app.getresponse.com Open in urlscan Pro
104.160.64.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD
Submission Tags: falconsandbox
Submission: On September 02 via api (September 2nd 2022, 2:28:08 am UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 22 domains to perform 47 HTTP transactions. The main IP is 104.160.64.9, located in United States and belongs to GETRESPONSE-IMPLIX, US. The main domain is app.getresponse.com. The Cisco Umbrella rank of the primary domain is 53175.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 30th 2022. Valid for: a year.

This is the only time app.getresponse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.160.64.9 104.160.64.9	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
11	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.17.117 108.138.17.117	16509 (AMAZON-02) (AMAZON-02)
1	68.70.204.1 68.70.204.1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.66.112.126 18.66.112.126	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:e30... 2a02:26f0:e300:18b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:97c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1759	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	27

1 104.160.64.9 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com

app.getresponse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

us-as.gr-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-117.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.70.204.1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-126.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300:18b::1931 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:97c9 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1759 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	gr-cdn.com us-as.gr-cdn.com — Cisco Umbrella Rank: 96645	78 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 527 c.clarity.ms — Cisco Umbrella Rank: 955 b.clarity.ms — Cisco Umbrella Rank: 5181	27 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 370 www.linkedin.com — Cisco Umbrella Rank: 586 px4.ads.linkedin.com — Cisco Umbrella Rank: 6068	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 354 c.bing.com — Cisco Umbrella Rank: 213	13 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 835	1 KB
3	survicate.com survey.survicate.com — Cisco Umbrella Rank: 5878 surveys-static.survicate.com — Cisco Umbrella Rank: 7575	111 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 596 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 880	70 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	388 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 102	54 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 154	111 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 777	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6487	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 529	354 B
1	t.co t.co — Cisco Umbrella Rank: 499	336 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8344	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 611	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 754	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 132	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	118 KB
1	getresponse.com app.getresponse.com — Cisco Umbrella Rank: 53175	7 KB
47	22

	Domain	Requested by
11	us-as.gr-cdn.com	app.getresponse.com
3	ct.pinterest.com	s.pinimg.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com
2	px.ads.linkedin.com	2 redirects
2	www.youtube.com	app.getresponse.com www.youtube.com
2	connect.facebook.net	app.getresponse.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	surveys-static.survicate.com	survey.survicate.com
1	b.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	www.google.de
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	analytics.twitter.com
1	t.co
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	tracking.g2crowd.com	app.getresponse.com
1	static.ads-twitter.com	app.getresponse.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	survey.survicate.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	app.getresponse.com
1	app.getresponse.com
47	30

This site contains no links.

Subject Issuer	Validity	Valid
*.getresponse.com Go Daddy Secure Certificate Authority - G2	`2022-03-30` - `2023-04-11`	a year	crt.sh
*.gr-cdn.com Go Daddy Secure Certificate Authority - G2	`2022-03-30` - `2023-04-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-11` - `2022-09-09`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD
Frame ID: 700AC6D5798BE75F427F233CF56A0A72
Requests: 45 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 3132593AB112F7BDCAA9222C34E202D8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 5648295AA54C5811A4E7A41061255B68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

E-Mail Marketing, Autoresponder, E-Mail Marketing Software – GetResponse

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

50 %
IPv6

22
Domains

30
Subdomains

27
IPs

5
Countries

649 kB
Transfer

2386 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D19203%26time%3D1662085682811%26url%3Dhttps%253A%252F%252Fapp.getresponse.com%252Fconfirm.html%253Fx%253Da62b%2526c%253DQfJJ7%2526sq%253DTYxMQX%2526u%253DGIYUZ%2526y%253Du%2526z%253DEVkCCTD%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&liSync=true&e_ipv6=AQI3V8WIc1L_HQAAAYL8Bth473Pkit4Du-I51Tll5NVdFlzynRWebJxWVHgIff5SBtIJ7xMC

Request Chain 40

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=65726A20836345F2AB9DD26777B18C54&RedC=c.clarity.ms&MXFR=27F3714A89916BBB237963598D916561 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=65726A20836345F2AB9DD26777B18C54&MUID=09C25189D72F665305B7439AD6FD678D

