ondexx.com Open in urlscan Pro
192.0.78.144  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1657019851560%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-campaign%252F%253Futm_content%253Dtext-link1%2526utm_source%253Dst-2022%2526utm_medium%253Demail%2526utm_campaign%253Ddr3%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3&liSync=true&e_ipv6=AQLYNPAkrJ4M-wAAAYHOFGSjUf8_5rm96DAhp3Q-xKPwBs3k3NZvFRzPkFkYCZlsuQz4JGTn

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ondexx.com/hero-campaign/	45 KB 13 KB	536ms 502ms	Document text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0257fbd61272630168e76d5e71c7013813c1c36557af0c7bc508afb00092e3c1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Tue, 05 Jul 2022 11:17:27 GMT host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" <https://ondexx.com/wp-json/wp/v2/pages/3076>; rel="alternate"; type="application/json" <https://ondexx.com/?p=3076>; rel=shortlink server nginx strict-transport-security max-age=31536000 vary Accept-Encoding Cookie x-ac 2.hhn _atomic_ams x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
GET H2	200	slick.css ondexx.com/wp-content/themes/Ondexx/js/slick/	2 KB 698 B	178ms 175ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.css Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:59 GMT server nginx etag W/"5f6ed60f-6f0" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Tue, 12 Jul 2022 11:17:27 GMT
GET H2	200	slick-theme.css ondexx.com/wp-content/themes/Ondexx/js/slick/	3 KB 931 B	179ms 175ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:53 GMT server nginx etag W/"5f6ed609-c49" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Tue, 12 Jul 2022 11:17:27 GMT
GET H2	200	f69857688e.js Show response kit.fontawesome.com/	11 KB 4 KB	75ms 34ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/f69857688e.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c45b7e88d35f33638aa07e6537039db5f5fd17ae1846759d6e99c07de3e9789 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:27 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 725fb1c199ddbbda-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id Fv7qxb8MCnHGlfowRU1B
GET H2	200	jquery-3.4.1.min.js Show response ondexx.com/wp-content/themes/Ondexx/js/vendor/	86 KB 31 KB	364ms 360ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/vendor/jquery-3.4.1.min.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:55 GMT server nginx etag W/"5f6ed60b-15851" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Tue, 12 Jul 2022 11:17:27 GMT
GET H2	200	slick.min.js Show response ondexx.com/wp-content/themes/Ondexx/js/slick/	42 KB 11 KB	183ms 179ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.min.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:48:06 GMT server nginx etag W/"5f6ed616-a76f" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Tue, 12 Jul 2022 11:17:27 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 930 B	93ms 36ms	Stylesheet text/css	2a00:1450:4014:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 05 Jul 2022 10:19:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 05 Jul 2022 11:17:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 05 Jul 2022 11:17:27 GMT
GET H2	200	style.css ondexx.com/wp-content/themes/Ondexx/	44 KB 10 KB	338ms 335ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1657019847 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f305605b98771f02238f3f7530a6b1b4d869fe9ef23c5eb9421be86cb68af1ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 03 Aug 2021 22:21:47 GMT server nginx etag W/"6109c17b-ae26" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=315360000 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ ondexx.com/_static/	847 KB 109 KB	226ms 223ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4slMm04XnV6hV5Dhx1EsMEVyXG5fnGzSRTr1DvHfEyCW7Dh5mQO086pdYLWul8mPTrgvVGqnVgW7yGnXgKflTjhrFxGYIIhI9qvIQhXFCQby9V92y+7re8dPyVYkyzxwajcVUDKS0Wmm6HKZDN6uD2jRmtDo8twL+7/aIPYIzlNTglSn/oQwC6ehI1XYbSILhwH2sMUFBWrOOKKZuCqUOJJhk3P+mlHqrv9W4YCyyc0FZvXzNNm0yTs2iBboFOFIZJOL9WeTOW60bjPNHcsVDFu9tpnbcXx5ONszLJMfbyO9rVf0I77vDy+Ht+fD/vn1B98iIgQ= Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f6a51916fa97ce5d9bc4b5973b3faf9cb2ef3ced0bb6b88295b54c783d2cf2e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br last-modified Mon, 04 Jul 2022 14:49:07 GMT server nginx x-page-optimize uncached etag W/"b8ca3e0d52818d2ab3e7ef868d7495a2" vary Accept-Encoding content-type text/css;charset=utf-8 cache-control max-age=31536000 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams host-header WordPress.com
GET H2	200	dashicons.min.css ondexx.com/wp-includes/css/	58 KB 34 KB	180ms 178ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/css/dashicons.min.css?ver=6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 03 Mar 2021 21:16:22 GMT server nginx etag W/"603ffca6-e688" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=315360000 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	73 KB 4 KB	96ms 39ms	Stylesheet text/css	2a00:1450:4014:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Bitter%7CHind%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COpen+Sans%3A400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C700%2C900%7CMontserrat%7CDroid+Sans%7CRoboto%7CLora%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%7CRubik%7CMerriweather%3A300%2C400%2C700%2C900%7CPoppins%7CRopa+Sans%7CPlayfair+Display%7CRubik%7CSource+Sans+Pro%7CRoboto+Condensed%7CRoboto+Slab%3A300%2C400%2C700%7CAmatic+SC%3A400%2C700%7CQuicksand%7COswald%7CQuicksand%3A400%2C500%2C700%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CFjalla+One&ver=6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 29018e42a912cac40616f37401d757f26f72b457582f13dd763d8a76c757eaad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 05 Jul 2022 11:14:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 05 Jul 2022 11:17:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 05 Jul 2022 11:17:27 GMT
