ondexx.com Open in urlscan Pro
192.0.78.144  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1656079371621%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-campaign%252F%253Futm_content%253Dtext-link1%2526utm_source%253Dst-2022%2526utm_medium%253Demail%2526utm_campaign%253Ddr1%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1&liSync=true&e_ipv6=AQKrFIJMZnfASgAAAYGWBc7r2Z66enpYZRSsOZZ6D4SPpOS01DXevew_3JJr8mkJqJoZDnex

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ondexx.com/hero-campaign/	45 KB 13 KB	674ms 494ms	Document text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash db86750af378420833a58b191663aa3092512eda44d297182a8780da61cc27d2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Fri, 24 Jun 2022 14:02:46 GMT host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" <https://ondexx.com/wp-json/wp/v2/pages/3076>; rel="alternate"; type="application/json" <https://ondexx.com/?p=3076>; rel=shortlink server nginx strict-transport-security max-age=31536000 vary Accept-Encoding Cookie x-ac 2.hhn _atomic_ams x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
GET H2	200	slick.css ondexx.com/wp-content/themes/Ondexx/js/slick/	2 KB 675 B	172ms 170ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.css Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:59 GMT server nginx etag W/"5f6ed60f-6f0" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Fri, 01 Jul 2022 14:02:46 GMT
GET H2	200	slick-theme.css ondexx.com/wp-content/themes/Ondexx/js/slick/	3 KB 931 B	173ms 172ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:53 GMT server nginx etag W/"5f6ed609-c49" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Fri, 01 Jul 2022 14:02:46 GMT
GET H2	200	f69857688e.js Show response kit.fontawesome.com/	11 KB 4 KB	73ms 40ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/f69857688e.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c45b7e88d35f33638aa07e6537039db5f5fd17ae1846759d6e99c07de3e9789 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:46 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 720600c74d86927f-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FvuTaMytOhbBseJa_P4B
GET H2	200	jquery-3.4.1.min.js Show response ondexx.com/wp-content/themes/Ondexx/js/vendor/	86 KB 31 KB	178ms 177ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/vendor/jquery-3.4.1.min.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:55 GMT server nginx etag W/"5f6ed60b-15851" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Fri, 01 Jul 2022 14:02:46 GMT
GET H2	200	slick.min.js Show response ondexx.com/wp-content/themes/Ondexx/js/slick/	42 KB 11 KB	174ms 172ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.min.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:48:06 GMT server nginx etag W/"5f6ed616-a76f" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Fri, 01 Jul 2022 14:02:46 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 930 B	133ms 46ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 24 Jun 2022 12:45:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 24 Jun 2022 14:02:46 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 Jun 2022 14:02:46 GMT
GET H2	200	style.css ondexx.com/wp-content/themes/Ondexx/	44 KB 10 KB	182ms 181ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1656079366 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f305605b98771f02238f3f7530a6b1b4d869fe9ef23c5eb9421be86cb68af1ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 03 Aug 2021 22:21:47 GMT server nginx etag W/"6109c17b-ae26" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=315360000 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ ondexx.com/_static/	847 KB 109 KB	374ms 372ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/_static/??-eJyV0UFywyAMBdALFTN1m3bV6RV6BQw/jhyBXSTH5fbF8cZdZKbeIfgPDWKZDCXPc4BYL2IDidqOR381TF12uVjRwmgipaYGnpYdGMRGBHJgRCT9U0zsCrJh9M6Xf+l6tq/3xo9J18jEc09JLGKHYLxjpMDFiL8gzEypt04Euj1lodBDH15xQ4aoUYqoEnfiEkWnOGSG7xm5NN2PMAXkQ3bKUC1fl1HHQ+5cQ26BjBHGMR+yWL8kqaGalmNSzTnfg+Goq5tTbUe3h7MdoJPz122k23qNfsaP57fTqW3fX1/aXxlTBrc= Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 744f1eea16f5a983c564d972183b7961df7dea78fb073884fdf61aa7185ebe7d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 14 Jun 2022 17:23:52 GMT server nginx x-page-optimize uncached etag W/"a8c254dbb2478a8beb33be126ce8776c" vary Accept-Encoding content-type text/css;charset=utf-8 cache-control max-age=31536000 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams host-header WordPress.com
GET H2	200	dashicons.min.css ondexx.com/wp-includes/css/	58 KB 34 KB	174ms 172ms	Stylesheet text/css	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/css/dashicons.min.css?ver=6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 03 Mar 2021 21:16:22 GMT server nginx etag W/"603ffca6-e688" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=315360000 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	73 KB 4 KB	127ms 46ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Bitter%7CHind%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COpen+Sans%3A400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C700%2C900%7CMontserrat%7CDroid+Sans%7CRoboto%7CLora%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%7CRubik%7CMerriweather%3A300%2C400%2C700%2C900%7CPoppins%7CRopa+Sans%7CPlayfair+Display%7CRubik%7CSource+Sans+Pro%7CRoboto+Condensed%7CRoboto+Slab%3A300%2C400%2C700%7CAmatic+SC%3A400%2C700%7CQuicksand%7COswald%7CQuicksand%3A400%2C500%2C700%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CFjalla+One&ver=6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8079612826c9618bbbdd1257cb32235566be44852ad0cc16a414a83a33dc1bff Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 24 Jun 2022 13:48:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 24 Jun 2022 14:02:46 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 Jun 2022 14:02:46 GMT