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request confirm.html Show response
app.getresponse.com/ 24 KB
7 KB 633ms
415ms Document
text/html 104.160.64.9
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL

https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),

Reverse DNS

norevdns.getresponse.com

Software

nginx /

Resource Hash

829793fc856f16e48339dd424a4caed8d4f42de9ecff2bc6ba43fbf631a0e052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy-report-only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
content-type: text/html; charset=utf-8
date: Fri, 02 Sep 2022 02:28:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 reset-56ba10cf5c.min.css
us-as.gr-cdn.com/stylesheets/core/global/default/ 856 B
676 B 76ms
19ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/stylesheets/core/global/default/reset-56ba10cf5c.min.css

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

bfd543081820173b2a30346f9b32271a763e9267b160da1c7b288f33405db935

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-358"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds292.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 456

GET
H2 200 main-72655b0b69.min.css
us-as.gr-cdn.com/stylesheets/core/global/default/ 2 KB
959 B 77ms
20ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/stylesheets/core/global/default/main-72655b0b69.min.css

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

dd8a54ed87ce80e0dd798d8817fca3bef4bd1d2f0618a4ca476b753aa711ca7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-865"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds270.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
server-timing: dtSInfo;desc="1"
accept-ranges: bytes
content-length: 807

GET
H2 200 common-64551b6907.min.css
us-as.gr-cdn.com/stylesheets/core/global/default/ 89 KB
19 KB 80ms
24ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/stylesheets/core/global/default/common-64551b6907.min.css

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

03973344e1f98c0ecffaddfc32a575b509962712ce61d29574ddc7a233c3c0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-1653a"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds111.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
server-timing: dtSInfo;desc="1"
accept-ranges: bytes
content-length: 18861

GET
H2 200 boxes-2b1c07ff1d.min.css
us-as.gr-cdn.com/stylesheets/core/global/default/ 8 KB
2 KB 80ms
24ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/stylesheets/core/global/default/boxes-2b1c07ff1d.min.css

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4ec0575d5be5afab9be20655553e856fc1d8bc7eaf5cbdedb1dbe83b334db859

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-217f"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds001.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2348

GET
H2 200 buttons-efd54c9723.min.css
us-as.gr-cdn.com/stylesheets/core/global/default/ 14 KB
3 KB 86ms
30ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/stylesheets/core/global/default/buttons-efd54c9723.min.css

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

8c2dd732fe98c99cd82b4da0dd8d02796f46c1551402447a48aabec1c1013ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 15:44:51 GMT
etag: W/"62d97473-38c3"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds281.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2756

GET
H2 200 forms-539140c9be.min.css
us-as.gr-cdn.com/stylesheets/core/global/default/ 25 KB
6 KB 89ms
33ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/stylesheets/core/global/default/forms-539140c9be.min.css

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

8cc2024d861f3f2b2bd8dd573fd42418cf202b440832cddad029c91cd8baf0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-641e"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds201.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5667

GET
H2 200 common-3c554a1965.min.css
us-as.gr-cdn.com/stylesheets/core/pages/panel/subscription/ 671 B
481 B 86ms
30ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/stylesheets/core/pages/panel/subscription/common-3c554a1965.min.css

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

351c8dbc6c7bd193200671868dd73b17b8a99ed6da1752dc27fab7628c42582b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-29f"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds207.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 356

GET
H2 200 jquery-1.5.1.min.js Show response
us-as.gr-cdn.com/javascripts/common/libs/jquery-1.5.1/ 83 KB
29 KB 89ms
33ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/common/libs/jquery-1.5.1/jquery-1.5.1.min.js

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

c6ea91234604edce04f8efab9617320d340ec8834efcafc74d2cae74ce5102aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-14d0b"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds216.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 29706

GET
H2 200 app-e85805ca53.min.js Show response
us-as.gr-cdn.com/javascripts/common/ 39 KB
11 KB 112ms
56ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/common/app-e85805ca53.min.js

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b1314ca57183207759a74c3f8dff489a6bebc0acf0008acb366d429abdb41944

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-9df7"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds125.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 11514

GET
H2 200 gtm_tracking_events_helper.js Show response
us-as.gr-cdn.com/javascripts/common/ix/ 2 KB
586 B 111ms
55ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/common/ix/gtm_tracking_events_helper.js

