www.blueonionlabs.com Open in urlscan Pro
34.253.101.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u16885202.ct.sendgrid.net/ls/click?upn=3szKi-2BSjAMx88QsSIJE5Jp6Bk-2F7o8GXN5k1Oya-2FPb-2FApK6XbODRzKzKESPriB0V1PWC9_ycFUGO...
Effective URL:
https://www.blueonionlabs.com/netsuite
Submission: On October 05 via manual (October 5th 2022, 8:00:22 pm UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 30 domains to perform 68 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.blueonionlabs.com.
TLS certificate: Issued by R3 on September 26th 2022. Valid for: 3 months.

This is the only time www.blueonionlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
1	34.253.101.190 34.253.101.190	16509 (AMAZON-02) (AMAZON-02)
12	18.66.112.105 18.66.112.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:28d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.232.99 52.222.232.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
5	3.214.195.105 3.214.195.105	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	216.24.57.253 216.24.57.253	397273 (RENDER) (RENDER)
6	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:6d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::6812:2128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
68	32

1 167.89.118.28 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net

u16885202.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.101.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

www.blueonionlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.112.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-105.fra56.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28d6 (United States)

ASN13335 (CLOUDFLARENET, US)

jobs.ashbyhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.214.195.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-195-105.compute-1.amazonaws.com

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.253 (United States)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:6d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2128 (United States)

ASN13335 (CLOUDFLARENET, US)

22596154.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 20092	786 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 d.clarity.ms — Cisco Umbrella Rank: 6596 c.clarity.ms — Cisco Umbrella Rank: 1219	26 KB
6	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 7939 forms.hubspot.com — Cisco Umbrella Rank: 5643 app.hubspot.com — Cisco Umbrella Rank: 9256 track.hubspot.com — Cisco Umbrella Rank: 4437	23 KB
6	gstatic.com fonts.gstatic.com	187 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 14468	266 KB
5	posthog.com app.posthog.com — Cisco Umbrella Rank: 46984	47 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	195 KB
2	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 52903	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 485 fonts.googleapis.com — Cisco Umbrella Rank: 118	8 KB
1	hubspotusercontent-na1.net 22596154.fs1.hubspotusercontent-na1.net	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 426	553 B
1	google.de www.google.de — Cisco Umbrella Rank: 3460	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 8144	438 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 6176	849 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 8898	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4220	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4230	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 6037	3 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 8617	23 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4567	982 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	ashbyhq.com jobs.ashbyhq.com — Cisco Umbrella Rank: 755683	2 KB
1	blueonionlabs.com www.blueonionlabs.com	5 KB
1	sendgrid.net 1 redirects u16885202.ct.sendgrid.net	241 B
68	30

	Domain	Requested by
12	uploads-ssl.webflow.com	www.blueonionlabs.com uploads-ssl.webflow.com
6	fonts.gstatic.com	fonts.googleapis.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	app.posthog.com	www.blueonionlabs.com app.posthog.com
4	www.googletagmanager.com	www.blueonionlabs.com js.hsadspixel.net www.googletagmanager.com
3	d.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	px.ads.linkedin.com	2 redirects
2	api.hubspot.com	js.usemessages.com
2	grow.clearbitjs.com	www.blueonionlabs.com
2	www.clarity.ms	www.blueonionlabs.com www.clarity.ms
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	22596154.fs1.hubspotusercontent-na1.net
1	track.hubspot.com
1	c.bing.com	1 redirects
1	www.google.de	www.blueonionlabs.com
1	www.google.com	www.blueonionlabs.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	forms.hsforms.com	www.blueonionlabs.com
1	api.hubapi.com	js.hsadspixel.net
1	forms.hubspot.com	js.hscollectedforms.net
1	px4.ads.linkedin.com	www.blueonionlabs.com
1	www.linkedin.com	1 redirects
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-scripts.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.blueonionlabs.com
1	jobs.ashbyhq.com	www.blueonionlabs.com
1	ajax.googleapis.com	www.blueonionlabs.com
1	www.blueonionlabs.com
1	u16885202.ct.sendgrid.net	1 redirects
68	38

This site contains links to these domains. Also see Links.

Domain
info.blueonionlabs.com
app.blueonionlabs.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.blueonionlabs.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
uploads-ssl.webflow.com Amazon	`2022-08-28` - `2023-09-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
app.posthog.com Amazon	`2022-10-04` - `2023-11-02`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
grow.clearbitjs.com R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.blueonionlabs.com/netsuite
Frame ID: D8563E0B68A73CEE1907FD7188459DC3
Requests: 59 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/22596154/threads/utk/c7aa8494aaa1440f8be7b835ae73f89a?uuid=f91a847c9951415086bebfadb6d375f8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=blueonionlabs.com&inApp53=false&messagesUtk=c7aa8494aaa1440f8be7b835ae73f89a&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: C3B5833828FC6CBD2E7B0CD6E6980181
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netsuite

Page URL History Show full URLs

https://u16885202.ct.sendgrid.net/ls/click?upn=3szKi-2BSjAMx88QsSIJE5Jp6Bk-2F7o8GXN5k1Oya-2FPb-2FApK6XbODRzKzK... HTTP 302
https://www.blueonionlabs.com/netsuite Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

97 %
HTTPS

71 %
IPv6

30
Domains

38
Subdomains

32
IPs

3
Countries

1704 kB
Transfer

4882 kB
Size

27
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://info.blueonionlabs.com/lp-2
Title: Contact Sales

Search URL Search Domain Scan URL

URL: https://app.blueonionlabs.com/users/sign_in
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/blue-onion-labs/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u16885202.ct.sendgrid.net/ls/click?upn=3szKi-2BSjAMx88QsSIJE5Jp6Bk-2F7o8GXN5k1Oya-2FPb-2FApK6XbODRzKzKESPriB0V1PWC9_ycFUGOmj-2BzZRMCTo5aRQsc3NOduF-2FwWO6KZ7eXcuZEb9TOilKC2HIFoku4BVb0htTuiRJ-2BEIR8TeIKpM8vVF6NLKOMo3-2BmoyYa4-2FMBdVrSYOPCX7w-2F70K-2FXXAh-2Bxg7lg1OQk1mNA6oGbRk9Jxywqkpsu-2B59Zc5vglmFMk5Mc6MzN-2Fh7OLBzTTLWb0LNpkz3aCU-2BcucQWOxrJzf20uHw0-2Bmhn4j43tXIzZnQY8VztqmokTQXJbE0PLITPPyS-2FhS6T9c7TZbQSn6M-2BwyLFj3yAK3JTyuQN5tcVCkBMnjxbZa-2B3RvR-2Bj49bnZjI-2FPRjK-2B2GfZx9JoQrY6zuq8DWyHlsXKBsXKfEo8erGVSrCjNfW8xTv4zSvxKUPGpK-2BIJsCEkeWkr39i-2FFCvaSKHoiHAYs7kLOS1ePDH62-2FnjKIp-2BJjBCPDJNuByR7CAXIhJCFK-2Bn4 HTTP 302
https://www.blueonionlabs.com/netsuite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3591500%26time%3D1665000015847%26url%3Dhttps%253A%252F%252Fwww.blueonionlabs.com%252Fnetsuite%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&liSync=true&e_ipv6=AQIRrC7Z4NzlngAAAYOpvAnEDBllTRreiEyRUPgcHyF5oZLcraCxfNKbWe4md57zNazEg0LZ2g