GET H2	200	jquery.min.js Show response ondexx.com/wp-includes/js/jquery/	87 KB 31 KB	177ms 175ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 10 Mar 2021 15:07:24 GMT server nginx etag W/"6048e0ac-15db1" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ Show response ondexx.com/_static/	245 KB 56 KB	188ms 187ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/_static/??-eJylktFOwzAMRX8It5rQNu0B8Qv8AUqTu84jcULs0vXv6QYSTwOVSpH8kHuOHcVjIRYfhwBtz/N5H1Cn70KJ++oMTWJpzvowFvJZDGJtiUPPoq2PcGIuvpEWl6jUbPB2NbnSeaMydJE90XEQb5xFV7v+Jfi5STm4uM7xiouhymoNy58apA6BvIuQECdSf0IYIkvfOlXY7ctGDj3snuADFWpknDBzuAKs2XLBAuJrHZruopED6pJeyfXQmF1A+O2d95uWCrPp5TTPvAAe87ggDaNjveXCTD2np81uu90fHg/7zSdEHTJk Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash ff9095f79323b3e30db4eaec79e04df901e4a037656734012ef81dba374ae7ba Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 21 Jun 2022 06:46:11 GMT server nginx x-page-optimize uncached etag W/"e76826a4ee51aba75402b307c6a197ec" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams host-header WordPress.com
GET H2	200	js Show response www.googletagmanager.com/gtag/	101 KB 39 KB	136ms 51ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-157050359-1 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2039e58d630ed59ae0780ccdb681c98b8472ca0a25e5dd189c39ad9646f877a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:46 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39790 x-xss-protection 0 last-modified Fri, 24 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Jun 2022 14:02:46 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	108 KB 43 KB	3759ms 3758ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 40d534030db56fcea1978117b4cd9adfa513fc30524b6867e3cd79d38c121e0b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:50 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43453 x-xss-protection 0 last-modified Fri, 24 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Jun 2022 14:02:50 GMT
GET H2	200	plugins.js Show response ondexx.com/wp-content/themes/Ondexx/js/	662 B 411 B	333ms 332ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/plugins.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 03d0fd5f4159ebcdef4f514d6532f163276b8493482423efdbb5a5187d05ef59 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:57 GMT server nginx etag W/"5f6ed60d-296" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams expires Fri, 01 Jul 2022 14:02:46 GMT
GET H2	200	main.js Show response ondexx.com/wp-content/themes/Ondexx/js/	118 B 193 B	171ms 170ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/main.js?v=1656079366 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 92a1f8ab048c0e20c473f136314fc89e84eae12ff130de142d0d44f408625345 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:46 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:42 GMT server nginx etag "5f6ed5fe-76" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 118 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	404ms 38ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 3478 date Fri, 24 Jun 2022 13:04:49 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 24 Jun 2022 15:04:49 GMT
GET H2	200	bilmur.min.js Show response s0.wp.com/wp-content/js/	6 KB 2 KB	346ms 6ms	Script application/javascript	192.0.77.32 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://s0.wp.com/wp-content/js/bilmur.min.js?m=202225 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9e038ad8d6f4e0982fc74aa17e251982a487d9e7326ab37ae739d146236593b3 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-nc HIT hhn 2 date Fri, 24 Jun 2022 14:02:47 GMT content-encoding br server nginx etag W/"6246db7c-16da" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 x-ac 2.hhn _dfw timing-allow-origin * expires Tue, 20 Jun 2023 00:00:01 GMT
GET H2	200	e-202225.js Show response stats.wp.com/	9 KB 3 KB	331ms 7ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202225.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-nc HIT hhn date Fri, 24 Jun 2022 14:02:47 GMT content-encoding br server nginx etag W/"6197c5cf-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Sun, 11 Jun 2023 21:41:47 GMT
GET H2	200	pro-v4-shims.min.js Show response ka-p.fontawesome.com/releases/v5.15.4/js/	14 KB 4 KB	64ms 54ms	Fetch application/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=f69857688e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f69857688e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag "610ae215-1003" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 720600c84842927f-FRA content-length 4099
GET H2	200	pro.min.js Show response ka-p.fontawesome.com/releases/v5.15.4/js/	40 KB 14 KB	53ms 43ms	Fetch application/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=f69857688e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f69857688e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:46 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag "610ae215-37b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 720600c8483c927f-FRA content-length 14264
GET H2	200	wp-emoji-release.min.js Show response ondexx.com/wp-includes/js/	18 KB 5 KB	173ms 172ms	Script application/javascript	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 12 Apr 2022 05:56:23 GMT server nginx etag W/"62551487-48b9" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	81 KB 32 KB	50ms 49ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N4GX5F3 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0a92870dcc8b74ff03b2b71b1f02b9d0e46118c0eeb3d9db1dfea7e4b887a570 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32577 x-xss-protection 0 last-modified Fri, 24 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Jun 2022 14:02:47 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	81 KB 32 KB	55ms 55ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N79F75T Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d886b6fd1c309d4362df6746944a97fbef4674278071702ffa86578b4b72312 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32586 x-xss-protection 0 last-modified Fri, 24 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Jun 2022 14:02:47 GMT