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1de2a1c7840b1cb2283efa622345f2c8ddd695dbca887bee9b7342436a75436d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-894"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds009.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
server-timing: dtSInfo;desc="1"
accept-ranges: bytes
content-length: 459

GET
H2 200 getresponse_white.png
us-as.gr-cdn.com/images/core/logo/ 5 KB
5 KB 19ms
19ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-as.gr-cdn.com/images/core/logo/getresponse_white.png

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

00dfe75756fff0ba20fc291544881fd1cb819dea2dec5831906e5d8456325658

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-12f5"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1662085680.dop118.am5.t,1662085680.cds302.am5.hn,1662085680.cds277.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4853

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 565 KB
118 KB 198ms
99ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ5TK7

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75112f1761e00d7f0788b2c03636481e1f03c20db562becc1c3c0e123259ff5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120701
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Sep 2022 02:28:00 GMT

GET
H2 200 hotjar-658879.js Show response
static.hotjar.com/c/ 18 KB
4 KB 46ms
7ms Script
application/javascript 108.138.17.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-658879.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ5TK7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-117.fra56.r.cloudfront.net

Software

Resource Hash

76270488edefefc548a6c8f7e58fe3c310c41a0139ae5fb9078cfd7f431ab6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: Hit from cloudfront
date: Fri, 02 Sep 2022 02:27:36 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/bbc532ac433b56c992959e8709a088c2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: 8E9qK5N1be4dHCqmgENixV_IyGx7z0G0zsiWuo0UBZexB1UyHWpFtA==

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/teVVboLLMhVLTlciAKaoQZdvzVeLhrfk/ 103 KB
14 KB 37ms
6ms Script
text/javascript 68.70.204.1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/teVVboLLMhVLTlciAKaoQZdvzVeLhrfk/web_surveys.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ5TK7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.70.204.1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7830add8859cb48b5ebb44e4c95e4caa9271415be0028d83602e9fd317d7e14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:01 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 01:30:33 GMT
server: keycdn-engine
x-amz-request-id: BF15N16X6YCZCKQY
x-edge-location: defr
etag: W/"8225a04817dc48d99b585df906a55134"
x-cache: HIT
x-amz-version-id: aVR1jfQsprW1VCaGTYri7dmJpF9HIiaf
access-control-allow-origin: *
cache-control: max-age=300
content-type: text/javascript
x-amz-id-2: +FTO4Bx676Be3Bq60PKEZStzwUXtqCN9vI0F37KqGknxPQoJhz7qY6XHEbmpSKgVeSWSxmkxfgE=

GET
H2 200 fonts.css
surveys-static.survicate.com/fonts/ 10 KB
1 KB 47ms
6ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/fonts/fonts.css
Requested by: Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/teVVboLLMhVLTlciAKaoQZdvzVeLhrfk/web_surveys.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 12:02:06 GMT
server: keycdn-engine
x-amz-request-id: XDFXXFPQKA3DVKC8
x-edge-location: defr
etag: W/"175a0d0343589473e72c6e512936d749"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-amz-id-2: mxFv8nvcK5QJrSesAEiuU6PZehODMzgOu6SjS6i/QBiJ8pDKoN+3psv95ktftqfwqga6CmHiAoA=

GET
H2 200 widget_core-15.7.3.js Show response
surveys-static.survicate.com/ 329 KB
96 KB 49ms
9ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-15.7.3.js
Requested by: Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/teVVboLLMhVLTlciAKaoQZdvzVeLhrfk/web_surveys.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b6d5fe5530902177ab6ba94de91976faa982a6489895a93cc55aad636a60d0b9

Request headers

Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 5EZGM82VRSGC0SYX
x-edge-location: defr
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:0a063b82-75b7-4d36-8cb7-a9b1fe6f7bef
x-cache: HIT
x-amz-meta-codebuild-content-sha256: c7a1d3d4368f7d4f9f0e78a63651f18f2b10fa3d3bf76118bc81404b472c4e83
x-amz-meta-codebuild-content-md5: ae98353eb3718cfb5a3a31c6c7194b69
x-amz-id-2: abXoXV3/ChftVKZo16JMGUoZWKEgaCm1/Hx0DL3TEcUUNrHNnLaSqBSezlSbREoDZIJeI0akV1A=
last-modified: Mon, 08 Aug 2022 08:46:00 GMT
server: keycdn-engine
etag: W/"e438206b3c2ab0ba0675e365b43b5c8f"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000