Request Chain 61

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=85B23028026B42B19972DE84D502AA3B&RedC=c.clarity.ms&MXFR=077455D636FD6FB01AAE47E232FD61F7 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=85B23028026B42B19972DE84D502AA3B&MUID=1637F7471CEC68CE0922E5731D87697E

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request netsuite Show response
www.blueonionlabs.com/
Redirect Chain

https://u16885202.ct.sendgrid.net/ls/click?upn=3szKi-2BSjAMx88QsSIJE5Jp6Bk-2F7o8GXN5k1Oya-2FPb-2FApK6XbODRzKzKESPriB0V1PWC9_ycFUGOmj-2BzZRMCTo5aRQsc3NOduF-2FwWO6KZ7eXcuZEb9TOilKC2HIFoku4BVb0htTuiRJ...
https://www.blueonionlabs.com/netsuite

14 KB
5 KB

526ms
275ms

Document
text/html

34.253.101.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 2d5c37910d48cab1c59aa7de76952699b4e318a3cd06f4daed9d5471bd8c8460

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 4990
content-type: text/html
date: Wed, 05 Oct 2022 20:00:14 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cluster-name: eu-west-1-prod-edge-blue
x-served-by: cache-iad-kcgs7200153-IAD, cache-dub4324-DUB
x-timer: S1665000015.745663,VS0,VE232

Redirect headers

Connection: keep-alive
Content-Length: 61
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Oct 2022 20:00:14 GMT
Location: https://www.blueonionlabs.com/netsuite
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 unicorn-template-7092fd.webflow.a70e0c2e3.css
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/ 356 KB
40 KB 337ms
48ms Stylesheet
text/css 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/unicorn-template-7092fd.webflow.a70e0c2e3.css
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b08e381e7b51c21bcf1acccb2f15d2284c65f2052df6ef4b3b92fe22d5ee5c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: b8ZxYwSGXLuoV6p2Glq4f72qMWD_PkGI
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Wed, 05 Oct 2022 12:12:29 GMT
age: 28067
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40490
last-modified: Fri, 30 Sep 2022 16:37:29 GMT
server: AmazonS3
etag: "c3596140bfaf0f49d0f09fa8ddbb6e21"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: _eLg5l99Q_iQ5e9EkI4Ti2NljRDjbeetiPZvWQVwe-KGWcOw0jSUjg==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 115ms
32ms Script
text/javascript 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 13:33:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 13:33:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 77ms
33ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-172722044-1

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

813a1643708585f5691cae72bedf79e1f834b55b1f56bdaf3d0478ae111c37cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 20:00:15 GMT

GET
H2 200 embed Show response
jobs.ashbyhq.com/Blue%20Onion%20Labs/ 4 KB
2 KB 239ms
172ms Script
application/javascript 2606:4700:3108::ac42:28d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jobs.ashbyhq.com/Blue%20Onion%20Labs/embed

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6869734c701a0e10d3144e026a23ad33b523eb323cd2cc61c29c5113db54a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
via: 1.1 vegur
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"QLrOn6CmvpB6vCLzhRgiFBoaoQw="
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=600, stale-if-error=600, stale-while-revalidate=60
cf-ray: 7558be10dc7d9c0c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 308ms
20ms Script
application/javascript 52.222.232.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61dc98856049676bd9b4ceeb
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.blueonionlabs.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 06:06:46 GMT
content-encoding: gzip
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
age: 50010
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: -bqLKIUM5_SkdkzZdpkZh9cYLhbk2NPfKqDIVgICnAtLSvhAm_DLUw==

GET
H2 200 webflow.fa2a4d34b.js Show response
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/js/ 1 MB
181 KB 351ms
63ms Script
text/javascript 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/js/webflow.fa2a4d34b.js
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da6da0f7e1e5c946e642b64e36a0e1f4687a22a0b4d1593f731731e650cbdfa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: nBUrA5AhJnQWBMSvUBbIau77x4_O8NyT
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Wed, 05 Oct 2022 20:00:15 GMT
age: 28067
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 184221
last-modified: Fri, 30 Sep 2022 16:37:29 GMT
server: AmazonS3
etag: "81e8557ac4aa5fec07d6460ed1fd2774"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: -YOi6A9ya8CR1-zwysTgpH-G7TmLyS31R-HcTQDYYXencQXre9yRSg==

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 137ms
54ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic%7CSource+Serif+4:200,regular,700,200italic,italic,700italic%7CSource+Serif+4:200,regular,500,600,200italic,italic,500italic,600italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad585d88ad70dd838d7d308b7ba5a59bde4acac695edff136bbc662fe0a5b9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 20:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 20:00:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 20:00:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
62 KB 81ms
49ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP65CZW

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cd2cffa31c65c1006fca5eeddc57f6b29561feafc7ddbb0ab4db94e90d4da7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62928
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 20:00:15 GMT

GET
H2 200 array.js Show response
app.posthog.com/static/ 82 KB
26 KB 499ms
238ms Script
text/javascript 3.214.195.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/static/array.js

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.195.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-195-105.compute-1.amazonaws.com

Software

Resource Hash

a797bffc7064868ff58ed5f5dfa76522846925c664552f112e14ebd3f69f0e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 05 Oct 2022 14:14:08 GMT
etag: "633d9130-14794"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
content-length: 26667

GET
H2 200 61dc988660496724fcb4cf30_PlusJakartaDisplay-Regular.ttf
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 32 KB
19 KB 76ms
35ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/61dc988660496724fcb4cf30_PlusJakartaDisplay-Regular.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/unicorn-template-7092fd.webflow.a70e0c2e3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44f7f3ef755bae3543f5982efd58ce39782d733a239c69d156383f81e9b07b33

Request headers

Referer: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/unicorn-template-7092fd.webflow.a70e0c2e3.css
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 06:39:20 GMT
x-amz-version-id: CTHaA3s6fyN1.AejxIev1Id98pkXBDNc
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
age: 7392056
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 10 Jan 2022 20:35:20 GMT
server: AmazonS3
etag: W/"c5029463cdbeff861b8569f668fd4426"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: qhdTx6zJx6FbgfstWjoc4U8nPO8usu5C7TtHKtQQzKHXmQk9lzR_4w==

GET
H2 200 61dc9886604967cf7cb4cf40_PlusJakartaDisplay-Medium.ttf
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 32 KB
19 KB 72ms
32ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/61dc9886604967cf7cb4cf40_PlusJakartaDisplay-Medium.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/unicorn-template-7092fd.webflow.a70e0c2e3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 140b53f6dec112bfd0110745e29868d1b5bb987697241d44bbef38bc77ace87b

Request headers

Referer: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/unicorn-template-7092fd.webflow.a70e0c2e3.css
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 07:18:21 GMT
x-amz-version-id: .TyTfJqP_rE3z2Z9HYpVFp6gS_gHIMDh
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
age: 6871315
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 10 Jan 2022 20:35:20 GMT
server: AmazonS3
etag: W/"23e8a29e3eaac8423397e94aef3ffe8f"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: ox0J0HWGaYj_MSHpmtP6u0KIHqjcbkPKkvJov3y4Tm4RvgreEUykMg==

GET
H2 200 61dc988660496722d1b4cf2d_PlusJakartaDisplay-Bold.ttf
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 32 KB
18 KB 61ms
21ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/61dc988660496722d1b4cf2d_PlusJakartaDisplay-Bold.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/unicorn-template-7092fd.webflow.a70e0c2e3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e82e7b992fb2af148be00b0e7904f07dab7ff81c7a19408b895f80d1f4a0fe