GET H/1.1	200 OK	564404923 Show response player.vimeo.com/video/ Frame CC83	17 KB 9 KB	1094ms 1030ms	Document text/html	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/564404923?color=e31f26 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56a0780cf4957a68e86fc45900d22ab4b2a9004e1c50f30c8f978e6a6f81cbf6 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ondexx.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 720600cf9846902a-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 24 Jun 2022 14:02:47 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-hhn4030-HHN X-Timer S1656079368.632972,VS0,VE248 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* expires Fri, 15 Dec 1985 19:30:00 GMT link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy10 x-bapp-server player-v110-5nxjz x-content-type-options nosniff x-host player-v110-5nxjz x-varnish-cache 0 x-vserver playproxy-prod-varnish-9 x-xss-protection 1; mode=block
GET H/1.1	200 OK	410832094 Show response player.vimeo.com/video/ Frame E0CB	16 KB 9 KB	358ms 294ms	Document text/html	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/410832094?color=e31f26 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 465c79ac89e593a25e2b6a40843bbba860ffefbb62187ffb77f41fc6f27a8e44 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ondexx.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 720600cf98209b34-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 24 Jun 2022 14:02:47 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-fra19149-FRA X-Timer S1656079368.633764,VS0,VE255 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://* expires Fri, 15 Dec 1985 19:30:00 GMT link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy6 x-bapp-server player-v110-mzdb2 x-content-type-options nosniff x-host player-v110-mzdb2 x-varnish-cache 0 x-vserver playproxy-prod-varnish-5 x-xss-protection 1; mode=block
GET H3	200	js Show response www.googletagmanager.com/gtag/	108 KB 42 KB	74ms 73ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-157050359-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 05085951573902a86e3d49dd985678c7c89aa04a9c125ad86e825f7ed9ed747b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43461 x-xss-protection 0 last-modified Fri, 24 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Jun 2022 14:02:47 GMT
GET H2	200	Ondex_Horizontal.svg ondexx.com/wp-content/themes/Ondexx/images/	5 KB 2 KB	171ms 170ms	Image image/svg+xml	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/Ondex_Horizontal.svg Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1656079366 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9c1a15bed2e7bcd5a535fb0fe69ef2b0be90da9a3f2e1218dbb52c0ae27bec2f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1656079366 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:43 GMT server nginx etag W/"5f6ed5ff-134e" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg ondexx.com/wp-content/uploads/2021/06/	363 KB 363 KB	243ms 242ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 919acbbc8643239878739433a76b5f767a96cc6e62063cb9f1ea262e259d730d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 15 Jun 2021 06:50:08 GMT server nginx etag "60c84da0-5aab7" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 371383 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	Screenshot-2021-07-13-222711.png ondexx.com/wp-content/uploads/2021/08/	1000 KB 1001 KB	234ms 234ms	Image image/png	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/08/Screenshot-2021-07-13-222711.png Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e80163c34bbbf05c2809d6058bb838ce44f88d89ceb4978683ccf39de59838ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 03 Aug 2021 17:52:48 GMT server nginx etag "61098270-f9e04" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 1023492 expires Fri, 01 Jul 2022 14:02:47 GMT
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e8da020dda5f6255fa92b7991ad7ccf5b9ed5b9fd9708fd874848eca81d6b3ab Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	605 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56b98b83138a32bc18b90afb94b16f4d8dd32c24cc06b0e5caad09c862ad8e2b Request headers Referer Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Screenshot-2021-03-08-234416.png ondexx.com/wp-content/uploads/2021/03/	216 KB 217 KB	225ms 225ms	Image image/png	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/03/Screenshot-2021-03-08-234416.png Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 908400519fa42964c72b4182456acf7e4e1c3126466b3d1c247d401b04b24513 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 09 Mar 2021 04:45:26 GMT server nginx etag "6046fd66-3617a" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 221562 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	dictionary-success-magnified-PXJEDEE.jpg ondexx.com/wp-content/uploads/2021/06/	5 MB 5 MB	187ms 185ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/dictionary-success-magnified-PXJEDEE.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f63c397b823a0c16ff12c425b6b33ba288c1a7656ba9c68d019a01bcf54c2446 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 19 Jun 2021 00:07:40 GMT server nginx etag "60cd354c-500cd9" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 5246169 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg ondexx.com/wp-content/uploads/2020/06/	246 KB 246 KB	353ms 352ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2020/06/portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a59d5f74dc3410d33c91f7bf20c78bfde2fdb6c8e490d16d9289f218fce05737 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 06:18:28 GMT server nginx etag "5f6edd34-3d872" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 252018 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	high-five-27SLYDW.jpg ondexx.com/wp-content/uploads/2021/06/	23 MB 23 MB	175ms 173ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/high-five-27SLYDW.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 14293a71a55ed97de24a979f463b49744fa1d25e2a459b9c5330024c6825a67c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 15 Jun 2021 07:12:09 GMT server nginx etag "60c852c9-1730fe6" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 24317926 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	vintage-red-clock.jpg ondexx.com/wp-content/uploads/2020/04/	164 KB 165 KB	179ms 178ms	Image image/jpeg	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2020/04/vintage-red-clock.