GET H2	200	jquery.min.js Show response ondexx.com/wp-includes/js/jquery/	87 KB 31 KB	183ms 181ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 10 Mar 2021 15:07:24 GMT server nginx etag W/"6048e0ac-15db1" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ Show response ondexx.com/_static/	246 KB 56 KB	199ms 197ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/_static/??-eJyVj0tOAzEQRC9EzyhSGMQCcQWu4LELp4N/uNsxc3ucwDaRRmqpN/Xq0wtxsqE5yHwe991Qt/9HkX01iilyms7y1AvZnBRJ5xKa5ySzDTBJTfgiKSZSqVlh9epkymqVSlsDW1pbcuGRD+IKR9YEDOFGYk9wLXDysxGB3rp1dh56z+CCClFSjhgcrgBL1lywg/jbPa0/Etih7smKxkNCNg7u0c77oaVCdfs4jc474J77DjWUPutN5wb1Ht8Oy/PyelwOx5dfppLHEg== Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash fc0112ef6b6e4160a2fc9c5caa8f70a391ab107f689bcd2b593afd3ed864d1ed Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br last-modified Mon, 04 Jul 2022 14:49:07 GMT server nginx x-page-optimize uncached etag W/"beba4bf9cbd1d0893e2e28dfc4d6bcb3" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams host-header WordPress.com
GET H2	200	js Show response www.googletagmanager.com/gtag/	103 KB 40 KB	198ms 109ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-157050359-1 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5bcde64f06e556a7ca4e168e924f22464627fe1dec29ddba5ea88dc493f9ab7b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40365 x-xss-protection 0 last-modified Tue, 05 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Jul 2022 11:17:28 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	110 KB 43 KB	184ms 97ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 151c5b9f33a15733dbd6931ef26a289072bb6b31e933cdf4f2130da3da6b8b38 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43935 x-xss-protection 0 last-modified Tue, 05 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Jul 2022 11:17:28 GMT
GET H2	200	plugins.js Show response ondexx.com/wp-content/themes/Ondexx/js/	662 B 411 B	178ms 176ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/plugins.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 03d0fd5f4159ebcdef4f514d6532f163276b8493482423efdbb5a5187d05ef59 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:57 GMT server nginx etag W/"5f6ed60d-296" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Tue, 12 Jul 2022 11:17:27 GMT
GET H2	200	main.js Show response ondexx.com/wp-content/themes/Ondexx/js/	118 B 247 B	177ms 175ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/main.js?v=1657019847 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 92a1f8ab048c0e20c473f136314fc89e84eae12ff130de142d0d44f408625345 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:42 GMT server nginx etag "5f6ed5fe-76" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 118 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	126ms 39ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 759 date Tue, 05 Jul 2022 11:04:49 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 05 Jul 2022 13:04:49 GMT
GET H2	200	bilmur.min.js Show response s0.wp.com/wp-content/js/	6 KB 2 KB	27ms 6ms	Script application/javascript	192.0.77.32 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://s0.wp.com/wp-content/js/bilmur.min.js?m=202227 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9e038ad8d6f4e0982fc74aa17e251982a487d9e7326ab37ae739d146236593b3 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-nc HIT hhn 1 date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br server nginx etag W/"6246db7c-16da" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 x-ac 2.hhn _dca timing-allow-origin * expires Tue, 04 Jul 2023 00:00:01 GMT
GET H2	200	e-202227.js Show response stats.wp.com/	9 KB 3 KB	28ms 7ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202227.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-nc HIT hhn date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br server nginx etag W/"6197c5cf-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Mon, 26 Jun 2023 00:37:21 GMT
GET H2	200	pro-v4-shims.min.js Show response ka-p.fontawesome.com/releases/v5.15.4/js/	14 KB 4 KB	54ms 45ms	Fetch application/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=f69857688e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f69857688e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag "610ae215-1003" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 725fb1c28be7bbda-FRA content-length 4099
GET H2	200	pro.min.js Show response ka-p.fontawesome.com/releases/v5.15.4/js/	40 KB 14 KB	45ms 36ms	Fetch application/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=f69857688e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f69857688e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag "610ae215-37b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 725fb1c28beabbda-FRA content-length 14264
GET H2	200	wp-emoji-release.min.js Show response ondexx.com/wp-includes/js/	18 KB 5 KB	178ms 177ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 12 Apr 2022 05:56:23 GMT server nginx etag W/"62551487-48b9" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	83 KB 32 KB	195ms 147ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N4GX5F3 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 898595428fead02d4e3671b26fa631191098dac93c15950a32805f2876fb1fb3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33035 x-xss-protection 0 last-modified Tue, 05 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Jul 2022 11:17:28 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	87 KB 34 KB	100ms 52ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N79F75T Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d0bb8d440f63194fc8fe889d08f252348d8ca66566f5ddd11044ac5b4600752c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34432 x-xss-protection 0 last-modified Tue, 05 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Jul 2022 11:17:28 GMT
GET H2	200	Ondex_Horizontal.svg ondexx.com/wp-content/themes/Ondexx/images/	5 KB 2 KB	174ms 174ms	Image image/svg+xml	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/Ondex_Horizontal.svg Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1657019847 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9c1a15bed2e7bcd5a535fb0fe69ef2b0be90da9a3f2e1218dbb52c0ae27bec2f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1657019847 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:43 GMT server nginx etag W/"5f6ed5ff-134e" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg ondexx.com/wp-content/uploads/2021/06/	363 KB 363 KB	406ms 406ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 919acbbc8643239878739433a76b5f767a96cc6e62063cb9f1ea262e259d730d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 15 Jun 2021 06:50:08 GMT server nginx etag "60c84da0-5aab7" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 371383 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	120ms 37ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 17:08:09 GMT x-content-type-options nosniff age 583759 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 Jun 2023 17:08:09 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	154ms 71ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 17:08:09 GMT x-content-type-options nosniff age 583759 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 Jun 2023 17:08:09 GMT
