289c7353a6e9f0ac424b6f05ae7e6
x-transaction: 0098460100ff5d53
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 200ms
142ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4pck&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Mon, 25 Jan 2021 18:08:44 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 186289c7353a6e9f0ac424b6f05ae7e6
x-transaction: 00faadd400033c38
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
237 B 202ms
144ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o4t10&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Mon, 25 Jan 2021 18:08:44 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 186289c7353a6e9f0ac424b6f05ae7e6
x-transaction: 00c9c5660075ef0f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
777 B 46ms
29ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=163420&pu=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&t=Unsubscribe+Confirm&cts=1611598124070&vi=216f765ac0d1a24039e1b744646b3071&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:44 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6173f0f38d0a0eab-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
content-length: 45
cf-request-id: 07dc54ec3a00000eab96097000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EeF3WtykkcDmv93iY6ey3kEoVZz84WliR5e8fYVQC%2B9YmUIOXMvQEEaDsy8AkJFk2jScyPSn1YAsqYAa4UbnsjPaViFqrDPiK6z9BwUwQFlpFzRV3NxaYimiUQsIBA%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

200

tracking.png
lltrck.com/
Redirect Chain

https://lltrck.com/api/tracking?accountId=33276&page=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F15673601...
https://lltrck.com/tracking.png

68 B
296 B

101ms
101ms

Image
image/png

3.220.33.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lltrck.com/tracking.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.33.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-33-83.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:08:44 GMT
last-modified: Fri, 11 Dec 2020 13:31:45 GMT
server: Kestrel
etag: "1d6cfc1f7f9f6c4"
strict-transport-security: max-age=2592000
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
expires: -1

Redirect headers

location: /tracking.png
date: Mon, 25 Jan 2021 18:08:44 GMT
server: Kestrel
access-control-allow-origin: *
content-length: 0
strict-transport-security: max-age=2592000

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1753536/ 152 B
305 B 115ms
42ms XHR
application/json 52.19.70.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1753536/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.59fae23e8e8310b9fca6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.70.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-70-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Jan 2021 18:08:44 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 204 1753536 Show response
vc.hotjar.io/sessions/ 0
256 B 168ms
76ms XHR
text/plain 13.224.102.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1753536?s=0.25&r=0.08869746990355543
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.59fae23e8e8310b9fca6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-34.zrh50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:44 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 8TlLayEy9ULugu_mnYhKxByzKZgMfeP0lJ87lTl0Py446YMwjdhHCA==

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 4 KB
3 KB 280ms
280ms Script
text/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=26875&account_id=863671&title=Unsubscribe%20Confirm&url=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: a4424c485133adb7562c632eac8080e9d0627bce5365a5e7c49cbe2624736324

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 18:08:44 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
X-Pardot-Rsp: 16/6/27
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 1732
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
go.omnicell.com/ 52 B
1 KB 2062ms
2062ms Script
text/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.omnicell.com/analytics?conly=true&visitor_id=269064338&visitor_id_sign=3506809f1b7fab7040efea0cfd9ad30e4f4aedeb79ae04c097f60e2c749c9128d5b3c3853e26bf4933dc434f32425ac1e7f05605&pi_opt_in=&campaign_id=26875&account_id=863671&title=Unsubscribe%20Confirm&url=https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=26875&account_id=863671&title=Unsubscribe%20Confirm&url=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&referrer=
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 18:08:44 GMT
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
X-Pardot-Rsp: 16/108/231
Vary: User-Agent
P3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 52
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 embed_shepherd-v1.js Show response
fast.wistia.com/static/ 607 KB
110 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/static/embed_shepherd-v1.js

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=26875&account_id=863671&title=Unsubscribe%20Confirm&url=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&referrer=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

364492735074d322d76832cccb0c5d7b5518e15f3ef98b867f29cdd8b412312a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:44 GMT
content-encoding: br
vary: Accept-Encoding
age: 156
x-cache: HIT, HIT
content-length: 112597
x-served-by: cache-dca17769-DCA, cache-hhn4073-HHN
access-control-allow-origin: *
x-browser-version: 83
last-modified: Mon, 25 Jan 2021 17:17:59 GMT
x-timer: S1611598125.738441,VS0,VE0
etag: "600efd47-1b7d5"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 6

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=366095420765676&ev=Microdata&dl=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010&rl=&if=false&ts=1611598125188&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Unsubscribe%20Confirm%22%2C%22meta%3Adescription%22%3A%22%25%25description%25%25%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611598123684.1070872280&it=1611598123656&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 25 Jan 2021 18:08:45 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 166 B
1 KB 191ms
173ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=163420&currentUrl=https%3A%2F%2Fgo.omnicell.com%2FlistUnsubscribeHeader%2Fu%2F862671%2Ffb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f%2F156736010