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 63bdeac35cbb3b234612fcbb6a3983ee916ad155f58f489397ddb3843d1a4f95 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 06:11:00 GMT server nginx etag "5f6edb74-291c8" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 168392 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	rwo-power.png ondexx.com/wp-content/themes/Ondexx/images/	8 KB 8 KB	327ms 325ms	Image image/png	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/rwo-power.png Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1656079366 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0ca853d2acc14c2fb7c88c0a9d87502691b0a12aba40532d074178a0ff754c68 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1656079366 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:50 GMT server nginx etag "5f6ed606-1f73" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 8051 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	Ondexx_master_White_buyline.svg ondexx.com/wp-content/themes/Ondexx/images/	11 KB 3 KB	176ms 175ms	Image image/svg+xml	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/Ondexx_master_White_buyline.svg Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1656079366 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 87332c922795402d5a79ca50a97c78da9c072ba141ccc38e6e734b5d1b0e5537 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1656079366 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:48:16 GMT server nginx etag W/"5f6ed620-2ca3" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	357ms 40ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 21 Jun 2022 17:07:14 GMT x-content-type-options nosniff age 248133 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 Jun 2023 17:07:14 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	392ms 75ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 21 Jun 2022 17:07:14 GMT x-content-type-options nosniff age 248133 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 Jun 2023 17:07:14 GMT
GET H2	404	fa-solid-900.woff2 ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	487ms 487ms	Font text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff2 Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyV0UFywyAMBdALFTN1m3bV6RV6BQw/jhyBXSTH5fbF8cZdZKbeIfgPDWKZDCXPc4BYL2IDidqOR381TF12uVjRwmgipaYGnpYdGMRGBHJgRCT9U0zsCrJh9M6Xf+l6tq/3xo9J18jEc09JLGKHYLxjpMDFiL8gzEypt04Euj1lodBDH15xQ4aoUYqoEnfiEkWnOGSG7xm5NN2PMAXkQ3bKUC1fl1HHQ+5cQ26BjBHGMR+yWL8kqaGalmNSzTnfg+Goq5tTbUe3h7MdoJPz122k23qNfsaP57fTqW3fX1/aXxlTBrc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyV0UFywyAMBdALFTN1m3bV6RV6BQw/jhyBXSTH5fbF8cZdZKbeIfgPDWKZDCXPc4BYL2IDidqOR381TF12uVjRwmgipaYGnpYdGMRGBHJgRCT9U0zsCrJh9M6Xf+l6tq/3xo9J18jEc09JLGKHYLxjpMDFiL8gzEypt04Euj1lodBDH15xQ4aoUYqoEnfiEkWnOGSG7xm5NN2PMAXkQ3bKUC1fl1HHQ+5cQ26BjBHGMR+yWL8kqaGalmNSzTnfg+Goq5tTbUe3h7MdoJPz122k23qNfsaP57fTqW3fX1/aXxlTBrc= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Fri, 24 Jun 2022 14:02:47 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	7063729.js Show response js.hs-analytics.net/analytics/1656079500000/	62 KB 20 KB	288ms 27ms	Script text/javascript	2606:4700::6811:45b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1656079500000/7063729.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01f33abe59fd963b523bd92871c4a5809138b1934312afe84eee9db97a7b7f5e Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding br cf-cache-status HIT age 1 x-amz-server-side-encryption AES256 x-amz-request-id 7H31RKB5X41R241Y x-amz-id-2 eLL2Qp3mPc4zyGl5g3TUCCYmzBU8iYJSGGEMTusL5y0gU3sWF3dCDGjR16j/81bka/PtvRn2eTo= last-modified Tue, 14 Jun 2022 15:41:41 GMT server cloudflare etag W/"e2ca4a41b83cb2d74feaa3dbe3fd7a3c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=300, public access-control-allow-credentials false x-amz-version-id null cf-ray 720600cf3dfa9a17-FRA expires Fri, 24 Jun 2022 14:07:46 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	191ms 101ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-480613323&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15000 x-xss-protection 0 server cafe etag 15252473734373555178 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 24 Jun 2022 14:02:47 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	13ms 7ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A11.1-a.5&blog=172565319&post=3076&tz=-4&srv=ondexx.com&hp=atomic&ac=2&amp=0&host=ondexx.com&ref=&fcp=1728&rand=0.11811451574178644 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin * date Fri, 24 Jun 2022 14:02:47 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H2	200	play-circle.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	607 B 459 B	48ms 44ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/play-circle.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1427373d63486672985cc1a4c61d7dfe81f4ec37919b6064ad202670b1001af6 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:47 GMT server cloudflare etag W/"610ae23b-25f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 720600cfeeaa927f-FRA
GET H2	200	phone-volume.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	1 KB 646 B	58ms 55ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/phone-volume.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fbcb0906cf302e36acad1d89ad92b8d2e6f36db432c3bca8cfcb51610d4c2a5 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:47 GMT server cloudflare etag W/"610ae23b-4a1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 720600cfeeac927f-FRA
GET H2	200	at.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/	1 KB 728 B	48ms 45ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/at.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dc312dd10b9367e654099cd966f54c2405a64bc47f740b30a0fb2219809e445 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:57:01 GMT server cloudflare etag W/"610ae2fd-45a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 720600cfeead927f-FRA
GET H2	200	calendar-edit.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	1 KB 645 B	48ms 46ms	Fetch image/svg+xml	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/calendar-edit.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d0973c3031fef0c0b53d5fb0bc68e91c7f1d82c353235e6852b08618a57522b Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 04 Aug 2021 18:53:30 GMT server cloudflare etag W/"610ae22a-520" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 720600cfeeaf927f-FRA