GET
H2 200 modules.07ac9b8d187d510db456.js Show response
script.hotjar.com/ 251 KB
64 KB 33ms
7ms Script
application/javascript 18.66.112.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.07ac9b8d187d510db456.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-658879.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-126.fra56.r.cloudfront.net

Software

Resource Hash

6781123ce0a5980c79aab49f43ea5e0d6b533406fdce2a524a86c9b23019267c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 12:30:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223074
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65413
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 12:29:33 GMT
etag: "fff5770f0de5c66c4269264cf792ec05"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 11B7wInL-m3JVvExK5uxUEux4oojv_8XQZACVml-fRJulAoTqcwdNw==

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame 3132 2 KB
1 KB 37ms
7ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-658879.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://app.getresponse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4384495
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-id: hLIX_6J06AQkmXd4vwPJ1YuDlKj2WILnidduBf5aAEfjlTDYbx0NuQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 61ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ5TK7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 602F4EE011544FF792BC27CD1751083C Ref B: FRAEDGE1211 Ref C: 2022-09-02T02:28:02Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 02 Sep 2022 02:28:02 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 133ms
47ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ5TK7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Sep 2022 02:28:02 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 34ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ5TK7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=57862
accept-ranges: bytes
content-length: 3063

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 262ms
141ms Script
application/javascript 2a02:26f0:e300:18b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ5TK7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:18b::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "b06b4e6cb1f66b46eb000478658c5236"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 32ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26752
x-xss-protection: 0
pragma: public
x-fb-debug: i7LJSUEIf1Zhpqp7tQWCsHjsOTo5vLgz6nqOpyQsXdyvDIyaY4G0doYKf8hPKfM3qj/kfqlj7bmFKR9FVh6ilA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 02 Sep 2022 02:28:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 35ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: MISS, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kjyo7100083-IAD, cache-hhn11544-HHN

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 161ms
54ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f3d06b683e03b37ccaad8d303f7a0d7e6c37e18f95a7555eee52ce5da12f9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 02 Sep 2022 02:28:02 GMT

GET
H2 200 1958.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 179ms
136ms Script
text/javascript 2606:4700:4400::ac40:97c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1958.js?p=https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD&e=

Requested by

Host: app.getresponse.com
URL: https://app.getresponse.com/confirm.html?x=a62b&c=QfJJ7&sq=TYxMQX&u=GIYUZ&y=u&z=EVkCCTD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0b7a4e94-7729-468e-9b78-43b8e645593f
x-runtime: 0.004249
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
strict-transport-security: max-age=604800
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 7442cf5daf955c62-FRA

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D19203%26time%3D1662085682811%26url%3Dhttps%253A%252F%252Fapp.getresponse.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCC...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkC...

0
264 B

212ms
181ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&liSync=true&e_ipv6=AQI3V8WIc1L_HQAAAYL8Bth473Pkit4Du-I51Tll5NVdFlzynRWebJxWVHgIff5SBtIJ7xMC
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6788B47D8322456BAF21F161E608FD95 Ref B: FRAEDGE1206 Ref C: 2022-09-02T02:28:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXnqHrAr13tekXCnZImVA==
x-li-fabric: prod-lor1

Redirect headers

date: Fri, 02 Sep 2022 02:28:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DE2AC791DFC849A9AB775767BBBDDB11 Ref B: FRAEDGE1317 Ref C: 2022-09-02T02:28:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19203&time=1662085682811&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&liSync=true&e_ipv6=AQI3V8WIc1L_HQAAAYL8Bth473Pkit4Du-I51Tll5NVdFlzynRWebJxWVHgIff5SBtIJ7xMC
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXnqHq9Oz47WAOJpL46XA==