Request headers

Referer: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/css/unicorn-template-7092fd.webflow.a70e0c2e3.css
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 15:18:17 GMT
x-amz-version-id: oK_kdbzjwDLlckTLLGoeedZ0Bi3tSIgC
content-encoding: gzip
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
age: 7447319
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 10 Jan 2022 20:35:20 GMT
server: AmazonS3
etag: W/"4656b9c120f6fab0b0e6798b877b2dc1"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 01YtMt8bLrsSadUk0kRhRkS29IbMqhxGz1bxhsES2gjrBIF0l8OtmA==

GET
H2 200 620c180e05fdcaf7bd8f771d_BlueOnion_2tone_cobaltDark%402x.png
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 12 KB
12 KB 22ms
21ms Image
image/png 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/620c180e05fdcaf7bd8f771d_BlueOnion_2tone_cobaltDark%402x.png
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 414a442f21d6b536860e23b6068b5925163901d58cfa58965063e7186e64a651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:34:44 GMT
x-amz-version-id: ZBopDMdo9saK71J4x17zU4elOS2rzlE_
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age: 11676332
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12316
last-modified: Tue, 15 Feb 2022 21:16:00 GMT
server: AmazonS3
etag: "f21b12720b6f09508eb496ebdf29cad4"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: w11s_t8nxfr9242m0WU8gRJPoxDRnmddXVHPuHdEJfh8GFdjk2PlXQ==

GET
H2 200 6315f93912974b6c4ccd2e19_Group%201-p-800.png
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 14 KB
14 KB 446ms
445ms Image
image/png 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/6315f93912974b6c4ccd2e19_Group%201-p-800.png
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cfba976d2fa306bdecc036a3143b231218fd3c3559d26297aec358c8bc8455e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-amz-version-id: 9_GxCbCzNh1vwDchh6TRMGDAzXbnEKON
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
last-modified: Mon, 05 Sep 2022 13:27:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "e63ade9687a2dc428889235ebe5f902f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 14023
x-amz-cf-id: ydl0_ir9VY0-giNP56YQqpIyznzlhhBan0-eA1G19lMDIjgNBY3Clw==

GET
H2 200 624691f734e3ba168a802391_ProductHeader.svg
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 415 KB
68 KB 25ms
25ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/624691f734e3ba168a802391_ProductHeader.svg
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f7ce20fe0f9b47fe810f23f75a6e1a84759301cfbf85dfe793098d47d26d091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 05:15:21 GMT
x-amz-version-id: vKmToiminKdB6M6LrUpd4QjK_QiBPuur
content-encoding: br
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age: 830695
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Apr 2022 05:47:36 GMT
server: AmazonS3
etag: W/"eee67602f6fb39075e86be82b85051f2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: kLmkcepLuF0fj9oTADfQSvO2TgsL0BGZ40rqb-VcpVPjqObJgEUkpw==

GET
H2 200 63173f9bc0a5663b6693dd06_How%20We%20Work%20(1).svg
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 564 KB
403 KB 198ms
198ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/63173f9bc0a5663b6693dd06_How%20We%20Work%20(1).svg
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe4c84adcbecfcb7b245ce1a8f8e441a6db941136fe177b3939bd91cef106cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-amz-version-id: f0lNZzT4VOxNkIQ1eSOqcVAMt8RWAXQH
content-encoding: br
last-modified: Tue, 06 Sep 2022 12:39:57 GMT
server: AmazonS3
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"1826e8ccb64175c89345df29a8c96932"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 95baFC8GmmmRSy2JFO3vF_-56urAXCvDiJUK-OCSQze3zvtaEcxSPA==

GET
H2 200 624cf2c94f8a8c33f8f4f034_BlueOnion_2tone_Cobalt_Dark.svg
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 3 KB
2 KB 22ms
22ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/624cf2c94f8a8c33f8f4f034_BlueOnion_2tone_Cobalt_Dark.svg
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18a8bb2c78c9d1265a3368c8807e190da52b8400ba6b04d3c91131de5db06b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:34:44 GMT
x-amz-version-id: 5qJ.DIVBMIz8DtPSsx9DeabBf3LKd_MQ
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age: 11676332
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Apr 2022 01:54:19 GMT
server: AmazonS3
etag: W/"efa6668f967502403904b8a3a76723b5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: bMsbRKfxeHtmqLbPrYUbD9JBiMC72TwbfBDwT_MkflqcPaaD7CufxQ==

GET
H2 200 625ee6fa56a76608c88d017b_email.png
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 9 KB
10 KB 24ms
23ms Image
image/png 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/625ee6fa56a76608c88d017b_email.png
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec09b5adcb0d8d0f77b637ee86650cb7ca4a0213f039b57616fd124c07a7dd91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 23 May 2022 16:34:44 GMT
x-amz-version-id: 7bLQYZ2BGdc8ohYU4LmYf1BXRxf.h6C0
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age: 11676332
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9687
last-modified: Tue, 19 Apr 2022 16:44:43 GMT
server: AmazonS3
etag: "c3a1727580d54ea71570343fd74e0bc6"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ZmBLn_o2tfzoS5nKMTlRF8_nzC1yX8MNCNQ1J63loKkewUFTJa1WUQ==

GET
H2 200 625ee6a97226d0b78af5b7f1_Link.svg
uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/ 1 KB
1 KB 24ms
24ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/61dc98856049676bd9b4ceeb/625ee6a97226d0b78af5b7f1_Link.svg
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d865ebaddba0f547a5417352bdd85472ea45bed145c8bee5bb1fc314d0815bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 29 May 2022 11:34:28 GMT
x-amz-version-id: F2jDvM4mbxM78eK6lwGLTj6AW1Wo0y5j
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age: 11175947
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 19 Apr 2022 16:43:22 GMT
server: AmazonS3
etag: W/"37845a97f1830926dd354e4bccfb73be"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Uj4hcMLO0EkH7hENceN3idCk7F3p5c6Lm9D52VzBZUqTmoIhwD1pcg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 109ms
29ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172722044-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Oct 2022 18:27:31 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5564
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 05 Oct 2022 20:27:31 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 293ms
147ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP65CZW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=67377
accept-ranges: bytes
content-length: 3063

GET
H2 200 22596154.js Show response
js.hs-scripts.com/ 2 KB
982 B 201ms
158ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/22596154.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP65CZW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9959ebaf672bd97c6b4465f24e9e1afc95150c2e51f15d21dc2a57f780509416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Oct 2022 20:00:15 GMT
server: cloudflare
x-hubspot-correlation-id: 1ca82052-3858-4b30-acc9-d4d2926b91ed
x-trace: 2BB2E13F9333C6D6F6DCC1D6F518044AF9F0D77439000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.blueonionlabs.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7558be118c9b90fe-FRA
expires: Wed, 05 Oct 2022 20:01:15 GMT

GET
H2 200 d6lvogsq2c Show response
www.clarity.ms/tag/ 1 KB
2 KB 311ms
135ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/d6lvogsq2c
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1d663c4cf4d0f0c5f8cb0e26dc1ee8b6a5552122bb7bc5e44412b938c7c101ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 05 Oct 2022 20:00:15 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0T+I9YwAAAAAcMyx0LiNTQLtKQ3kLXsyBQU1TMDRFREdFMTkxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
979 B 615ms
493ms Script
text/javascript 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1665000015553