GET H2	200	ajax-loader.gif ondexx.com/wp-content/themes/Ondexx/js/slick/	4 KB 4 KB	191ms 191ms	Image image/gif	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/ajax-loader.gif Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:48:02 GMT server nginx etag "5f6ed612-1052" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/gif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 4178 expires Fri, 01 Jul 2022 14:02:47 GMT
GET H2	200	slick.woff ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/	1 KB 1 KB	187ms 186ms	Font application/font-woff	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/slick.woff Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:47 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:54 GMT server nginx etag "5f6ed60a-564" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 1380 expires Fri, 01 Jul 2022 14:02:47 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	129ms 48ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=72174317&t=pageview&_s=1&dl=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&ul=en-us&de=UTF-8&dt=Hero-Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=373497950&gjid=2130874329&cid=1168143234.1656079368&tid=UA-XXXXX-Y&_gid=928706936.1656079368&_r=1&z=1580470221 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 24 Jun 2022 14:02:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ondexx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	fa-solid-900.woff ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	757ms 755ms	Font text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyV0UFywyAMBdALFTN1m3bV6RV6BQw/jhyBXSTH5fbF8cZdZKbeIfgPDWKZDCXPc4BYL2IDidqOR381TF12uVjRwmgipaYGnpYdGMRGBHJgRCT9U0zsCrJh9M6Xf+l6tq/3xo9J18jEc09JLGKHYLxjpMDFiL8gzEypt04Euj1lodBDH15xQ4aoUYqoEnfiEkWnOGSG7xm5NN2PMAXkQ3bKUC1fl1HHQ+5cQ26BjBHGMR+yWL8kqaGalmNSzTnfg+Goq5tTbUe3h7MdoJPz122k23qNfsaP57fTqW3fX1/aXxlTBrc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyV0UFywyAMBdALFTN1m3bV6RV6BQw/jhyBXSTH5fbF8cZdZKbeIfgPDWKZDCXPc4BYL2IDidqOR381TF12uVjRwmgipaYGnpYdGMRGBHJgRCT9U0zsCrJh9M6Xf+l6tq/3xo9J18jEc09JLGKHYLxjpMDFiL8gzEypt04Euj1lodBDH15xQ4aoUYqoEnfiEkWnOGSG7xm5NN2PMAXkQ3bKUC1fl1HHQ+5cQ26BjBHGMR+yWL8kqaGalmNSzTnfg+Goq5tTbUe3h7MdoJPz122k23qNfsaP57fTqW3fX1/aXxlTBrc= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Fri, 24 Jun 2022 14:02:48 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/	2 KB 2 KB	154ms 63ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1656079367808&cv=9&fst=1656079367808&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&tiba=Hero-Campaign&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 25f3e96564935888096ae03668fe735a749666a01b74ac69bdb9c94769985daa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 24 Jun 2022 14:02:47 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1079 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d.jpg i.vimeocdn.com/video/ Frame E0CB	1 KB 2 KB	77ms 11ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5c8efb76f3ee2b86931c4f8a0ce0c015e602100f5b99371deb9c7a108caf97b5 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 185308 x-viewmaster-lossless-format lossy x-cache miss, MISS, HIT x-backend-server varnish content-length 1495 viewmaster-server viewmaster-us-central1-lkc4 x-served-by cache-dfw18669-DFW, cache-fra19138-FRA x-timer S1656079368.243060,VS0,VE0 etag da95d4c1f147a8aecbd47dad54f33c6d access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 0, 3
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/4.5.1/js/ Frame E0CB	873 KB 205 KB	85ms 29ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7a8cec03e0c889237cb8992df02980be88cf33d0e43a7f5c9264191655be2f59 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 varnish, 1.1 varnish age 154274 x-served-by cache-iad-kcgs7200143-IAD, cache-fra19177-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1656079368.253582,VS0,VE0 content-length 209716 x-cache-hits 1, 8760
GET H2	200	player.css f.vimeocdn.com/p/4.5.1/css/ Frame E0CB	219 KB 21 KB	84ms 29ms	Stylesheet text/css	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.5.1/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 59e387ad48941617c929dada1dafcf3e2087cf7fb619c6a8d2068e193132878a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 varnish, 1.1 varnish age 154274 x-served-by cache-iad-kjyo7100047-IAD, cache-fra19177-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1656079368.253568,VS0,VE0 content-length 21125 x-cache-hits 1, 76936
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame E0CB	2 KB 1 KB	352ms 298ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 varnish, 1.1 varnish age 65687 x-timer S1656079368.486364,VS0,VE0 x-served-by cache-iad-kcgs7200023-IAD, cache-fra19177-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 997 x-cache-hits 1, 23739
GET H2	200	/ www.google.com/pagead/1p-user-list/480613323/	42 B 548 B	180ms 70ms	Image image/gif	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/480613323/?random=1656079367808&cv=9&fst=1656079200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=1259737189&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 24 Jun 2022 14:02:48 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/480613323/	42 B 548 B	172ms 63ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/480613323/?random=1656079367808&cv=9&fst=1656079200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=1259737189&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr1&utm_content=text-link1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 24 Jun 2022 14:02:48 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	441516.png i.vimeocdn.com/player/ Frame E0CB	2 KB 2 KB	15ms 14ms	Image image/png	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/player/441516.png?mw=100&mh=100 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ea87e8ba6aa7c23610322ef8f6c629570aeb35c190465dd38735e8853459b2ac Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 1382365 x-viewmaster-lossless-format lossless x-cache miss, HIT, HIT x-backend-server varnish content-length 2123 viewmaster-server viewmaster-us-central1-59l3 x-served-by cache-dfw18625-DFW, cache-fra19138-FRA x-timer S1656079368.402631,VS0,VE1 etag 76b0963a70b6616c2fbe89fb95910c2f access-control-max-age 86400 content-type image/png access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