GET H/1.1	200 OK	564404923 Show response player.vimeo.com/video/ Frame CB81	17 KB 9 KB	380ms 332ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/564404923?color=e31f26 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed7bdb4704dfa93d78fc7a0ed5fff980ddcaefc1c7a265089e2c6311b3e05e15 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ondexx.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 725fb1c53dd4996e-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 05 Jul 2022 11:17:28 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-hhn4022-HHN X-Timer S1657019849.529265,VS0,VE304 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* expires Fri, 15 Dec 1985 19:30:00 GMT link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy10 x-bapp-server player-v116-5z45q x-content-type-options nosniff x-host player-v116-5z45q x-varnish-cache 0 x-vserver playproxy-prod-varnish-9 x-xss-protection 1; mode=block
GET H/1.1	200 OK	410832094 Show response player.vimeo.com/video/ Frame 7746	17 KB 9 KB	291ms 243ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/410832094?color=e31f26 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ecfc285d04cab8efd04375fdd6a06aba09f6223053858cbb9bb65d91cfdd336 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ondexx.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 725fb1c53ad25b74-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 05 Jul 2022 11:17:28 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-fra19151-FRA X-Timer S1657019849.529148,VS0,VE216 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* expires Fri, 15 Dec 1985 19:30:00 GMT link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy6 x-bapp-server player-v116-vxmpf x-content-type-options nosniff x-host player-v116-vxmpf x-varnish-cache 0 x-vserver playproxy-prod-varnish-5 x-xss-protection 1; mode=block
GET H2	200	7063729.js Show response js.hs-analytics.net/analytics/1657020000000/	62 KB 20 KB	182ms 161ms	Script text/javascript	2606:4700::6811:47b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1657020000000/7063729.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01f33abe59fd963b523bd92871c4a5809138b1934312afe84eee9db97a7b7f5e Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br cf-cache-status MISS x-amz-request-id XGDZYX53JGAXW0P5 x-amz-server-side-encryption AES256 cf-ray 725fb1c51e0c92ba-FRA x-amz-id-2 tiid8gxed7ZLiInZmJ9LbaorN8PvVlTZQfnxliciZn/RI0D7MXgs8/jjWO/uTTLsG8Hp+7eLfNo= last-modified Tue, 14 Jun 2022 15:41:41 GMT server cloudflare etag W/"e2ca4a41b83cb2d74feaa3dbe3fd7a3c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id null cache-control max-age=300, public access-control-allow-credentials false content-type text/javascript expires Tue, 05 Jul 2022 11:22:28 GMT
GET H2	200	Screenshot-2021-07-13-222711.png ondexx.com/wp-content/uploads/2021/08/	1000 KB 1001 KB	386ms 385ms	Image image/png	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/08/Screenshot-2021-07-13-222711.png Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e80163c34bbbf05c2809d6058bb838ce44f88d89ceb4978683ccf39de59838ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 03 Aug 2021 17:52:48 GMT server nginx etag "61098270-f9e04" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 1023492 expires Tue, 12 Jul 2022 11:17:28 GMT
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e8da020dda5f6255fa92b7991ad7ccf5b9ed5b9fd9708fd874848eca81d6b3ab Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	605 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56b98b83138a32bc18b90afb94b16f4d8dd32c24cc06b0e5caad09c862ad8e2b Request headers Referer Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Screenshot-2021-03-08-234416.png ondexx.com/wp-content/uploads/2021/03/	216 KB 217 KB	218ms 218ms	Image image/png	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/03/Screenshot-2021-03-08-234416.png Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 908400519fa42964c72b4182456acf7e4e1c3126466b3d1c247d401b04b24513 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 09 Mar 2021 04:45:26 GMT server nginx etag "6046fd66-3617a" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 221562 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	dictionary-success-magnified-PXJEDEE.jpg ondexx.com/wp-content/uploads/2021/06/	5 MB 5 MB	294ms 293ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/dictionary-success-magnified-PXJEDEE.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f63c397b823a0c16ff12c425b6b33ba288c1a7656ba9c68d019a01bcf54c2446 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 19 Jun 2021 00:07:40 GMT server nginx etag "60cd354c-500cd9" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 5246169 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg ondexx.com/wp-content/uploads/2020/06/	246 KB 246 KB	443ms 442ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2020/06/portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a59d5f74dc3410d33c91f7bf20c78bfde2fdb6c8e490d16d9289f218fce05737 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 06:18:28 GMT server nginx etag "5f6edd34-3d872" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 252018 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	high-five-27SLYDW.jpg ondexx.com/wp-content/uploads/2021/06/	23 MB 23 MB	176ms 175ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/high-five-27SLYDW.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 14293a71a55ed97de24a979f463b49744fa1d25e2a459b9c5330024c6825a67c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 15 Jun 2021 07:12:09 GMT server nginx etag "60c852c9-1730fe6" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 24317926 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	vintage-red-clock.jpg ondexx.com/wp-content/uploads/2020/04/	164 KB 165 KB	379ms 378ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2020/04/vintage-red-clock.