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.253 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 7558be120bc5994a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vEFF2_tTDB4M7-auWDN0ahZJW3IX2ih5nk3AucvUHf6kDXr4.woff2
fonts.gstatic.com/s/sourceserif4/v7/ 47 KB
47 KB 115ms
30ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserif4/v7/vEFF2_tTDB4M7-auWDN0ahZJW3IX2ih5nk3AucvUHf6kDXr4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,400italic,700,700italic%7CSource+Serif+4:200,regular,700,200italic,italic,700italic%7CSource+Serif+4:200,regular,500,600,200italic,italic,500italic,600italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db4583c3a0fdfa0bee6ef3ac627418e61da4bb81b951a25786cba1f6c8535ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 01:51:24 GMT
x-content-type-options: nosniff
age: 65331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47992
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:06:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 01:51:24 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 22 KB
22 KB 171ms
89ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:22:09 GMT
x-content-type-options: nosniff
age: 74286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22476
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 23:22:09 GMT

GET
H2 200 tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
fonts.gstatic.com/s/droidserif/v19/ 20 KB
20 KB 187ms
106ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:27:21 GMT
x-content-type-options: nosniff
age: 73974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20452
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:27:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 23:27:21 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 154ms
74ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:25:02 GMT
x-content-type-options: nosniff
age: 74113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 23:25:02 GMT

GET
H2 200 tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2
fonts.gstatic.com/s/droidserif/v19/ 23 KB
23 KB 178ms
97ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ce20de25466074b34945d6b4e030d6137bad3d8e1e2c83737e8ef7ae975854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 13:34:15 GMT
x-content-type-options: nosniff
age: 23160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23520
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:16:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 13:34:15 GMT

GET
H2 200 vEFH2_tTDB4M7-auWDN0ahZJW1ge6NmXpVAHV83Bfb_US0r6aX0.woff2
fonts.gstatic.com/s/sourceserif4/v7/ 48 KB
49 KB 194ms
114ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserif4/v7/vEFH2_tTDB4M7-auWDN0ahZJW1ge6NmXpVAHV83Bfb_US0r6aX0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94e9ba6c924df4c78e662b355c1a2f82ff57bcbc68f931ea98b86721d764d78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 14:04:10 GMT
x-content-type-options: nosniff
age: 21365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49536
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:20:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 14:04:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 51ms
50ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2048546856&t=pageview&_s=1&dl=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&ul=en-us&de=UTF-8&dt=Netsuite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=727725904&gjid=197774773&cid=488147736.1665000016&tid=UA-172722044-1&_gid=1939360582.1665000016&_r=1&gtm=2oua30&z=1606384333

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 20:00:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.blueonionlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 235ms
181ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22596154.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://www.blueonionlabs.com/
Origin: https://www.blueonionlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
via: 1.1 76f3fedc86826a7b266250e33ee41082.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=7558be12dc74900a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7558be12dc74900a-FRA
x-amz-cf-id: gt1jiY9vJTuTUIqpVnfp2Mzf-UpYn3zwFHaKUkb7txyuop_fx461Vg==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 83ms
45ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22596154.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe5717b2e530ed3889fef7a3f64bd8703892af4df7a50ebdab50877d714ccb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
x-amz-version-id: 7KJ54BFzipn1nE_Td6RfTtNOqayLQBYG
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 382
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.293/bundles/pixels-release.js&cfRay=7558b4bace489231-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Sep 2022 05:23:07 UTC
server: cloudflare
etag: W/"46dd82490c71a41bce1eabb2e38c89c0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7558be12cac69241-FRA
x-amz-cf-id: Um9OBOtQX3FFi7cwUpyzfPyER4rdJQbWX1bYysKEkFhS_i2zISzVWA==
x-hs-target-asset: adsscriptloaderstatic/static-1.293/bundles/pixels-release.js

GET
H2 200 22596154.js Show response
js.hs-analytics.net/analytics/1665000000000/ 63 KB
20 KB 293ms
241ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1665000000000/22596154.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22596154.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17abca4a577a9e86b893fa93cce4999a00471cf63088db2c00b29915e97c5911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: C26MVD5QS4XF84E9
x-amz-server-side-encryption: AES256
x-amz-id-2: 6+/D0yAVMX7TMVpGSYu09IyYVy443Vsgs5XmeErYCqj9TZqTfqzv5FyTa1Q4yP+0kcZ05Av0gL4=
last-modified: Wed, 07 Sep 2022 23:21:06 GMT
server: cloudflare
etag: W/"7348c05936143f3c3b8a1f78bedf104d"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7558be12dc129b4f-FRA
expires: Wed, 05 Oct 2022 20:05:15 GMT

GET
H2 200 22596154.js Show response
js.hs-banner.com/ 60 KB
16 KB 348ms
309ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/22596154.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22596154.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acda6f2f40f0da50552e10c7aea3db0c258d8d350afd10e3a407ec995b2d4627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-amz-version-id: ASFS5sqqOMpA2pfoJYooqyKwmbRKXZwo
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: C26HY08A58Y2P8FM
x-amz-server-side-encryption: AES256
x-amz-id-2: psveMVN6jZT6huEZUrp6Zjizs/xIKg1xovj2mBZUeXSc55B1cK7wz/VhUp2FFY291l5s6p8CZ4w=
last-modified: Wed, 07 Sep 2022 23:21:09 GMT
server: cloudflare
etag: W/"462403924d3a06783c04e058f2a227f7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.blueonionlabs.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7558be12c9ee996f-FRA
expires: Wed, 05 Oct 2022 20:05:15 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 74ms
35ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22596154.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1b7acbd7a3ca2cd31c6405127420ba28ea9c82f01a4477cbf863e37efd20a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
x-amz-version-id: y24q1zYP7BjLwmSbcrvN2WI7ANyjR6Yj
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 243
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10873/bundles/project.js&cfRay=7558b81eebad9bce-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 30 Sep 2022 03:28:22 UTC
server: cloudflare
etag: W/"8f72896eff8de085fc34d4ab80d97463"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7558be12ca1a9b5d-FRA
x-amz-cf-id: EUO4R6U5hlD_h2H1Y-VgPpF8xzCd7a1tbmUhiwqTOEUk8idxlnNWtQ==
x-hs-target-asset: conversations-embed/static-1.10873/bundles/project.js

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 413ms
271ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=22596154&conversations-embed=static-1.10873&mobile=false&messagesUtk=c7aa8494aaa1440f8be7b835ae73f89a&traceId=c7aa8494aaa1440f8be7b835ae73f89a

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c73ab691d0fba182b14afed0fdc0783730a02e0e971a4b8040f7343e7e2911d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.blueonionlabs.com/netsuite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6bcbaf25-34e6-4f9f-8085-443d5689ac4a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1436
server: cloudflare
x-trace: 2B581E77FE717B874A6C8245EEC32FEC521B33CF5A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.blueonionlabs.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjAhLXqqB3GSGIynfdQ%2BUhxvB7jmSKtPCMd0sHxoB2bB8wOMzSqb4f7M1NqGiz9CtSaxTBrib9OsU%2B2j0zK8p%2BcqgJHvxi6AZi3wpbI9ErRsHHdGqsCPX5HJK3GKVpYhQLK51F67ByyFQXA%2FTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7558be156c9b9261-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 225ms
178ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.blueonionlabs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.blueonionlabs.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7558be135c085c0e-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 05 Oct 2022 20:00:16 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1GrAgqMKsMajXk2E%2F5JEjMd3hcWEzJQD1vE1ZuAhlhwU6drDhYBbal68%2FpMA8WL9Qvrpnv9mihpZbzdTXnCUdfuy9tX%2FxdZdsX585ruexooj7%2FvZ2OLjG6WHeU%2FcyTKpMzyrvno0N5Q2dOA7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 79cc9753-0797-449b-a135-70b17c4455cd
x-trace: 2B775675DDC23A56A3B7C76A0FE4DA642FE87B1DB3000000000000000000

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3591500%26time%3D1665000015847%26url%3Dhttps%253A%252F%252Fwww.blueonionlabs.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&liSync=true&e_ipv6=AQIRrC7Z4NzlngAAAYOpvAnEDBllTRreiEyRUPgcHyF5oZLc...