GET
H2 200 adsct
t.co/i/ 43 B
336 B 139ms
117ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=a40053fb-d1ca-43d9-996d-984e89e1ca2e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4ccc4661-2671-4bf4-a40e-2dfe876b7803&tw_document_href=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxxui&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 02 Sep 2022 02:28:02 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: cefb07550b4d35386442a68664cb1e0244ebc00fd80b66eef56ea6270e1089a8
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 148ms
110ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a40053fb-d1ca-43d9-996d-984e89e1ca2e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4ccc4661-2671-4bf4-a40e-2dfe876b7803&tw_document_href=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxxui&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 02 Sep 2022 02:28:02 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 02143b0e96ce656ef5072d5e4456ba76f8b9cb0e72a0275360929e7365c04204
content-length: 43

GET
H2 200 137718833288453 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/137718833288453?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a20055a92d8f3046cd267aa02b14b00f6a35f88f72096b782378758cb5d7b5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86144
x-xss-protection: 0
pragma: public
x-fb-debug: WciO1achUYFDeNNGsxppVjnxnnbzbWUuEFUIhKfn+u8d9MHI16cCIo28X8lGPXGfY8xTdplrPvDWt48n67ZCEw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 02 Sep 2022 02:28:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4010620.js Show response
bat.bing.com/p/action/ 1 KB
860 B 148ms
148ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4010620.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

d1cf0e2d99774e1c8885eb1a9fe95911f33eb18dcf4b213253da2770d8ee5b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E2F94B8902EF47CBAFF93F3EADE95232 Ref B: FRAEDGE1211 Ref C: 2022-09-02T02:28:02Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Fri, 02 Sep 2022 02:28:02 GMT
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
174 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4010620&tm=gtm002&Ver=2&mid=98a56243-84cd-4898-bc5d-80ab8e37bbd8&sid=de9f69a02a6611ed8762e5f1620438d9&vid=de9f8c902a6611ed81b219f411d6a56b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=E-Mail%20Marketing,%20Autoresponder,%20E-Mail%20Marketing%20Software%20%E2%80%93%20GetResponse&p=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&r=&lt=1293&evt=pageLoad&sv=1&rn=507135

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4AB3B901A0524527822F3338711BF56B Ref B: FRAEDGE1211 Ref C: 2022-09-02T02:28:02Z
date: Fri, 02 Sep 2022 02:28:02 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 31ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=137718833288453&ev=PageView&dl=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&rl=&if=false&ts=1662085682868&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662085682867.1675067352&it=1662085682832&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 02 Sep 2022 02:28:02 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041710148/ 3 KB
2 KB 149ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1041710148/?random=1662085682915&cv=9&fst=1662085682915&num=1&label=2aboCMyf82MQxPjc8AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&tiba=E-Mail%20Marketing%2C%20Autoresponder%2C%20E-Mail%20Marketing%20Software%20%E2%80%93%20GetResponse&auid=1320457038.1662085681&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f44b63a83cf1b17dfa91fe1b24967402232e8b4994ec71776b6c2e378b4ae90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 02:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/5a3b6271/www-widgetapi.vflset/ 161 KB
52 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5a3b6271/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef9784347baaf9329877b3e77ac494af29d42a9df0944d53cb677bbb2daeb89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 01:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53414
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Sep 2023 01:22:59 GMT

GET
H2 200 4010620 Show response
www.clarity.ms/tag/uet/ 3 KB
3 KB 161ms
104ms Script
application/x-javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4010620
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4010620.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1c8e3f92f1320d59a4a96063cc75d23fef5ee5d02d77cafada7fc8435a4c2461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
x-powered-by: ASP.NET
x-azure-ref: 0M2oRYwAAAABLtyToIDqSTqGppy9BjwnHRlJBMzFFREdFMDMyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 main.55e552f9.js Show response
s.pinimg.com/ct/lib/ 53 KB
18 KB 138ms
138ms Script
application/javascript 2a02:26f0:e300:18b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.55e552f9.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:18b::1931 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "84c1602180f73853dc1e35f7296bdf7d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18601
access-control-expose-headers: X-CDN