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 63bdeac35cbb3b234612fcbb6a3983ee916ad155f58f489397ddb3843d1a4f95 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 06:11:00 GMT server nginx etag "5f6edb74-291c8" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 168392 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	rwo-power.png ondexx.com/wp-content/themes/Ondexx/images/	8 KB 8 KB	173ms 172ms	Image image/png	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/rwo-power.png Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1657019847 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0ca853d2acc14c2fb7c88c0a9d87502691b0a12aba40532d074178a0ff754c68 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1657019847 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:50 GMT server nginx etag "5f6ed606-1f73" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 8051 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	Ondexx_master_White_buyline.svg ondexx.com/wp-content/themes/Ondexx/images/	11 KB 3 KB	173ms 173ms	Image image/svg+xml	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/Ondexx_master_White_buyline.svg Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1657019847 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 87332c922795402d5a79ca50a97c78da9c072ba141ccc38e6e734b5d1b0e5537 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1657019847 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:48:16 GMT server nginx etag W/"5f6ed620-2ca3" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	404	fa-solid-900.woff2 ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	502ms 502ms	Font text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff2 Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4slMm04XnV6hV5Dhx1EsMEVyXG5fnGzSRTr1DvHfEyCW7Dh5mQO086pdYLWul8mPTrgvVGqnVgW7yGnXgKflTjhrFxGYIIhI9qvIQhXFCQby9V92y+7re8dPyVYkyzxwajcVUDKS0Wmm6HKZDN6uD2jRmtDo8twL+7/aIPYIzlNTglSn/oQwC6ehI1XYbSILhwH2sMUFBWrOOKKZuCqUOJJhk3P+mlHqrv9W4YCyyc0FZvXzNNm0yTs2iBboFOFIZJOL9WeTOW60bjPNHcsVDFu9tpnbcXx5ONszLJMfbyO9rVf0I77vDy+Ht+fD/vn1B98iIgQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4slMm04XnV6hV5Dhx1EsMEVyXG5fnGzSRTr1DvHfEyCW7Dh5mQO086pdYLWul8mPTrgvVGqnVgW7yGnXgKflTjhrFxGYIIhI9qvIQhXFCQby9V92y+7re8dPyVYkyzxwajcVUDKS0Wmm6HKZDN6uD2jRmtDo8twL+7/aIPYIzlNTglSn/oQwC6ehI1XYbSILhwH2sMUFBWrOOKKZuCqUOJJhk3P+mlHqrv9W4YCyyc0FZvXzNNm0yTs2iBboFOFIZJOL9WeTOW60bjPNHcsVDFu9tpnbcXx5ONszLJMfbyO9rVf0I77vDy+Ht+fD/vn1B98iIgQ= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Tue, 05 Jul 2022 11:17:28 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	14ms 6ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A11.1-beta2&blog=172565319&post=3076&tz=-4&srv=ondexx.com&hp=atomic&ac=2&amp=0&host=ondexx.com&ref=&fcp=1115&rand=0.8813832249325995 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin * date Tue, 05 Jul 2022 11:17:28 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H2	200	play-circle.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	607 B 425 B	39ms 38ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/play-circle.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1427373d63486672985cc1a4c61d7dfe81f4ec37919b6064ad202670b1001af6 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:47 GMT server cloudflare etag W/"610ae23b-25f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 725fb1c52863bbda-FRA
GET H2	200	phone-volume.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	1 KB 647 B	42ms 41ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/phone-volume.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fbcb0906cf302e36acad1d89ad92b8d2e6f36db432c3bca8cfcb51610d4c2a5 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:47 GMT server cloudflare etag W/"610ae23b-4a1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 725fb1c52864bbda-FRA
GET H2	200	at.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/	1 KB 728 B	40ms 39ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/at.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dc312dd10b9367e654099cd966f54c2405a64bc47f740b30a0fb2219809e445 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:57:01 GMT server cloudflare etag W/"610ae2fd-45a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 725fb1c52865bbda-FRA
GET H2	200	calendar-edit.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	1 KB 657 B	28ms 28ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/calendar-edit.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d0973c3031fef0c0b53d5fb0bc68e91c7f1d82c353235e6852b08618a57522b Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:30 GMT server cloudflare etag W/"610ae22a-520" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 725fb1c52868bbda-FRA
GET H2	200	ajax-loader.gif ondexx.com/wp-content/themes/Ondexx/js/slick/	4 KB 4 KB	183ms 183ms	Image image/gif	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/ajax-loader.gif Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:48:02 GMT server nginx etag "5f6ed612-1052" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/gif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 4178 expires Tue, 12 Jul 2022 11:17:28 GMT