0
265 B

231ms
178ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&liSync=true&e_ipv6=AQIRrC7Z4NzlngAAAYOpvAnEDBllTRreiEyRUPgcHyF5oZLcraCxfNKbWe4md57zNazEg0LZ2g
Requested by: Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7E45FBB61FC64623B5FD2C62A373821C Ref B: FRAEDGE1517 Ref C: 2022-10-05T20:00:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqTwaJUFNTDE2c67AVcQ==

Redirect headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AD1F6B110922490A93AA7FE274255D90 Ref B: FRAEDGE1312 Ref C: 2022-10-05T20:00:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3591500&time=1665000015847&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&liSync=true&e_ipv6=AQIRrC7Z4NzlngAAAYOpvAnEDBllTRreiEyRUPgcHyF5oZLcraCxfNKbWe4md57zNazEg0LZ2g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqTwaGA0OdhGr3+zh7Fg==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.42/ 53 KB
23 KB 135ms
135ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/d6lvogsq2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:15 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d8bec6e9b6d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0T+I9YwAAAAAewb39XWn4T6XHhdn1t46MQU1TMDRFREdFMTkxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23382
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 200 / Show response
app.posthog.com/e/ 13 B
301 B 130ms
130ms XHR
application/json 3.214.195.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/e/?ip=1&_=1665000015939&ver=1.32.2

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.195.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-195-105.compute-1.amazonaws.com

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.blueonionlabs.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 13

POST
H2 200 / Show response
app.posthog.com/decide/ 244 B
510 B 127ms
126ms XHR
application/json 3.214.195.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/decide/?v=2&ip=1&_=1665000015939&ver=1.32.2

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.195.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-195-105.compute-1.amazonaws.com

Software

Resource Hash

dfdcc676fcaf707491299e7d92572b8d801eae7cb33b83be490633dbf5d49ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.blueonionlabs.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 116 B
683 B 157ms
157ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=22596154&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f53dea77e53fe89351863c86e6fbfa982a4580eebd8e72f2d83976370f168a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 75d38eaa-10cd-4496-88a6-fa60ed57b480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.blueonionlabs.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BCLbPMawn4qJoxqPmgJxiyTZficx%2FGVnYMGM1l%2B6QRuZKRBrdvKELBirChzuvvRpEcw7dE43xl%2FFAzeNWbjNDpWVSNqgVxH7L%2B7vxDx3jrT7r1yx7LcwUz4JN9zPGLuW3YUqmgSTMfmAJXfF78Y"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7558be143d9b5c0e-FRA

GET
H2 200 recorder.js Show response
app.posthog.com/static/ 61 KB
20 KB 113ms
111ms Script
text/javascript 3.214.195.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/static/recorder.js?v=1.32.2

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.195.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-195-105.compute-1.amazonaws.com

Software

Resource Hash

4d3d61d27c747fd88d4d63df56e8c4762d3ea75d0ce0b9357710e1fd2c23da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 05 Oct 2022 14:14:08 GMT
etag: "633d9130-f471"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-length: 20033

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 69 B
849 B 261ms
157ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=22596154

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f621e6866ca51c3ad8f268105036107ca7a23f45bb6ee83ab75f7c58ce719f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ef472197-742c-48ee-b5e0-c101d46ede74
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B39C5E6CDE3F4AF08BE64AA34B51DD09E9B6DAE36000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.blueonionlabs.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLrC2iKs0039NCL6tT28feZ8ROYCsZBDDWMEkc83Rq0pA7Gib6y53yH6TbIWETzrBO8t%2BKz1z0NBAQQdLaTiqQlnKV5a6il4l4KGd9KoFL2BrY6xtY5rKvvOjqeAwOew%2BTMon6J1JPjM%2F9aA"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7558be156feabb91-FRA
access-control-allow-headers: *

POST
H2 204 collect Show response
d.clarity.ms/ 0
163 B 540ms
203ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://www.blueonionlabs.com
date: Wed, 05 Oct 2022 20:00:15 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 c.gif
grow.clearbitjs.com/api/ 35 B
239 B 286ms
213ms Image
image/gif 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&c=direct

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.253 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
cf-ray: 7558be15993fd6f2-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
438 B 211ms
172ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 5f17ebf6-6034-47db-8ede-f8eb26d45d6c
x-trace: 2BFA17F86E0CC4EC7B3CE5E12F1D1B625F42F02278000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7558be15a8519010-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 66ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10985680120

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

763db918a4e58efec8f8a6eb1131a3cb438daff76eaa40d3c5365340ef53e992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46711
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 20:00:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 68ms
37ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10985680120&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-172722044-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c4feffe198ad07d1384a9941e60037666a5fe13613509cc8acd903ccee5be40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46743
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 20:00:16 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 578ms
106ms Script
text/javascript 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985680120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 20:00:17 GMT

GET
H2 200 c7aa8494aaa1440f8be7b835ae73f89a Show response
app.hubspot.com/conversations-visitor/22596154/threads/utk/ Frame C3B5 49 KB
18 KB 749ms
294ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/22596154/threads/utk/c7aa8494aaa1440f8be7b835ae73f89a?uuid=f91a847c9951415086bebfadb6d375f8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=blueonionlabs.com&inApp53=false&messagesUtk=c7aa8494aaa1440f8be7b835ae73f89a&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb12285fcd45fadab647794b29242e45746ba65d3579ba9712eb85378fb25894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.blueonionlabs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 2075
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7558be19f9618ffb-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.13325/html/index.html&cfRay=7558be19f9618ffb&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F22596154%2Fthreads%2Futk%2Fc7aa8494aaa1440f8be7b835ae73f89a%3Fuuid%3Df91a847c9951415086bebfadb6d375f8%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dblueonionlabs.com%26inApp53%3Dfalse%26messagesUtk%3Dc7aa8494aaa1440f8be7b835ae73f89a%26url%3Dhttps%253A%252F%252Fwww.blueonionlabs.com%252Fnetsuite%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.blueonionlabs.com%2F&cfenv=prod&pdt=2022-10-05&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 20:00:17 GMT
etag: W/"f436886d761cb4742d741787ff9099c7"
last-modified: Fri, 30 Sep 2022 03:28:22 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7558be19f9618ffb&resource=conversations-visitor-ui/static-1.13325/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 34411558fb3a23efdbbaaddb8a12b574.cloudfront.net (CloudFront)
x-amz-cf-id: BIX6AQoPui_1BvmQ_Y_AMfTZlevTMwuyPhqX4uD8eD7XBzvdsAFDqQ==
x-amz-cf-pop: IAD12-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: S7BtrQzF8liyMMy.DQCNxOKIyEoXr8OF
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.13325/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985680120/ 2 KB
2 KB 142ms
59ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985680120/?random=1665000017055&cv=9&fst=1665000017055&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa30&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&tiba=Netsuite&auid=25407463.1665000016&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9177a7611f334f572f3d2b8e3580628137c1c6327e032fc777cd87bccae2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 20:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 102ms
102ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://www.blueonionlabs.com
date: Wed, 05 Oct 2022 20:00:16 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.google.com/pagead/1p-user-list/10985680120/ 42 B
548 B 200ms
74ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10985680120/?random=1665000017055&cv=9&fst=1665000000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa30&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&tiba=Netsuite&async=1&fmt=3&is_vtc=1&random=2493612552&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 20:00:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10985680120/ 42 B
548 B 73ms
32ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10985680120/?random=1665000017055&cv=9&fst=1665000000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa30&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&tiba=Netsuite&async=1&fmt=3&is_vtc=1&random=2493612552&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.blueonionlabs.com
URL: https://www.blueonionlabs.com/netsuite