GET
H2 200 /
www.google.com/pagead/1p-user-list/1041710148/ 42 B
548 B 132ms
48ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1041710148/?random=1662085682915&cv=9&fst=1662084000000&num=1&label=2aboCMyf82MQxPjc8AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&tiba=E-Mail%20Marketing%2C%20Autoresponder%2C%20E-Mail%20Marketing%20Software%20%E2%80%93%20GetResponse&async=1&fmt=3&is_vtc=1&random=3138955100&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 02:28:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1041710148/ 42 B
548 B 132ms
49ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1041710148/?random=1662085682915&cv=9&fst=1662084000000&num=1&label=2aboCMyf82MQxPjc8AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&frm=0&url=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&tiba=E-Mail%20Marketing%2C%20Autoresponder%2C%20E-Mail%20Marketing%20Software%20%E2%80%93%20GetResponse&async=1&fmt=3&is_vtc=1&random=3138955100&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 02:28:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.40/ 54 KB
23 KB 102ms
101ms Script
application/javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4010620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:02 GMT
content-encoding: br
etag: "1d8bd4806fdad30"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0M2oRYwAAAACllppVEXAsQ5cg+wMDEtzaRlJBMzFFREdFMDMyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=65726A20836345F2AB9DD26777B18C54&RedC=c.clarity.ms&MXFR=27F3714A89916BBB237963598D916561
https://c.clarity.ms/c.gif?CtsSyncId=65726A20836345F2AB9DD26777B18C54&MUID=09C25189D72F665305B7439AD6FD678D

42 B
368 B

27ms
26ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=65726A20836345F2AB9DD26777B18C54&MUID=09C25189D72F665305B7439AD6FD678D
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 02:28:02 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 02 Sep 2022 02:28:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FDA4C6F774145BE8640DC96C589DEC5 Ref B: FRAEDGE1211 Ref C: 2022-09-02T02:28:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=65726A20836345F2AB9DD26777B18C54&MUID=09C25189D72F665305B7439AD6FD678D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 540 B
759 B 89ms
47ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614365545183&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A1%7D&cb=1662085683188
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.55e552f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83e9b337cf07dd2c2d59aaf059cf26aafdaf5c995e8d0c8c6c3902b423f2d8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 02:28:03 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.getresponse.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU5HSmtaRGhtWVRjdFpqRTBNQzAwTlRnMUxXSmtOV1l0TVdNNU1HTTBORE0zWW1Jeg
x-pinterest-rid: 7673510275375360
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 376
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 87ms
48ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614365545183&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2255e552f9%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1662085683190
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Sep 2022 02:28:03 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1181837294918391
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 5648 565 B
401 B 35ms
34ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.55e552f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://app.getresponse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=21600
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 02 Sep 2022 02:28:03 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1711191858482117