GET H2	200	slick.woff ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/	1 KB 1 KB	331ms 330ms	Font application/font-woff	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/slick.woff Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:54 GMT server nginx etag "5f6ed60a-564" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 1380 expires Tue, 12 Jul 2022 11:17:28 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 202 B	48ms 47ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=585959494&t=pageview&_s=1&dl=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&ul=en-us&de=UTF-8&dt=Hero-Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1651414707&gjid=669991375&cid=389192119.1657019849&tid=UA-XXXXX-Y&_gid=383856872.1657019849&_r=1&z=1957982178 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ondexx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	103 KB 40 KB	54ms 53ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-157050359-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79F75T Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 54850ef466d9e2ac53b63efe2e7059adcd6faeaaaca0c0023cc6c411c1538de3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40368 x-xss-protection 0 last-modified Tue, 05 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Jul 2022 11:17:28 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	110 KB 43 KB	61ms 60ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79F75T Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3dd15ee0b04563c5189aef5b3427bbd2dcb78c4cabbf30f8021385b8fd357b36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43939 x-xss-protection 0 last-modified Tue, 05 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Jul 2022 11:17:28 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	40 KB 15 KB	132ms 44ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-480613323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15163 x-xss-protection 0 server cafe etag 11137310801552021614 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 05 Jul 2022 11:17:28 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	46ms 46ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=585959494&t=pageview&_s=1&dl=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&ul=en-us&de=UTF-8&dt=Hero-Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAC~&jid=671368082&gjid=1816475139&cid=389192119.1657019849&tid=UA-157050359-1&_gid=383856872.1657019849&_r=1&gtm=2ou6t0&did=dZTNiMT&gdid=dZTNiMT&z=1701011521 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ondexx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d.jpg i.vimeocdn.com/video/ Frame 7746	1 KB 2 KB	160ms 132ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5c8efb76f3ee2b86931c4f8a0ce0c015e602100f5b99371deb9c7a108caf97b5 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 1125788 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1495 viewmaster-server viewmaster-us-central1-lzlv x-served-by cache-dfw18628-DFW, cache-hhn4022-HHN x-timer S1657019849.796097,VS0,VE124 etag da95d4c1f147a8aecbd47dad54f33c6d access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/4.6.0/js/ Frame 7746	873 KB 205 KB	36ms 7ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dcef9ec0223c14a1465bb1767f441ea27f0de1f89fd9a52ff31d8c3e6d76a5e4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT via 1.1 varnish, 1.1 varnish age 337295 x-served-by cache-iad-kiad7000169-IAD, cache-fra19161-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1657019849.798580,VS0,VE0 content-length 210069 x-cache-hits 1, 6035
GET H2	200	player.css f.vimeocdn.com/p/4.6.0/css/ Frame 7746	219 KB 21 KB	36ms 7ms	Stylesheet text/css	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.6.0/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash abf36e8fbffea9a449a64e7a2acee1aa88bdade0c4fcaad1998df90dd4feaab0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT via 1.1 varnish, 1.1 varnish age 337300 x-served-by cache-iad-kiad7000154-IAD, cache-fra19161-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1657019849.798405,VS0,VE0 content-length 21130 x-cache-hits 1, 141085
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame 7746	2 KB 1 KB	35ms 6ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT via 1.1 varnish, 1.1 varnish age 477791 x-timer S1657019849.798537,VS0,VE0 x-served-by cache-iad-kjyo7100144-IAD, cache-fra19161-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 997 x-cache-hits 1, 161814
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 438 B	57ms 19ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-157050359-1&cid=389192119.1657019849&jid=671368082&gjid=1816475139&_gid=383856872.1657019849&_u=aGDACUABBAAAAC~&z=958716154 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 05 Jul 2022 11:17:28 GMT content-type text/plain access-control-allow-origin https://ondexx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	vuid vimeo.com/ablincoln/ Frame 7746	0 989 B	205ms 168ms	Ping text/plain	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/ablincoln/vuid?pid=cf4c6bf75c24e6472ea2867cc028a47b8df7cb4a1657019848 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 11:17:28 GMT Via 1.1 varnish, 1.1 varnish x-content-type-options nosniff CF-Cache-Status DYNAMIC content-security-policy-report-only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS Connection keep-alive Vary User-Agent x-xss-protection 1; mode=block X-Served-By cache-iad-kcgs7200058-IAD, cache-hhn4073-HHN x-vimeo-device d Server cloudflare X-Timer S1657019849.858681,VS0,VE134 x-frame-options sameorigin x-backend-proxy webproxy2 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload expires Mon, 04 Jul 2022 23:17:28 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server pweb-v1784-tx956 x-ua-compatible IE=edge Accept-Ranges bytes CF-RAY 725fb1c74a4f6997-FRA X-Cache-Hits 0, 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	155ms 68ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-157050359-1&cid=389192119.1657019849&jid=671368082&_u=aGDACUABBAAAAC~&z=1734327140 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	155ms 68ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-157050359-1&cid=389192119.1657019849&jid=671368082&_u=aGDACUABBAAAAC~&z=1734327140 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	441516.png i.vimeocdn.com/player/ Frame 7746	2 KB 2 KB	126ms 126ms	Image image/png	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/player/441516.png?mw=100&mh=100 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ea87e8ba6aa7c23610322ef8f6c629570aeb35c190465dd38735e8853459b2ac Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 16707 x-viewmaster-lossless-format lossless x-cache miss, HIT, MISS x-backend-server varnish content-length 2123 viewmaster-server viewmaster-us-central1-3t6z x-served-by cache-dfw18673-DFW, cache-hhn4022-HHN x-timer S1657019849.888429,VS0,VE119 etag 76b0963a70b6616c2fbe89fb95910c2f access-control-max-age 86400 content-type image/png access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 0