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 20:00:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.234/ Frame C3B5 44 KB
17 KB 88ms
49ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.234/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/22596154/threads/utk/c7aa8494aaa1440f8be7b835ae73f89a?uuid=f91a847c9951415086bebfadb6d375f8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=blueonionlabs.com&inApp53=false&messagesUtk=c7aa8494aaa1440f8be7b835ae73f89a&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc4889798feb201f18846c07ea416666747daa691177cc98ccf3b9eab92f5e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
x-amz-version-id: YWDtvP_ZHgEUkBeD2cA0UllWA7dKrCQJ
via: 1.1 11bc309875abf4cdfea734f39118b58e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: TXL50-P4
age: 612749
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 28 Sep 2022 17:07:56 GMT
server: cloudflare
etag: W/"af59323cc47b2bf2c3eeb0ed50217041"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUl02riU0iDVWOGmBsGTYefil0RjGt4VlahxpIf%2FSeHhhU4QnXGVYVPRaYyOTNVFAeuIL6an%2FKfVYaUO0NO6TVdP4QGOu8HnpEtOvKGiuQNCNEbwVzXVxFmAemW%2BZLZWKmKrTxEVQ%2BHEKpeGf2CddO0R9Pk%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7558be1c1c9c90f4-FRA
x-amz-cf-id: 7jVV5fDoeQ3WLnOY_uiHQ1anueSPpC731przoewV8n_jy5DQbIgWJA==
expires: Thu, 05 Oct 2023 20:00:17 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame C3B5 20 KB
4 KB 71ms
31ms Stylesheet
text/css 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 129902
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQTxrkUiJy5EgO%2BO4h53ZV%2B8D4bx0N3npS2J1q1%2FPXreCpFBDx6JO%2BI0VlhYlRoyruPe5J1q62mtgJlV6Kz4VF967ZZdjXHlL1zhmchZNVAZ5YfG%2BJ0SyNkeK%2BBYQW4Zodlg82rrqLt%2F%2FHHz%2B2JOMU32EUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7558be1c1af66997-FRA
x-amz-cf-id: 23c1eNiCqFv3-L7b7GcD5q0QudwUFfEGt_BsOirNla5ADUFWqNjTzQ==
expires: Thu, 05 Oct 2023 20:00:17 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.323/ Frame C3B5 295 KB
94 KB 102ms
62ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.323/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718c2deaf7b1c3172ad0c7bd5e8b639d7c3bdcec49b35cbf7aba90ede4ae563e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
x-amz-version-id: Ln.tyCbqyOrowcoF3r7BJeIsSNnld2Qd
via: 1.1 caeb89b8b8a5b107795bac07edc9b810.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MXP63-P3
age: 540455
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 28 Sep 2022 19:48:57 GMT
server: cloudflare
etag: W/"935799ee774e355e90f1cbb52fd06f07"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEgQf2Ie%2B%2B%2BCUXLo40kZewmOProB4f%2B8zQkAQv0fEqW2y5Kh2XPA%2B0JOCyziBruIeAJLy7xFD2FHLQdLJoO0cPYOUgulgdG9qBpzilcq7bs%2F%2F3DLwt5OJZyYskR%2B%2Fo1Kpj8yq0%2BxIP6xc2B%2BQ29kI1aI4B0%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7558be1c1ca290f4-FRA
x-amz-cf-id: 9S3tT9pxs9YM9uJJZss_ybKyuR5cttAvNjynLpP8kSvuKzOOlaxkWg==
expires: Thu, 05 Oct 2023 20:00:17 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13325/bundles/ Frame C3B5 512 KB
149 KB 101ms
62ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13325/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1387a8785d28171fe1d909ecc64cc57145fe0b6a4a580e7453c253ee00384c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
x-amz-version-id: alCi0ss_LCvbn4fkk1UpshgP1giGWdic
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 171664
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Sep 2022 15:00:58 GMT
server: cloudflare
etag: W/"b7314e5c2ccf63c800c5119b6c75b721"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hF%2B8W2nnuV5OiFja6pzRtBtB3hj%2F5FmwB%2BHyuKnzZwVPkSN2vsR1QLrBfL%2FGBWaig5HsVOna9BZce8Co7ijJNHgzf%2BFqBvo0RDrTX0nUTuLZBjb%2F43L7nGiR5Wu9gHdOWqH0gRBwV2jSLiVs1VhJtXorC3Y%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7558be1c1ca090f4-FRA
x-amz-cf-id: SyHeFFGRQAo8x0qM8tkpRMHxgmf6iJmbApUwJgeBbpRAaUpDSfmQRQ==
expires: Thu, 05 Oct 2023 20:00:17 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13292/ Frame C3B5 776 B
1 KB 53ms
33ms Script
application/javascript 2606:4700::6811:6d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13292/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13325/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ebfaa2a63c3aad9730f01e48294897d3e0a2eb9d4eb1164b7f0d6b0966cb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
x-amz-version-id: ceDgXuucQz1PLxRfKSR7xx_vX_2QQY.l
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 451604
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 27 Sep 2022 18:36:30 GMT
server: cloudflare
etag: W/"90252da4cfd33e680909d40cc81a456b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DZAijf%2F%2B6LqjlH181LpC4Nky1pt498q1%2FXLuOUaKi8Al5xvICD1DDiJ6ic86MQEXH5gEOG5G13Mh1nXoQTLIWssyr8nweqhgWRLj0nrdsTO3MbdY5aRwnrWHnuTNF8DBDWAcI3xeq5sriV1DXh%2FT86WJz0%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7558be1d3fb39100-FRA
x-amz-cf-id: hF7C-I1cDa73i9h1x1vkuBYxiay8xbQIHNwGzQpxDwbthTymQxVbCQ==
expires: Thu, 05 Oct 2023 20:00:17 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=85B23028026B42B19972DE84D502AA3B&RedC=c.clarity.ms&MXFR=077455D636FD6FB01AAE47E232FD61F7
https://c.clarity.ms/c.gif?CtsSyncId=85B23028026B42B19972DE84D502AA3B&MUID=1637F7471CEC68CE0922E5731D87697E