POST H2	200	player-test-impression fresnel.vimeocdn.com/add/ Frame E0CB	0 40 B	192ms 129ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d i.vimeocdn.com/video/ Frame E0CB	72 KB 72 KB	7ms 7ms	Image image/avif	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7ff317e15400cb002f7fda77e9a21e2e9a4b9021aa604690c1b4475bc4ac10ce Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 747569 x-viewmaster-lossless-format automatic x-cache miss, HIT, HIT access-control-max-age 86400 x-backend-server varnish content-length 73455 viewmaster-server viewmaster-us-central1-3f97 x-served-by cache-dfw18683-DFW, cache-fra19138-FRA x-timer S1656079368.418582,VS0,VE1 etag ade9f8b1cc4d755e7e91967fb7e35dbc vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame E0CB	0 142 B	182ms 128ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=a1ae5d3d079265d85aae3480e563c01d5e767d261656079367 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	sentry.js Show response f.vimeocdn.com/p/4.5.1/js/module/ Frame E0CB	70 KB 18 KB	93ms 93ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.5.1/js/module/sentry.js Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3c20a28d0eb153dec4dc5bfbce87e3ae01556020557be47fd970d7d7df77519 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 varnish, 1.1 varnish age 154274 x-served-by cache-iad-kjyo7100176-IAD, cache-fra19177-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1656079369.518364,VS0,VE0 content-length 18765 x-cache-hits 1, 9007
GET H2	200	38866357_60x60.jpg i.vimeocdn.com/portrait/ Frame E0CB	2 KB 2 KB	28ms 27ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/portrait/38866357_60x60.jpg Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c76df176e902e72c31b191cb8aab908e57e469cd78dddd34905ea96070cd5a49 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2588157 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1923 viewmaster-server viewmaster-us-central1-z9fm x-served-by cache-dfw18654-DFW, cache-fra19138-FRA x-timer S1656079368.475318,VS0,VE1 etag 2469d76f6c89f333cda421c3ae39d20f access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	404	fa-solid-900.ttf ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	1228ms 1228ms	Font text/html	192.0.78.144 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.ttf Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyV0UFywyAMBdALFTN1m3bV6RV6BQw/jhyBXSTH5fbF8cZdZKbeIfgPDWKZDCXPc4BYL2IDidqOR381TF12uVjRwmgipaYGnpYdGMRGBHJgRCT9U0zsCrJh9M6Xf+l6tq/3xo9J18jEc09JLGKHYLxjpMDFiL8gzEypt04Euj1lodBDH15xQ4aoUYqoEnfiEkWnOGSG7xm5NN2PMAXkQ3bKUC1fl1HHQ+5cQ26BjBHGMR+yWL8kqaGalmNSzTnfg+Goq5tTbUe3h7MdoJPz122k23qNfsaP57fTqW3fX1/aXxlTBrc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyV0UFywyAMBdALFTN1m3bV6RV6BQw/jhyBXSTH5fbF8cZdZKbeIfgPDWKZDCXPc4BYL2IDidqOR381TF12uVjRwmgipaYGnpYdGMRGBHJgRCT9U0zsCrJh9M6Xf+l6tq/3xo9J18jEc09JLGKHYLxjpMDFiL8gzEypt04Euj1lodBDH15xQ4aoUYqoEnfiEkWnOGSG7xm5NN2PMAXkQ3bKUC1fl1HHQ+5cQ26BjBHGMR+yWL8kqaGalmNSzTnfg+Goq5tTbUe3h7MdoJPz122k23qNfsaP57fTqW3fX1/aXxlTBrc= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Fri, 24 Jun 2022 14:02:49 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
POST H/1.1	204 No Content	vuid vimeo.com/ablincoln/ Frame E0CB	0 989 B	195ms 164ms	Ping text/plain	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/ablincoln/vuid?pid=a1ae5d3d079265d85aae3480e563c01d5e767d261656079367 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Fri, 24 Jun 2022 14:02:48 GMT Via 1.1 varnish, 1.1 varnish x-content-type-options nosniff CF-Cache-Status DYNAMIC content-security-policy-report-only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS Connection keep-alive Vary User-Agent x-xss-protection 1; mode=block X-Served-By cache-iad-kjyo7100112-IAD, cache-hhn4077-HHN x-vimeo-device d Server cloudflare X-Timer S1656079369.590400,VS0,VE131 x-frame-options sameorigin x-backend-proxy webproxy5 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload expires Fri, 24 Jun 2022 02:02:48 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server pweb-v1688-5njk7 x-ua-compatible IE=edge Accept-Ranges bytes CF-RAY 720600d59d238fce-FRA X-Cache-Hits 0, 0
GET H2	200	1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d.jpg i.vimeocdn.com/video/ Frame CC83	1 KB 1 KB	9ms 8ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d04e732e137cc1b650a13c59ccd15af244c322827084b040835d3fdc4f3ad362 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2062744 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1183 viewmaster-server viewmaster-us-central1-8v4c x-served-by cache-dfw18631-DFW, cache-fra19138-FRA x-timer S1656079369.665627,VS0,VE1 etag 4924f46843f2b4e7d32d1881ed59895c access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/4.5.1/js/ Frame CC83	873 KB 205 KB	9ms 8ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7a8cec03e0c889237cb8992df02980be88cf33d0e43a7f5c9264191655be2f59 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 varnish, 1.1 varnish age 154274 x-served-by cache-iad-kcgs7200143-IAD, cache-fra19177-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1656079369.678167,VS0,VE0 content-length 209716 x-cache-hits 1, 8761
GET H2	200	player.css f.vimeocdn.com/p/4.5.1/css/ Frame CC83	219 KB 21 KB	7ms 7ms	Stylesheet text/css	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.5.1/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 59e387ad48941617c929dada1dafcf3e2087cf7fb619c6a8d2068e193132878a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 varnish, 1.1 varnish age 154275 x-served-by cache-iad-kjyo7100047-IAD, cache-fra19177-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1656079369.678332,VS0,VE0 content-length 21125 x-cache-hits 1, 76937
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame CC83	2 KB 1 KB	35ms 35ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 varnish, 1.1 varnish age 65687 x-timer S1656079369.683770,VS0,VE0 x-served-by cache-iad-kcgs7200023-IAD, cache-fra19177-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 997 x-cache-hits 1, 23740