POST H2	200	player-test-impression fresnel.vimeocdn.com/add/ Frame 7746	0 142 B	208ms 130ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d i.vimeocdn.com/video/ Frame 7746	72 KB 72 KB	8ms 7ms	Image image/avif	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7ff317e15400cb002f7fda77e9a21e2e9a4b9021aa604690c1b4475bc4ac10ce Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:28 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2488371 x-viewmaster-lossless-format automatic x-cache miss, HIT, HIT access-control-max-age 86400 x-backend-server varnish content-length 73455 viewmaster-server viewmaster-us-central1-pvzz x-served-by cache-dfw18623-DFW, cache-hhn4022-HHN x-timer S1657019849.921159,VS0,VE1 etag ade9f8b1cc4d755e7e91967fb7e35dbc vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame 7746	0 40 B	198ms 131ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=cf4c6bf75c24e6472ea2867cc028a47b8df7cb4a1657019848 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	38866357_60x60.jpg i.vimeocdn.com/portrait/ Frame 7746	2 KB 2 KB	8ms 7ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/portrait/38866357_60x60.jpg Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c76df176e902e72c31b191cb8aab908e57e469cd78dddd34905ea96070cd5a49 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 1209205 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1923 viewmaster-server viewmaster-us-central1-z9fm x-served-by cache-dfw18659-DFW, cache-hhn4022-HHN x-timer S1657019849.169144,VS0,VE1 etag 2469d76f6c89f333cda421c3ae39d20f access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d.jpg i.vimeocdn.com/video/ Frame CB81	1 KB 1 KB	161ms 161ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d04e732e137cc1b650a13c59ccd15af244c322827084b040835d3fdc4f3ad362 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 332267 x-viewmaster-lossless-format lossy x-cache miss, HIT, MISS x-backend-server varnish content-length 1183 viewmaster-server viewmaster-us-central1-mw5t x-served-by cache-dfw18639-DFW, cache-hhn4022-HHN x-timer S1657019849.169670,VS0,VE121 etag 4924f46843f2b4e7d32d1881ed59895c access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 0
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/4.6.0/js/ Frame CB81	873 KB 205 KB	8ms 7ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dcef9ec0223c14a1465bb1767f441ea27f0de1f89fd9a52ff31d8c3e6d76a5e4 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 varnish, 1.1 varnish age 337295 x-served-by cache-iad-kiad7000169-IAD, cache-fra19161-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1657019849.171260,VS0,VE0 content-length 210069 x-cache-hits 1, 6036
GET H2	200	player.css f.vimeocdn.com/p/4.6.0/css/ Frame CB81	219 KB 21 KB	8ms 8ms	Stylesheet text/css	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.6.0/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash abf36e8fbffea9a449a64e7a2acee1aa88bdade0c4fcaad1998df90dd4feaab0 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 varnish, 1.1 varnish age 337300 x-served-by cache-iad-kiad7000154-IAD, cache-fra19161-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1657019849.171409,VS0,VE0 content-length 21130 x-cache-hits 1, 141086
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame CB81	2 KB 1 KB	8ms 8ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 varnish, 1.1 varnish age 477791 x-timer S1657019849.171405,VS0,VE0 x-served-by cache-iad-kjyo7100144-IAD, cache-fra19161-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 997 x-cache-hits 1, 161815
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/	2 KB 2 KB	436ms 62ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1657019849169&cv=9&fst=1657019849169&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&tiba=Hero-Campaign&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5db31b019b3e654077bbbdb7dd726c78651dd88c04d1a87320d94b9eb3c12a09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:29 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1079 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	fa-solid-900.woff ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	591ms 589ms	Font text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4slMm04XnV6hV5Dhx1EsMEVyXG5fnGzSRTr1DvHfEyCW7Dh5mQO086pdYLWul8mPTrgvVGqnVgW7yGnXgKflTjhrFxGYIIhI9qvIQhXFCQby9V92y+7re8dPyVYkyzxwajcVUDKS0Wmm6HKZDN6uD2jRmtDo8twL+7/aIPYIzlNTglSn/oQwC6ehI1XYbSILhwH2sMUFBWrOOKKZuCqUOJJhk3P+mlHqrv9W4YCyyc0FZvXzNNm0yTs2iBboFOFIZJOL9WeTOW60bjPNHcsVDFu9tpnbcXx5ONszLJMfbyO9rVf0I77vDy+Ht+fD/vn1B98iIgQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4slMm04XnV6hV5Dhx1EsMEVyXG5fnGzSRTr1DvHfEyCW7Dh5mQO086pdYLWul8mPTrgvVGqnVgW7yGnXgKflTjhrFxGYIIhI9qvIQhXFCQby9V92y+7re8dPyVYkyzxwajcVUDKS0Wmm6HKZDN6uD2jRmtDo8twL+7/aIPYIzlNTglSn/oQwC6ehI1XYbSILhwH2sMUFBWrOOKKZuCqUOJJhk3P+mlHqrv9W4YCyyc0FZvXzNNm0yTs2iBboFOFIZJOL9WeTOW60bjPNHcsVDFu9tpnbcXx5ONszLJMfbyO9rVf0I77vDy+Ht+fD/vn1B98iIgQ= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Tue, 05 Jul 2022 11:17:29 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
POST H3	200	player-test-impression fresnel.vimeocdn.com/add/ Frame CB81	0 11 B	201ms 129ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d i.vimeocdn.com/video/ Frame CB81	24 KB 25 KB	129ms 128ms	Image image/avif	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0402a5997fbbbc6c47f9058c2be569b580f1269c7a327776ec15df2239ea2861 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 1201549 x-viewmaster-lossless-format automatic x-cache miss, HIT, HIT access-control-max-age 86400 x-backend-server varnish content-length 24964 viewmaster-server viewmaster-us-central1-8l0t x-served-by cache-dfw18683-DFW, cache-hhn4022-HHN x-timer S1657019849.251439,VS0,VE120 etag a5db37c2246b9d8da430fd2d6565854c vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
POST H3	200	player-stats fresnel.vimeocdn.com/add/ Frame CB81	0 11 B	199ms 129ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=1b695f9a0f408693568b5be796572033fb3554461657019848 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	sentry.js Show response f.vimeocdn.com/p/4.6.0/js/module/ Frame CB81	70 KB 18 KB	33ms 33ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.6.0/js/module/sentry.js Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f917e7de81817d9fe161b72d82e247bad6ad1999fc48e8b187f4f012284cea72 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via 1.1 varnish, 1.1 varnish age 337298 x-served-by cache-iad-kiad7000031-IAD, cache-fra19161-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1657019850.614604,VS0,VE0 content-length 18761 x-cache-hits 1, 17264