42 B
367 B

36ms
36ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=85B23028026B42B19972DE84D502AA3B&MUID=1637F7471CEC68CE0922E5731D87697E
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 20:00:17 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 20:00:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8243FCAAB4714DE0BEBAD4EBD9275390 Ref B: FRAEDGE1417 Ref C: 2022-10-05T20:00:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=85B23028026B42B19972DE84D502AA3B&MUID=1637F7471CEC68CE0922E5731D87697E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
513 B 163ms
162ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3852045874&v=1.1&a=22596154&pu=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&t=Netsuite&cts=1665000017524&vi=4f09665b7928e3dc48d53205c415df0e&nc=true&u=250943769.4f09665b7928e3dc48d53205c415df0e.1665000017521.1665000017521.1665000017521.1&b=250943769.1.1665000017521&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blueonionlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: bdd9921c-aee2-4420-826f-562c5751df27
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SclZwWyMVzfqy7jmzSIl%2FhHzoL5Qq6RQr69DdnGnBU1me61eYgj7f3DF3pbdsa7hBR6OsF8GEOMVqabKk8J0vXszyZp6hWpE6lR2VgcFcqJwiIFmG4%2BFXFmYLFAc%2BD3gWTCGjlLr4xvSAeyJsh%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7558be1d99d08ffb-FRA
x-robots-tag: none

GET
H2 200 BlueOnion_Mark_Cobalt.svg
22596154.fs1.hubspotusercontent-na1.net/hub/22596154/hubfs/BlueOnion_Logo/ Frame C3B5 2 KB
2 KB 1627ms
1346ms Image
image/svg+xml 2606:4700:4400::6812:2128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22596154.fs1.hubspotusercontent-na1.net/hub/22596154/hubfs/BlueOnion_Logo/BlueOnion_Mark_Cobalt.svg?width=108&height=108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2128 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b7ff7b787e202709b18271afed535662258fc77326198807a893d4d826c67f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:00:19 GMT
via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
x-amz-meta-cache-tag: F-84235880541,FD-84419479648,P-22596154,FLS-ALL
x-amz-version-id: 8oTVjUiDQ6XOg8DE7YwZnW5EmLkS1nDM
x-amz-cf-pop: FRA56-P7
x-amz-request-id: XQE3778NDEVXNXJX
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-84235880541,FD-84419479648,P-22596154,FLS-ALL
cache-tag: F-84235880541,FD-84419479648,P-22596154,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-id-2: PISkSgWgTpC9iPHbP7RuxFZ4ZpWMKXsJ2KZpZ1eO1ZTHAIRKphaOwXCfQ/NVbZUkB2sSqj18st0=
last-modified: Fri, 09 Sep 2022 08:23:36 GMT
server: cloudflare
etag: W/"44b6c836b9bdf28c7a20cded502bdb5d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662571755955
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray: 7558be1facfa6964-FRA
x-robots-tag: all
x-amz-cf-id: vWcvM5KDtfHbqrYlQiEZFYnnj8AHjaDfCBHAUYoQxFR7rAWoQHKwPw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame C3B5 0
1 KB 182ms
162ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13325

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13325/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/22596154/threads/utk/c7aa8494aaa1440f8be7b835ae73f89a?uuid=f91a847c9951415086bebfadb6d375f8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=blueonionlabs.com&inApp53=false&messagesUtk=c7aa8494aaa1440f8be7b835ae73f89a&url=https%3A%2F%2Fwww.blueonionlabs.com%2Fnetsuite&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Oct 2022 20:00:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d82ad4fc-8567-483f-a6f2-e34883dc154a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYnzw%2FtflTpwVUBPqG1%2BjqBwZhw9z6uxynbgTMy4Mpn8T5voiQJiMfMUQSdirJwgT54UDT2jBUBoWHp3EXQnQIcT1V4zUJQF6W4v3ZMGMo5OKEyYW1kSnYCOyP6RKvmYjl3xvCCVXwzpZoO2eA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 7558be1e0ddd9972-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 102ms
102ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://www.blueonionlabs.com
date: Wed, 05 Oct 2022 20:00:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 200 / Show response
app.posthog.com/s/ 13 B
301 B 134ms
133ms XHR
application/json 3.214.195.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1665000020532&ver=1.32.2

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.214.195.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-214-195-105.compute-1.amazonaws.com

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.blueonionlabs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Oct 2022 20:00:20 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.blueonionlabs.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 13