POST H3	200	player-test-impression fresnel.vimeocdn.com/add/ Frame CC83	0 11 B	191ms 130ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d i.vimeocdn.com/video/ Frame CC83	24 KB 25 KB	8ms 8ms	Image image/avif	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0402a5997fbbbc6c47f9058c2be569b580f1269c7a327776ec15df2239ea2861 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 261069 x-viewmaster-lossless-format automatic x-cache miss, HIT, HIT access-control-max-age 86400 x-backend-server varnish content-length 24964 viewmaster-server viewmaster-us-central1-kgw6 x-served-by cache-dfw18622-DFW, cache-fra19138-FRA x-timer S1656079369.750174,VS0,VE1 etag a5db37c2246b9d8da430fd2d6565854c vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
POST H3	200	player-stats fresnel.vimeocdn.com/add/ Frame CC83	0 11 B	187ms 129ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0f92df3d68175f107af056f81f54b9ceb63066e51656079367 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 24 Jun 2022 14:02:48 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	38866357_60x60.jpg i.vimeocdn.com/portrait/ Frame CC83	2 KB 2 KB	10ms 10ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/portrait/38866357_60x60.jpg Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.5.1/js/player.de-DE.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c76df176e902e72c31b191cb8aab908e57e469cd78dddd34905ea96070cd5a49 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:48 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2588157 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1923 viewmaster-server viewmaster-us-central1-z9fm x-served-by cache-dfw18654-DFW, cache-fra19138-FRA x-timer S1656079369.766201,VS0,VE0 etag 2469d76f6c89f333cda421c3ae39d20f access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	7063729.js Show response js-na1.hs-scripts.com/	2 KB 967 B	197ms 161ms	Script application/javascript	2606:4700::6811:d2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/7063729.js Requested by Host: js.hs-analytics.net URL: https://js.hs-analytics.net/analytics/1656079500000/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f29f4b03975bd582a5e0bc45e3916dd4814b2e4c2cfe0ab9f89b83444707e29 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:50 GMT content-encoding br cf-cache-status MISS last-modified Fri, 24 Jun 2022 14:02:50 GMT server cloudflare x-hubspot-correlation-id f0f651ad-8ba9-4bb0-b742-f1c93ffe61bc x-trace 2BC7A15126CD87B60EDD162567B17E27EEBDD5157A000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://ondexx.com access-control-max-age 3600 cache-control public, max-age=30 access-control-allow-credentials true cf-ray 720600e29ef6995d-FRA
GET H2	200	__ptq.gif track.hubspot.com/	45 B 966 B	181ms 144ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=7063729&rcu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F&pu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&t=Hero-Campaign&cts=1656079370610&vi=6714314c22cf41c7d67141e3a426c174&nc=true&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:50 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id cb7816b5-2684-4b7f-ac7b-98c9ee22a26d cf-ray 720600e298b9699b-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBVgDnye9aA57WQFUMMLxp%2F%2BDUqONSmeHjFS4dVAKLxbxWG34U9nrYcdlO9Y%2BhW2K2Y031FdLHFs4TM8uz%2Fo21VcETfaB8%2BIBvFVnV3WlYd1%2Fbl1l50R7TWO3Z8i6PPydKgkml%2F4MBnnqmsq5cxL"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	72 KB 25 KB	61ms 27ms	Script application/javascript	2606:4700::6811:83ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5 Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:50 GMT via 1.1 349b149961d8d2361c29d4be4b5847f2.cloudfront.net (CloudFront) vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method cf-cache-status HIT age 1 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=720600d868685c20-IAD x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-encoding br cf-ray 720600e3c9836940-FRA last-modified Thu, 19 May 2022 12:56:36 UTC server cloudflare etag W/"9bdc82a581dc188ff306ce5ac3c3e170" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c access-control-allow-origin * cache-control s-maxage=86400, max-age=0 x-hs-cache-status MISS x-amz-cf-pop IAD89-P1 content-type application/javascript; charset=utf-8 x-amz-cf-id PvHIXBoHEINJ26UrVAbVaM2p7k9W_zBM-k6lS6_EKkykGB8-vu9Qmw== x-hs-target-asset collected-forms-embed-js/static-1.278/bundles/project.js
GET H2	200	fb.js Show response js.hsadspixel.net/	5 KB 3 KB	49ms 16ms	Script application/javascript	2606:4700::6811:74b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67bde44785ec5cd4a52b80ea9f11e1e0c3ba5341f57000e55e1003705f231cd2 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:50 GMT via 1.1 066fc17b108820c747336d8f45e8ea54.cloudfront.net (CloudFront) cf-cache-status HIT age 52 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.283/bundles/pixels-release.js&cfRay=7205ff9a298092c5-IAD x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br last-modified Thu, 23 Jun 2022 03:19:05 UTC server cloudflare etag W/"6cb7b14623fc6fff69528b7c98e33bcc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id wsSp05Vslq9sKHmIlNZGOnuq9CMghpzX cache-control max-age=600 x-hs-cache-status HIT x-amz-cf-pop IAD89-P1 cf-ray 720600e3cc4f922b-FRA x-amz-cf-id ip305gdYI0iwuXhBv7cybCGHswZAKxUWWm5HtP-uPrjpsv3px2NUqA== x-hs-target-asset adsscriptloaderstatic/static-1.283/bundles/pixels-release.js
GET H2	200	7063729.js Show response js.hs-banner.com/	59 KB 16 KB	527ms 494ms	Script text/javascript	2606:4700:4400::6812:21ab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/7063729.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a2afdfbb9db3fbde63748d14f91dbab0cccfc2d2cc0b3a2e7ba0502b77990be Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:51 GMT content-encoding br cf-cache-status MISS x-amz-request-id AVWW8YCXZW45G7ZX x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-id-2 DRiWz+sG0THpAUZjGZr+UklZHvNPbBIvHLJIbM9f1Jc3/nLnDJl8VRBKtoAXC1e+rPf21YtsvT0= timing-allow-origin * last-modified Fri, 27 May 2022 16:41:53 GMT server cloudflare etag W/"fe049375319f389c185ddd3cd86d8c98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id jsg2hgF8aKjQDXGdnSGGFxLDS3SEAGLS access-control-allow-origin https://ondexx.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 720600e3cf4ebc03-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Fri, 24 Jun 2022 14:07:51 GMT