GET H2	200	38866357_60x60.jpg i.vimeocdn.com/portrait/ Frame CB81	2 KB 2 KB	16ms 15ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/portrait/38866357_60x60.jpg Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.6.0/js/player.de-DE.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c76df176e902e72c31b191cb8aab908e57e469cd78dddd34905ea96070cd5a49 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:29 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 1209205 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1923 viewmaster-server viewmaster-us-central1-z9fm x-served-by cache-dfw18659-DFW, cache-hhn4022-HHN x-timer S1657019850.614803,VS0,VE0 etag 2469d76f6c89f333cda421c3ae39d20f access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 2
GET H3	200	/ www.google.com/pagead/1p-user-list/480613323/	42 B 64 B	152ms 51ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/480613323/?random=1657019849169&cv=9&fst=1657018800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=2846256183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/480613323/	42 B 64 B	146ms 48ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/480613323/?random=1657019849169&cv=9&fst=1657018800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=2846256183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr3&utm_content=text-link1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	fa-solid-900.ttf ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	996ms 995ms	Font text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.ttf Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4slMm04XnV6hV5Dhx1EsMEVyXG5fnGzSRTr1DvHfEyCW7Dh5mQO086pdYLWul8mPTrgvVGqnVgW7yGnXgKflTjhrFxGYIIhI9qvIQhXFCQby9V92y+7re8dPyVYkyzxwajcVUDKS0Wmm6HKZDN6uD2jRmtDo8twL+7/aIPYIzlNTglSn/oQwC6ehI1XYbSILhwH2sMUFBWrOOKKZuCqUOJJhk3P+mlHqrv9W4YCyyc0FZvXzNNm0yTs2iBboFOFIZJOL9WeTOW60bjPNHcsVDFu9tpnbcXx5ONszLJMfbyO9rVf0I77vDy+Ht+fD/vn1B98iIgQ= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4slMm04XnV6hV5Dhx1EsMEVyXG5fnGzSRTr1DvHfEyCW7Dh5mQO086pdYLWul8mPTrgvVGqnVgW7yGnXgKflTjhrFxGYIIhI9qvIQhXFCQby9V92y+7re8dPyVYkyzxwajcVUDKS0Wmm6HKZDN6uD2jRmtDo8twL+7/aIPYIzlNTglSn/oQwC6ehI1XYbSILhwH2sMUFBWrOOKKZuCqUOJJhk3P+mlHqrv9W4YCyyc0FZvXzNNm0yTs2iBboFOFIZJOL9WeTOW60bjPNHcsVDFu9tpnbcXx5ONszLJMfbyO9rVf0I77vDy+Ht+fD/vn1B98iIgQ= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Tue, 05 Jul 2022 11:17:31 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	7063729.js Show response js-na1.hs-scripts.com/	2 KB 925 B	45ms 16ms	Script application/javascript	2606:4700::6811:d3cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/7063729.js Requested by Host: js.hs-analytics.net URL: https://js.hs-analytics.net/analytics/1657020000000/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5de2b3215fe917c9c92afafa8554db251012a3ce9941de64c56d097337a5f6d Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1 cf-polished origSize=1992 x-hubspot-correlation-id 71f883d8-3d37-4087-ab29-1c3e784f0b7f last-modified Tue, 05 Jul 2022 11:17:30 GMT server cloudflare x-trace 2BA94BC88A7131567DFFBCC09794A1E906F93140BB000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://ondexx.com cache-control public, max-age=30 access-control-allow-credentials true cf-ray 725fb1d56e976901-FRA cf-bgj minify
GET H2	200	__ptq.gif track.hubspot.com/	45 B 970 B	181ms 149ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=7063729&rcu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F&pu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&t=Hero-Campaign&cts=1657019851074&vi=381cbe9609fbdc710de2a7833b13d4e9&nc=true&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 0a42e450-4f07-4090-97a6-3171c28d4484 cf-ray 725fb1d57f659bbf-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQUEHjT3lSZcOcYL%2BmOv5tIhiN4Qfy5e47ynNs46zmnggXQqRIcX9uFEBHO%2FZKCNI06Y1WEOWOszmkFYbAXNSIT5wny%2FOeZ8%2FZ%2FvZ9dRbNZrcJiJ%2BW8gYkkdVPUu1kcB2ifpo8VIT%2Bj4VVB0U6Tv"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none
GET H2	200	fb.js Show response js.hsadspixel.net/	5 KB 3 KB	59ms 26ms	Script application/javascript	2606:4700::6811:70b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT via 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront) cf-cache-status HIT age 374 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.287/bundles/pixels-release.js&cfRay=725fa8b428ee6946-EWR x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br last-modified Thu, 30 Jun 2022 02:09:15 UTC server cloudflare etag W/"1b16fc147ec853ab9d82a3c0efe75b77" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id dONne1FcPXm8F7qFk63xAz5e_hNw5LhN cache-control max-age=600 x-hs-cache-status HIT x-amz-cf-pop IAD89-P1 cf-ray 725fb1d5bb985c50-FRA x-amz-cf-id FjTbGGojaIILEbX0VuH0YoMSJnjA5vwudpR6ZaInDGUBw0_4gEorOw== x-hs-target-asset adsscriptloaderstatic/static-1.287/bundles/pixels-release.js
GET H2	200	7063729.js Show response js.hs-banner.com/	59 KB 16 KB	241ms 222ms	Script text/javascript	2606:4700:4400::ac40:9a55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/7063729.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a2afdfbb9db3fbde63748d14f91dbab0cccfc2d2cc0b3a2e7ba0502b77990be Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT content-encoding br cf-cache-status MISS x-amz-request-id 0GZN0WEBZDG0FP95 x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-id-2 wj22J2U3l6URrJrwfLRa8K0AhSlG3NyPPYBVCm3Z/3i7r6UhXyiSo4O2mn0YgbsT5ZGjaRuCphg= timing-allow-origin * last-modified Fri, 27 May 2022 16:41:53 GMT server cloudflare etag W/"fe049375319f389c185ddd3cd86d8c98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id jsg2hgF8aKjQDXGdnSGGFxLDS3SEAGLS access-control-allow-origin https://ondexx.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 725fb1d5a89f5b3e-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Tue, 05 Jul 2022 11:22:31 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	72 KB 25 KB	40ms 21ms	Script application/javascript	2606:4700::6811:82ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5 Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT via 1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront) cf-cache-status HIT age 1 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=725fb1d3b8b25c38-IAD x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED content-encoding br cf-ray 725fb1d5aa6e9a21-FRA last-modified Thu, 19 May 2022 12:56:36 UTC server cloudflare etag W/"9bdc82a581dc188ff306ce5ac3c3e170" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET x-amz-version-id w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c access-control-allow-origin * cache-control s-maxage=86400, max-age=0 x-hs-cache-status MISS x-amz-cf-pop IAD89-P1 content-type application/javascript; charset=utf-8 x-amz-cf-id UgU-oNEypWZiFYkbiPRyuR6H1UmLzhIchaCsRlTJSYqE3dFvXm97yg== x-hs-target-asset collected-forms-embed-js/static-1.278/bundles/project.js