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blueonionlabs.com/	1970-01-20 08:39:36	Name: _gcl_au Value: 1.1.25407463.1665000016
.blueonionlabs.com/	1970-01-20 16:06:00	Name: _ga Value: GA1.2.488147736.1665000016
.blueonionlabs.com/	1970-01-20 06:31:26	Name: _gid Value: GA1.2.1939360582.1665000016
.blueonionlabs.com/	1970-01-20 06:30:00	Name: _gat_gtag_UA_172722044_1 Value: 1
www.clarity.ms/	1970-01-20 15:15:36	Name: CLID Value: 8071cc83da4c4141afebc6571ea4c6cc.20221005.20231005
.blueonionlabs.com/	1970-01-20 15:15:36	Name: _clck Value: 1ekkoqk\|1\|f5g\|0
.linkedin.com/	1970-01-20 07:13:12	Name: UserMatchHistory Value: AQImYezU9g26VQAAAYOpvAhn-XOAjlib6lnI3RF4HvMM-rjyrEtB2rY0_RDzpImC5XZJXbirLkWl7g
.linkedin.com/	1970-01-20 07:13:12	Name: AnalyticsSyncHistory Value: AQIEqsXwcfZzxQAAAYOpvAhnwbOwK4i1dmVRqa0ZdDYi5d0oEsDzcmlz3P5Lnxn0K43aPadA52cszRqe-A2hSA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:15:36	Name: bcookie Value: "v=2&5504ebfb-9a3c-4e2f-8e39-b333e4b5c9b3"
.linkedin.com/	1970-01-20 06:31:26	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2522:u=1:x=1:i=1665000015:t=1665086415:v=2:sig=AQEvb4Ew54PPue4d4eGMqFhu2Pb-ZVB_"
.blueonionlabs.com/	1970-01-20 15:15:36	Name: ph_phc_vUOabxObRJVSCdVLNyp1anVQchF29A5Zp3OiJo7pvzp_posthog Value: %7B%22distinct_id%22%3A%22183a9bc083912bd-027b5c236578dd-133b3474-1d4c00-183a9bc083a1a8e%22%2C%22%24device_id%22%3A%22183a9bc083912bd-027b5c236578dd-133b3474-1d4c00-183a9bc083a1a8e%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24sesid%22%3A%5B1665000016223%2C%22183a9bc083d1540-0c58abe9fa1a9c-133b3474-1d4c00-183a9bc083ed33%22%2C1665000015933%5D%2C%22%24session_recording_enabled_server_side%22%3Atrue%2C%22%24console_log_recording_enabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:15:36	Name: bscookie Value: "v=1&202210052000162f52caf3-bfc9-4e4b-8f22-b216a15bd09aAQGzZYCoYBYw2VGUkjcD0Yn7OjAvLWzO"
.linkedin.com/	1970-01-20 10:49:12	Name: li_gc Value: MTswOzE2NjUwMDAwMTY7MjswMjFGbouqgxLQnUb+gPydlV/+zqQ8fbNh1mfNAbvGWRnYMg==
.blueonionlabs.com/	1970-01-20 06:31:26	Name: _clsk Value: 1vmhf2d\|1665000016669\|1\|1\|d.clarity.ms/collect
.doubleclick.net/	1970-01-20 06:30:00	Name: test_cookie Value: CheckForPermission
.hubspot.com/	1970-01-20 06:30:01	Name: __cf_bm Value: GQbIkGfMF9XLRqIs3Xjb0gUuBbQYmt6tYMsglY7JfV8-1665000017-0-AT6gSGvIVqY1ZpSsDnXZnj6hKueI8w1g+2+MQXuWUUB/CmzJKY1+3BcNvanARA2kGCzXXl819U8jVfFK6IUGOBs=
.blueonionlabs.com/	1970-01-20 10:49:12	Name: __hstc Value: 250943769.4f09665b7928e3dc48d53205c415df0e.1665000017521.1665000017521.1665000017521.1
.blueonionlabs.com/	1970-01-20 10:49:12	Name: hubspotutk Value: 4f09665b7928e3dc48d53205c415df0e
.blueonionlabs.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.blueonionlabs.com/	1970-01-20 06:30:01	Name: __hssc Value: 250943769.1.1665000017521
.blueonionlabs.com/	1970-01-20 10:49:12	Name: messagesUtk Value: c7aa8494aaa1440f8be7b835ae73f89a
.c.bing.com/	1970-01-20 15:51:36	Name: SRM_B Value: 1637F7471CEC68CE0922E5731D87697E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:51:36	Name: MUID Value: 1637F7471CEC68CE0922E5731D87697E
.c.clarity.ms/	1970-01-20 06:30:00	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22596154.fs1.hubspotusercontent-na1.net
ajax.googleapis.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
app.posthog.com
c.bing.com
c.clarity.ms
d.clarity.ms
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
grow.clearbitjs.com
jobs.ashbyhq.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.hsappstatic.net
track.hubspot.com
u16885202.ct.sendgrid.net
uploads-ssl.webflow.com
www.blueonionlabs.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
167.89.118.28
172.217.20.2
18.66.112.105
20.234.93.27
216.24.57.253
2606:4700:3108::ac42:28d6
2606:4700:4400::6812:2128
2606:4700:4400::6812:21ab
2606:4700::6810:5805
2606:4700::6811:43b0
2606:4700::6811:6d2
2606:4700::6811:72b0
2606:4700::6811:81ab
2606:4700::6811:cccc
2606:4700::6811:d6cc
2606:4700::6811:eccc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:809::2008
2a00:1450:400d:804::200a
2a00:1450:400d:807::2002
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
2a02:26f0:3500:16::215:149b
3.214.195.105
34.253.101.190
40.76.174.66
52.222.232.99
0c73ab691d0fba182b14afed0fdc0783730a02e0e971a4b8040f7343e7e2911d
140b53f6dec112bfd0110745e29868d1b5bb987697241d44bbef38bc77ace87b
17abca4a577a9e86b893fa93cce4999a00471cf63088db2c00b29915e97c5911
18a8bb2c78c9d1265a3368c8807e190da52b8400ba6b04d3c91131de5db06b74
1d663c4cf4d0f0c5f8cb0e26dc1ee8b6a5552122bb7bc5e44412b938c7c101ee
23ce20de25466074b34945d6b4e030d6137bad3d8e1e2c83737e8ef7ae975854
2d5c37910d48cab1c59aa7de76952699b4e318a3cd06f4daed9d5471bd8c8460
3c4feffe198ad07d1384a9941e60037666a5fe13613509cc8acd903ccee5be40
414a442f21d6b536860e23b6068b5925163901d58cfa58965063e7186e64a651
44f7f3ef755bae3543f5982efd58ce39782d733a239c69d156383f81e9b07b33
47ebfaa2a63c3aad9730f01e48294897d3e0a2eb9d4eb1164b7f0d6b0966cb54
4b08e381e7b51c21bcf1acccb2f15d2284c65f2052df6ef4b3b92fe22d5ee5c6
4b7ff7b787e202709b18271afed535662258fc77326198807a893d4d826c67f0
4d3d61d27c747fd88d4d63df56e8c4762d3ea75d0ce0b9357710e1fd2c23da9a
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
6869734c701a0e10d3144e026a23ad33b523eb323cd2cc61c29c5113db54a7d4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718c2deaf7b1c3172ad0c7bd5e8b639d7c3bdcec49b35cbf7aba90ede4ae563e
722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193
763db918a4e58efec8f8a6eb1131a3cb438daff76eaa40d3c5365340ef53e992
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7cd2cffa31c65c1006fca5eeddc57f6b29561feafc7ddbb0ab4db94e90d4da7c
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
813a1643708585f5691cae72bedf79e1f834b55b1f56bdaf3d0478ae111c37cf
94e9ba6c924df4c78e662b355c1a2f82ff57bcbc68f931ea98b86721d764d78b
9959ebaf672bd97c6b4465f24e9e1afc95150c2e51f15d21dc2a57f780509416
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f7ce20fe0f9b47fe810f23f75a6e1a84759301cfbf85dfe793098d47d26d091
a797bffc7064868ff58ed5f5dfa76522846925c664552f112e14ebd3f69f0e2c
a9e82e7b992fb2af148be00b0e7904f07dab7ff81c7a19408b895f80d1f4a0fe
acda6f2f40f0da50552e10c7aea3db0c258d8d350afd10e3a407ec995b2d4627
ad1b7acbd7a3ca2cd31c6405127420ba28ea9c82f01a4477cbf863e37efd20a2
ad585d88ad70dd838d7d308b7ba5a59bde4acac695edff136bbc662fe0a5b9da
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
bb12285fcd45fadab647794b29242e45746ba65d3579ba9712eb85378fb25894
bbe5717b2e530ed3889fef7a3f64bd8703892af4df7a50ebdab50877d714ccb1
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
cfba976d2fa306bdecc036a3143b231218fd3c3559d26297aec358c8bc8455e1
d1387a8785d28171fe1d909ecc64cc57145fe0b6a4a580e7453c253ee00384c7
d865ebaddba0f547a5417352bdd85472ea45bed145c8bee5bb1fc314d0815bbe
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
da6da0f7e1e5c946e642b64e36a0e1f4687a22a0b4d1593f731731e650cbdfa7
db4583c3a0fdfa0bee6ef3ac627418e61da4bb81b951a25786cba1f6c8535ff3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc4889798feb201f18846c07ea416666747daa691177cc98ccf3b9eab92f5e2d
dfdcc676fcaf707491299e7d92572b8d801eae7cb33b83be490633dbf5d49ad1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f53dea77e53fe89351863c86e6fbfa982a4580eebd8e72f2d83976370f168a
e9177a7611f334f572f3d2b8e3580628137c1c6327e032fc777cd87bccae2a64
ec09b5adcb0d8d0f77b637ee86650cb7ca4a0213f039b57616fd124c07a7dd91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f621e6866ca51c3ad8f268105036107ca7a23f45bb6ee83ab75f7c58ce719f02
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe4c84adcbecfcb7b245ce1a8f8e441a6db941136fe177b3939bd91cef106cb8

www.blueonionlabs.com Open in urlscan Pro 34.253.101.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

97 %HTTPS

71 %IPv6

30 Domains

38 Subdomains

32 IPs

3 Countries

1704 kBTransfer

4882 kBSize

27 Cookies

3 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.blueonionlabs.com Open in urlscan Pro
34.253.101.190 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

97 %
HTTPS

71 %
IPv6

30
Domains

38
Subdomains

32
IPs

3
Countries

1704 kB
Transfer

4882 kB
Size

27
Cookies

68 HTTP transactions
0 data transactions