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71c9561df4eb26954160a4db179647e34df5bd73b8c9c5425d8ad25e75031f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:08:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 07dc55128900003244fb864000000001
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XTpC45w943xeHrXBRQHzd9UD9GOZ1CShpilGrJu2Hh9DU3b1MMBWpLrBlwT7MTss2%2BFo8jq6j8qCRX88W67y7SmTLz7A4qdA%2FYyZaYKTcufxrvPfBMT5PAsuTMXW4Q%3D%3D"}],"group":"cf-nel"}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://go.omnicell.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6173f130dec13244-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.omnicell.com/	1970-01-20 00:25:34	Name: _hjid Value: adfb40d5-244a-4358-9b2e-63c6e7d4b904
.omnicell.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.omnicell.com/	1970-01-19 17:49:34	Name: _fbp Value: fb.1.1611598123684.1070872280
.omnicell.com/	1970-01-20 00:25:34	Name: _conv_data Value: {"timestamp":1611598123688,"source":"direct","medium":"none","content":false,"campaign":false,"term":"not provided","landing_page":"https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010"}
go.omnicell.com/	1970-01-19 15:39:58	Name: _hjIncludedInPageviewSample Value: 1
.omnicell.com/	1970-01-19 15:39:59	Name: _hjFirstSeen Value: 1
.omnicell.com/	1970-01-20 00:25:34	Name: _orig_data Value: {"timestamp":1611598123688,"source":"direct","medium":"none","content":false,"campaign":false,"term":"not provided","landing_page":"https://go.omnicell.com/listUnsubscribeHeader/u/862671/fb4658507ee7db6ac181f5cf54705bcf12eafc1f9f7b4e7d6914d743b69eb67f/156736010"}
.omnicell.com/	1970-01-19 15:39:58	Name: _dc_gtm_UA-118012149-1 Value: 1
.omnicell.com/	1970-01-19 15:41:24	Name: _gid Value: GA1.2.971668685.1611598124
go.omnicell.com/	1970-01-19 15:39:58	Name: _hjIncludedInSessionSample Value: 0
.omnicell.com/	1970-01-19 15:39:59	Name: _hjAbsoluteSessionInProgress Value: 1
.omnicell.com/	1970-01-19 17:49:34	Name: _gcl_au Value: 1.1.1177743361.1611598124
.omnicell.com/	1970-01-20 09:11:10	Name: _ga Value: GA1.2.462633495.1611598124

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ipinfo.io/json?format=jsonp&callback=getIP(Line 1) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com
analytics.twitter.com
cdn.digitalreachagency.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fast.wistia.com
forms.hubspot.com
go.omnicell.com
go.pardot.com
googleads.g.doubleclick.net
in.hotjar.com
ipinfo.io
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
lltrck.com
pi.pardot.com
px.ads.linkedin.com
s.adroll.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
track.hubspot.com
track.leadlander.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.197
104.244.42.3
13.224.102.122
13.224.102.20
13.224.102.34
13.224.102.36
172.217.22.2
199.232.136.157
2.18.233.206
2.18.233.40
216.239.38.21
2606:4700:3036::6815:37c2
2606:4700::6811:46b0
2606:4700::6811:d4cc
2606:4700::6811:e7cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2a00:1450:4001:801::2004
2a00:1450:4001:809::2008
2a00:1450:4001:817::2003
2a00:1450:4001:818::2004
2a00:1450:4001:825::200e
2a00:1450:4001:829::2002
2a00:1450:400c:c00::9b
2a02:26f0:6c00:295::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::622
2a05:f500:10:101::b93f:9105
3.220.33.83
52.19.70.84
52.202.69.186
52.44.242.176
63.35.200.21
05cd215b7b218de7ab7c87c2b051c3be0d336780bbd627df696563580d5de2c7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
27b3d8b817e022b8d8e3cb137a7d3b9b1ae02f2da1f47e4274962c353e3d71e2
338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d
347b9a32241d6e8698d26eb9405ac0fed4840e69cb3392736b54613965f88884
34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0
364492735074d322d76832cccb0c5d7b5518e15f3ef98b867f29cdd8b412312a
3bbf062f6165b6a53dc394a167406d4d8e64d22c372ea79dc26bf91b24e51303
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
5860771fcd971f0550e445042c677ee63ad53bd617e271ec7dd3fb0f8a5698d8
5b26d99c7ea428db7b5288f390743f173e12feb9132bcf619b8dd9ac89fc7d83
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
71c9561df4eb26954160a4db179647e34df5bd73b8c9c5425d8ad25e75031f5b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
95bace49bab9a1f9178ce8f9d9c6afabc371dabe21bcfa5f1c4b26b175bafc17
99abed825d39b5a4640e617b6830ef4eebf36278c6a6cd62419b49b0c9a866fb
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a4424c485133adb7562c632eac8080e9d0627bce5365a5e7c49cbe2624736324
a890ec8edab54cf6305582b9578e9f3627bf979a5df411e22647af2381f09e88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bfc1c196084caef95d6ee257d8283fd52be2012f31f3667890bdc18d6d677e41
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
c5c4c50f6c3ee197df9dd766950501029eaa50bd738b474d65507e643e2792a9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e47161e664b5b28642435cb736865b4ab8287779151d9996ef3064a70df3c56b
eb6e891952ff20c4fd6a20148806b4794d5136fc2fe2bfcd457e742c6e0a59c2
eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

go.omnicell.com Open in urlscan Pro 52.202.69.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

53 %IPv6

30 Domains

37 Subdomains

34 IPs

5 Countries

505 kBTransfer

2069 kBSize

13 Cookies

1 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

go.omnicell.com Open in urlscan Pro
52.202.69.186 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

53 %
IPv6

30
Domains

37
Subdomains

34
IPs

5
Countries

505 kB
Transfer

2069 kB
Size

13
Cookies

49 HTTP transactions
0 data transactions