GET H2	200	json Show response forms.hubspot.com/collected-forms/v1/config/	115 B 1 KB	151ms 131ms	XHR application/json	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7063729&utk=6714314c22cf41c7d67141e3a426c174 Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b840b22a40dde046cd42876a5f9477b01cade9c7c19b791d5eef75a702f5b24c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:51 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id f671bdeb-be5d-4342-8f9a-bdc3fd6bb5ed access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bWobz0jyfmRhsCfnvtC%2F2gvZYhpsSp%2FCbLWxEDgukO034PejYFVgEuZ2IUid1YJntNNK9qx3PeDNoXzC6FJLaJ6wshKWRC2kPGa0ZDlOE2f%2BfvSpQPqs9LceMb6HNWjKPPDhhZvH%2FlqHm3XXDoP"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://ondexx.com x-robots-tag none access-control-allow-credentials false cf-ray 720600e448185c02-FRA access-control-allow-headers *
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixel/	132 B 920 B	214ms 168ms	XHR application/json	2606:4700::6811:c9cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7063729 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f66ee1414f2b6711e5ce530849b42196e752ab6a93cf2193d422b289567625c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:51 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 5269d35a-5f37-47f6-93e9-a2bc5960a6ef access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-trace 2BD2987FE1F37B858F3F70E193820D94D61AA61CC9000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cn1711N9P9qG4EpwE0WClevBmjAw1U3Ibw2wzKMyrBhv48jwsnoaYVVyLq0%2Bq1yhyQDujB1vO1hdPXl7sBM4%2FQgPuHABmztbENhh8DGd1AP3NShnmXVy2QP59HesJLD4XM%2F5eSi53puuHC7U"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://ondexx.com access-control-allow-credentials false cf-ray 720600e73e4e9180-FRA access-control-allow-headers *
GET H3	200	js Show response www.googletagmanager.com/gtag/	108 KB 42 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f686e3d87c50f1471d42f4151182c8eafcef2136836e3cc9ceac4bca64847ed4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:51 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43445 x-xss-protection 0 last-modified Fri, 24 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Jun 2022 14:02:51 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/	2 KB 1 KB	134ms 55ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1656079371563&cv=9&fst=1656079371563&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&tiba=Hero-Campaign&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bb9c0983cc56d29c1d96611a7e053746b79fa95b8e5ba8895d804fe702437058 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 24 Jun 2022 14:02:51 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1080 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	54ms 8ms	Script application/x-javascript	2a02:26f0:f7::5c7b:e019 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f7::5c7b:e019 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers X-EdgeConnect-Origin-MEX-Latency 662 Date Fri, 24 Jun 2022 14:02:51 GMT Content-Encoding gzip Last-Modified Wed, 13 Apr 2022 23:25:22 GMT X-CDN AKAM X-EdgeConnect-MidMile-RTT 0 Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=66933 Connection keep-alive Accept-Ranges bytes Content-Length 3085
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1656079371621%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-ca... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail...	0 264 B	179ms 154ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1&liSync=true&e_ipv6=AQKrFIJMZnfASgAAAYGWBc7r2Z66enpYZRSsOZZ6D4SPpOS01DXevew_3JJr8mkJqJoZDnex Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 24 Jun 2022 14:02:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 79755573B1774333BC987EA5BA8EC934 Ref B: FRAEDGE1212 Ref C: 2022-06-24T14:02:52Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXiMgayvCBiaytASCi/cA== x-li-fabric prod-lva1 Redirect headers date Fri, 24 Jun 2022 14:02:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 35DDBBEDB6EA48DDAEC71832EC1AEF29 Ref B: FRAEDGE1410 Ref C: 2022-06-24T14:02:51Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1656079371621&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_content%3Dtext-link1%26utm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1&liSync=true&e_ipv6=AQKrFIJMZnfASgAAAYGWBc7r2Z66enpYZRSsOZZ6D4SPpOS01DXevew_3JJr8mkJqJoZDnex x-li-proto http/2 content-length 0 x-li-uuid AAXiMgawFL2F5SK5TZ8fuQ==
GET H3	200	/ www.google.com/pagead/1p-user-list/480613323/	42 B 64 B	130ms 50ms	Image image/gif	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/480613323/?random=1656079371563&cv=9&fst=1656079200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=2188768880&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 24 Jun 2022 14:02:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/480613323/	42 B 64 B	135ms 54ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/480613323/?random=1656079371563&cv=9&fst=1656079200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr1%26utm_content%3Dtext-link1&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=2188768880&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 24 Jun 2022 14:02:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	boom.gif pixel.wp.com/	0 37 B	7ms 6ms	Image text/plain	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.002&largest_contentful_paint=2519&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=ondexx.com&url_path=%2Fhero-campaign%2F&nt_fetchStart=0&nt_domainLookupStart=1&nt_domainLookupEnd=165&nt_connectStart=165&nt_connectEnd=180&nt_secureConnectionStart=170&nt_requestStart=181&nt_responseStart=675&nt_responseEnd=720&nt_domLoading=677&nt_domInteractive=1720&nt_domContentLoadedEventStart=2071&nt_domContentLoadedEventEnd=2091&nt_domComplete=5027&nt_loadEventStart=5027&nt_loadEventEnd=5038&nt_redirectCount=0&nt_api_level=2&start_render=1728&first_contentful_paint=1728&resource_size=1765046&resource_transferred=512161&js_size=496388&js_transferred=141492&resource_cache_percent=0&js_cache_percent=0&last_resource_end=6666 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin * date Fri, 24 Jun 2022 14:02:54 GMT cache-control no-cache server nginx