POST
H2 204 collect Show response
b.clarity.ms/ 0
177 B 305ms
96ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.getresponse.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://app.getresponse.com
date: Fri, 02 Sep 2022 02:28:03 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 20ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=137718833288453&ev=Microdata&dl=https%3A%2F%2Fapp.getresponse.com%2Fconfirm.html%3Fx%3Da62b%26c%3DQfJJ7%26sq%3DTYxMQX%26u%3DGIYUZ%26y%3Du%26z%3DEVkCCTD&rl=&if=false&ts=1662085684371&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22E-Mail%20Marketing%2C%20Autoresponder%2C%20E-Mail%20Marketing%20Software%20%E2%80%93%20GetResponse%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.1.1662085682867.1675067352&it=1662085682832&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.getresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 02:28:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 02 Sep 2022 02:28:04 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.getresponse.com/	1969-12-31 23:59:59	Name: core Value: ue0q9agej469qs3c0g4nlc07jd
.getresponse.com/	1970-01-20 05:42:08	Name: timeout Value: logout_43200
.getresponse.com/	1970-01-20 07:07:49	Name: gr83p_59db3877322f17e6c0092c106bdf75dd Value: true
.getresponse.com/	1970-01-20 07:51:01	Name: _gcl_au Value: 1.1.1320457038.1662085681
.getresponse.com/	1970-01-20 14:27:01	Name: _hjSessionUser_658879 Value: eyJpZCI6ImI5YTQ2YTdiLWJkMTctNTc2Ny05MTgyLWUwMzI4ODJkNWY0MyIsImNyZWF0ZWQiOjE2NjIwODU2ODEyMDQsImV4aXN0aW5nIjpmYWxzZX0=
.getresponse.com/	1970-01-20 05:41:27	Name: _hjFirstSeen Value: 1
app.getresponse.com/	1970-01-20 05:41:25	Name: _hjIncludedInSessionSample Value: 0
.getresponse.com/	1970-01-20 05:41:27	Name: _hjSession_658879 Value: eyJpZCI6IjBmZmM3YjI1LTY2YTAtNDJjMy1hMGZkLTVjZjZjNWM0YTliOCIsImNyZWF0ZWQiOjE2NjIwODU2ODEyNjUsImluU2FtcGxlIjpmYWxzZX0=
.getresponse.com/	1970-01-20 05:41:27	Name: _hjAbsoluteSessionInProgress Value: 0
.bing.com/	1970-01-20 15:03:01	Name: MUID Value: 09C25189D72F665305B7439AD6FD678D
.getresponse.com/	1970-01-20 05:42:52	Name: _uetsid Value: de9f69a02a6611ed8762e5f1620438d9
.getresponse.com/	1970-01-20 15:03:01	Name: _uetvid Value: de9f8c902a6611ed81b219f411d6a56b
.getresponse.com/	1970-01-20 07:51:01	Name: _fbp Value: fb.1.1662085682867.1675067352
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: PtbeXQCvtBA
.youtube.com/	1970-01-20 10:00:37	Name: VISITOR_INFO1_LIVE Value: i_qB4z6DTpY
tracking.g2crowd.com/	1970-01-20 06:01:35	Name: _session_id Value: aa549dc4c703c85d55d99571b4d44773
.g2crowd.com/	1970-01-20 05:41:27	Name: __cf_bm Value: mBE6agHmOgzQyXA1XG2_kOcWpVKXezj38l7Kf96qOO4-1662085682-0-AQsfdWIecAp+5NjycNsplRrTd3Hy2ddPkDbw3U8YuIj2lHpiTKWigjM/zshcmwS3CGJmDHklmG6AfaTI4ShXPKY=
.t.co/	1970-01-20 15:17:25	Name: muc_ads Value: 3ca2fad8-6f3d-4302-b8c0-aaff7065d747
.twitter.com/	1970-01-20 15:17:25	Name: personalization_id Value: "v1_S4CetmDNE96UqW2WCqJ66g=="
.linkedin.com/	1970-01-20 06:24:37	Name: UserMatchHistory Value: AQJ0sBGAQg0g8QAAAYL8Btb7Nxvny3aJo42sI-uZpFBgA14M4GrrBbtjz4EP3XZphdroFqEPVgS9kg
.linkedin.com/	1970-01-20 06:24:37	Name: AnalyticsSyncHistory Value: AQKKzapX3srZBwAAAYL8Btb7ZGs818LCjAyb-MiKYQ5R1ZAdANAco6CIvJk6MXvTC4Qvqs-0ADN9lgVwWUvvkw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:27:01	Name: bcookie Value: "v=2&e6073a82-721d-417a-82af-08d22316f9a5"
.linkedin.com/	1970-01-20 05:42:52	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2752:u=1:x=1:i=1662085682:t=1662172082:v=2:sig=AQGrQ5OE45cJhJYJC4gsOx_F-CTx9s11"
.doubleclick.net/	1970-01-20 05:41:26	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 14:27:01	Name: CLID Value: 2c82880a2d844289980e0a244caa62e0.20220902.20230902
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:27:01	Name: bscookie Value: "v=1&202209020228036a8a59a2-4c28-4f3d-8410-20c74526828cAQGN-LlZO3J8sAfa7SqaAo4xB4HfdcYS"
.linkedin.com/	1970-01-20 10:00:37	Name: li_gc Value: MTswOzE2NjIwODU2ODM7MjswMjFOgAPc2u8oICXpUGgk9F7FV1ynBQ5vaXkfIbeV2CSdjw==
.getresponse.com/	1970-01-20 14:27:01	Name: _clck Value: mbvwix\|1\|f4j\|0
.c.bing.com/	1970-01-20 15:03:01	Name: SRM_B Value: 09C25189D72F665305B7439AD6FD678D
.app.getresponse.com/	1970-01-20 14:27:01	Name: _pin_unauth Value: dWlkPU5HSmtaRGhtWVRjdFpqRTBNQzAwTlRnMUxXSmtOV1l0TVdNNU1HTTBORE0zWW1Jeg
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:03:01	Name: MUID Value: 09C25189D72F665305B7439AD6FD678D
.c.clarity.ms/	1970-01-20 05:41:26	Name: ANONCHK Value: 0
.getresponse.com/	1970-01-20 05:42:52	Name: _clsk Value: lq4un4\|1662085683670\|1\|1\|b.clarity.ms/collect