GET H2	200	json Show response forms.hubspot.com/collected-forms/v1/config/	115 B 1 KB	171ms 140ms	XHR application/json	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7063729&utk=381cbe9609fbdc710de2a7833b13d4e9 Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b840b22a40dde046cd42876a5f9477b01cade9c7c19b791d5eef75a702f5b24c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 2a1ad610-c855-4f08-9f43-c0f2d5e2abd3 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RseaWPgy84JDMNb64J6b%2BKhZ1SrW7OXpqA6wPCzyYsjJvAa0ed5MQXWlUg8T7gWxCfHIW8k3hDbHVl5si7rtY3GYYYbfmbXyydI6Oc66lNA6EzGAy3W%2FpSUt4DHjIo5A8vzu9QZ8RsdLLIa1CwwC"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://ondexx.com x-robots-tag none access-control-allow-credentials false cf-ray 725fb1d64a359a3c-FRA access-control-allow-headers *
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixel/	132 B 931 B	150ms 131ms	XHR application/json	2606:4700::6811:c9cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7063729 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f66ee1414f2b6711e5ce530849b42196e752ab6a93cf2193d422b289567625c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id b0520aaa-4a56-4b23-a9a6-c3982d8e3506 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-trace 2BE6646297277EBAA89AAD34688E137D7EB57F3B08000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvCsQkyryHcuGBj2lDjvFhmZdV%2B6xdeFylIyQFPsz2v5sypWg3rQQtYkZMJQNrRyHzFJhPJq14URJx9v1WsqEBxVLgXHtQerVHEwOgRdJJnDU4FUdFzeG282Vx1fGaIi9yyxjB5m65yoVSVI"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://ondexx.com access-control-allow-credentials false cf-ray 725fb1d73a47996c-FRA access-control-allow-headers *
GET H3	200	js Show response www.googletagmanager.com/gtag/	110 KB 43 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 46118b64ade2690dfd131f01902e47ebd97c18eb00cbb9438e61907ea4d27239 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43934 x-xss-protection 0 last-modified Tue, 05 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 05 Jul 2022 11:17:31 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/	2 KB 1 KB	143ms 60ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1657019851524&cv=9&fst=1657019851524&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&tiba=Hero-Campaign&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 08bd84cbc2e0e8dce35bae6cb229beb1f98f188beffa66094ac1ca60a67bfe2b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:31 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1081 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	33ms 8ms	Script application/x-javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 11:17:31 GMT Content-Encoding gzip Last-Modified Wed, 13 Apr 2022 23:25:22 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=37902 Connection keep-alive Accept-Ranges bytes Content-Length 3085
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1657019851560%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-ca... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail...	0 265 B	137ms 112ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3&liSync=true&e_ipv6=AQLYNPAkrJ4M-wAAAYHOFGSjUf8_5rm96DAhp3Q-xKPwBs3k3NZvFRzPkFkYCZlsuQz4JGTn Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 11:17:31 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: A59B5AC61453404AA908201767E08DE1 Ref B: FRAEDGE1116 Ref C: 2022-07-05T11:17:32Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXjDP+q+uvOHr7zfLh9AA== x-li-fabric prod-lva1 Redirect headers date Tue, 05 Jul 2022 11:17:31 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: AC61BB7DBC5349379805090F27173AD5 Ref B: FRAEDGE1510 Ref C: 2022-07-05T11:17:31Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1657019851560&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3&liSync=true&e_ipv6=AQLYNPAkrJ4M-wAAAYHOFGSjUf8_5rm96DAhp3Q-xKPwBs3k3NZvFRzPkFkYCZlsuQz4JGTn x-li-proto http/2 content-length 0 x-li-uuid AAXjDP+o5r/5d2o8ayw+jA==
GET H3	200	/ www.google.com/pagead/1p-user-list/480613323/	42 B 64 B	76ms 73ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/480613323/?random=1657019851524&cv=9&fst=1657018800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=3203119677&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:31 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/480613323/	42 B 64 B	75ms 72ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/480613323/?random=1657019851524&cv=9&fst=1657018800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr3%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=3203119677&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jul 2022 11:17:31 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	boom.gif pixel.wp.com/	0 37 B	7ms 6ms	Image text/plain	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.003&largest_contentful_paint=2248&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=ondexx.com&url_path=%2Fhero-campaign%2F&nt_fetchStart=0&nt_domainLookupStart=1&nt_domainLookupEnd=19&nt_connectStart=19&nt_connectEnd=34&nt_secureConnectionStart=24&nt_requestStart=34&nt_responseStart=536&nt_responseEnd=537&nt_domLoading=539&nt_domInteractive=1143&nt_domContentLoadedEventStart=1144&nt_domContentLoadedEventEnd=1153&nt_domComplete=3711&nt_loadEventStart=3711&nt_loadEventEnd=3721&nt_redirectCount=0&nt_api_level=2&start_render=1115&first_contentful_paint=1115&resource_size=1531607&resource_transferred=300473&js_size=479029&js_transferred=136347&resource_cache_percent=0&js_cache_percent=0&last_resource_end=4771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin * date Tue, 05 Jul 2022 11:17:34 GMT cache-control no-cache server nginx