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
app.getresponse.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
ct.pinterest.com
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
survey.survicate.com
surveys-static.survicate.com
t.co
tracking.g2crowd.com
us-as.gr-cdn.com
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
104.160.64.9
104.244.42.67
104.244.42.69
108.138.17.117
13.107.42.14
142.250.185.98
151.101.64.84
18.66.112.126
18.66.147.116
199.232.136.157
20.234.93.27
20.75.32.255
205.185.216.10
2606:4700:4400::ac40:97c9
2620:1ec:21::14
2620:1ec:27::cafe:1759
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2004
2a00:1450:4001:828::2003
2a02:26f0:3500:16::215:149b
2a02:26f0:e300:18b::1931
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a0b:4d07:102::1
68.70.204.1
00dfe75756fff0ba20fc291544881fd1cb819dea2dec5831906e5d8456325658
03973344e1f98c0ecffaddfc32a575b509962712ce61d29574ddc7a233c3c0d2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c8e3f92f1320d59a4a96063cc75d23fef5ee5d02d77cafada7fc8435a4c2461
1de2a1c7840b1cb2283efa622345f2c8ddd695dbca887bee9b7342436a75436d
2a20055a92d8f3046cd267aa02b14b00f6a35f88f72096b782378758cb5d7b5d
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
351c8dbc6c7bd193200671868dd73b17b8a99ed6da1752dc27fab7628c42582b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4ec0575d5be5afab9be20655553e856fc1d8bc7eaf5cbdedb1dbe83b334db859
4f3d06b683e03b37ccaad8d303f7a0d7e6c37e18f95a7555eee52ce5da12f9f4
5afc363b68106631c9744da4953b7f123c67bb28f07e85c21e97d06c439a093a
6781123ce0a5980c79aab49f43ea5e0d6b533406fdce2a524a86c9b23019267c
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
75112f1761e00d7f0788b2c03636481e1f03c20db562becc1c3c0e123259ff5e
76270488edefefc548a6c8f7e58fe3c310c41a0139ae5fb9078cfd7f431ab6d9
7830add8859cb48b5ebb44e4c95e4caa9271415be0028d83602e9fd317d7e14d
829793fc856f16e48339dd424a4caed8d4f42de9ecff2bc6ba43fbf631a0e052
83e9b337cf07dd2c2d59aaf059cf26aafdaf5c995e8d0c8c6c3902b423f2d8e7
8c2dd732fe98c99cd82b4da0dd8d02796f46c1551402447a48aabec1c1013ede
8cc2024d861f3f2b2bd8dd573fd42418cf202b440832cddad029c91cd8baf0e9
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f44b63a83cf1b17dfa91fe1b24967402232e8b4994ec71776b6c2e378b4ae90
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1314ca57183207759a74c3f8dff489a6bebc0acf0008acb366d429abdb41944
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6d5fe5530902177ab6ba94de91976faa982a6489895a93cc55aad636a60d0b9
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bfd543081820173b2a30346f9b32271a763e9267b160da1c7b288f33405db935
c6ea91234604edce04f8efab9617320d340ec8834efcafc74d2cae74ce5102aa
d1cf0e2d99774e1c8885eb1a9fe95911f33eb18dcf4b213253da2770d8ee5b01
dd8a54ed87ce80e0dd798d8817fca3bef4bd1d2f0618a4ca476b753aa711ca7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9784347baaf9329877b3e77ac494af29d42a9df0944d53cb677bbb2daeb89d
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

app.getresponse.com Open in urlscan Pro 104.160.64.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

50 %IPv6

22 Domains

30 Subdomains

27 IPs

5 Countries

649 kBTransfer

2386 kBSize

36 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

app.getresponse.com Open in urlscan Pro
104.160.64.9 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

50 %
IPv6

22
Domains

30
Subdomains

27
IPs

5
Countries

649 kB
Transfer

2386 kB
Size

36
Cookies

47 HTTP transactions
0 data transactions