urlscan.io logo urlscan.io
SecurityTrails logo

ondexx.com Open in urlscan Pro
192.0.78.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yh...
Effective URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Submission: On April 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 102 HTTP transactions. The main IP is 192.0.78.144, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is ondexx.com.
TLS certificate: Issued by R3 on March 2nd 2023. Valid for: 3 months.
This is the only time ondexx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
25 192.0.78.144 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
5 192.0.77.32 2635 (AUTOMATTIC)
2 162.159.128.61 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 192.0.76.3 2635 (AUTOMATTIC)
12 146.75.122.109 54113 (FASTLY)
7 192.0.77.2 2635 (AUTOMATTIC)
6 2a00:1450:400... 15169 (GOOGLE)
2 34.120.202.204 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.159.138.60 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
102 30
2    2606:4700::6812:5b7 (United States)

ASN13335 (CLOUDFLARENET, US)
t.sidekickopen86.com
25    192.0.78.144 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
ondexx.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
fonts-api.wp.com
s0.wp.com
fonts.wp.com
2    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
7    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
5    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
12    146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
f.vimeocdn.com
i.vimeocdn.com
7    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
6    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
1    2606:4700::6810:8ace (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
vimeo.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)
js-na1.hs-scripts.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    2606:4700::6811:69c7 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6810:76be (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:9000:20eb:800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
25 ondexx.com
ondexx.com
375 KB
15 wp.com
fonts-api.wp.com — Cisco Umbrella Rank: 19678
s0.wp.com — Cisco Umbrella Rank: 7665
stats.wp.com — Cisco Umbrella Rank: 3510
i0.wp.com — Cisco Umbrella Rank: 4167
fonts.wp.com — Cisco Umbrella Rank: 20355
pixel.wp.com — Cisco Umbrella Rank: 2908
23 MB
14 vimeocdn.com
f.vimeocdn.com — Cisco Umbrella Rank: 4332
i.vimeocdn.com — Cisco Umbrella Rank: 4534
fresnel.vimeocdn.com — Cisco Umbrella Rank: 4582
558 KB
7 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2971
ka-p.fontawesome.com — Cisco Umbrella Rank: 5251
25 KB
6 gstatic.com
www.gstatic.com
57 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
284 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
www.linkedin.com — Cisco Umbrella Rank: 779
px4.ads.linkedin.com — Cisco Umbrella Rank: 6554
3 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 3425
733 B
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2930
www.google.com — Cisco Umbrella Rank: 16
876 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
4 KB
3 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2499
vimeo.com — Cisco Umbrella Rank: 2224
19 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 7456
forms.hscollectedforms.net — Cisco Umbrella Rank: 7895
26 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
2 sidekickopen86.com
t.sidekickopen86.com — Cisco Umbrella Rank: 198303
3 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604
377 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1365
5 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 5659
895 B
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 5516
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 3809
64 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 4128
1 KB
1 hs-scripts.com
js-na1.hs-scripts.com — Cisco Umbrella Rank: 14035
901 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 3866
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
855 B
102 23
Domain Requested by
25 ondexx.com t.sidekickopen86.com
ondexx.com
8 f.vimeocdn.com player.vimeo.com
7 i0.wp.com ondexx.com
6 www.gstatic.com f.vimeocdn.com
www.gstatic.com
6 ka-p.fontawesome.com kit.fontawesome.com
t.sidekickopen86.com
5 www.googletagmanager.com ondexx.com
www.googletagmanager.com
js.hsadspixel.net
4 www.google.de ondexx.com
4 i.vimeocdn.com ondexx.com
f.vimeocdn.com
3 www.google.com ondexx.com
2 px.ads.linkedin.com 2 redirects
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pixel.wp.com ondexx.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 fonts.wp.com fonts-api.wp.com
2 s0.wp.com ondexx.com
2 player.vimeo.com ondexx.com
2 t.sidekickopen86.com 1 redirects
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 snap.licdn.com js.hsadspixel.net
1 api.hubapi.com js.hsadspixel.net
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hsadspixel.net js-na1.hs-scripts.com
1 js.hscollectedforms.net js-na1.hs-scripts.com
1 js.hs-banner.com js-na1.hs-scripts.com
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 region1.analytics.google.com www.googletagmanager.com
1 vimeo.com f.vimeocdn.com
1 js.hs-analytics.net ondexx.com
1 stats.wp.com ondexx.com
1 kit.fontawesome.com ondexx.com
1 fonts-api.wp.com ondexx.com
1 fonts.googleapis.com ondexx.com
102 37

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-10 -
2023-06-10		 a year crt.sh
tls.automattic.com
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-18 -
2024-03-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2023-03-21 -
2023-06-20		 3 months crt.sh
vimeo.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Frame ID: AEDB94848C37467B8B233FE07B4EE24E
Requests: 81 HTTP requests in this frame

Frame: https://player.vimeo.com/video/564404923?color=e31f26
Frame ID: A85F91985EC070E5DB12F03769D9FF57
Requests: 11 HTTP requests in this frame

Frame: https://player.vimeo.com/video/410832094?color=e31f26
Frame ID: CEA0D9E11E9D31A38E30D9F1CA821764
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hero-Campaign

Page URL History Show full URLs

  1. https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV... Page URL
  2. https://t.sidekickopen86.com/events/public/v1/encoded/track/tc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YBy... HTTP 307
    https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

102
Requests

99 %
HTTPS

70 %
IPv6

23
Domains

37
Subdomains

30
IPs

4
Countries

24940 kB
Transfer

28909 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04 Page URL
  2. https://t.sidekickopen86.com/events/public/v1/encoded/track/tc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04?_ud=c8b5e53d-69a1-4843-b447-83bddcc3555f&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1682350311546%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-campaign%252F%253Futm_campaign%253Ddr1%2526utm_medium%253Demail%2526utm_content%253Dimage-link%2526utm_source%253Dst-2022%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&liSync=true&e_ipv6=AQJ-co6UWEu7MQAAAYez5IpX-X_KPe-LgA5PmKdKLOjYwupsJHZg-Dyr5Z9kF5O2K5-Ojrnp3NhR5xsSol7URY-8Ahm_7A

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_y...
t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7bcf65265e9b9bd7-FRA
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 24 Apr 2023 15:31:46 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-hubspot-correlation-id
e25e1a68-1c64-469b-8790-2d5d627f23bc
x-robots-tag
none
Primary Request /
ondexx.com/hero-campaign/
Redirect Chain
  • https://t.sidekickopen86.com/events/public/v1/encoded/track/tc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg...
  • https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
62 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Requested by
Host: t.sidekickopen86.com
URL: https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
22c5c51f271e0a0e16e0c11c222341eec59893351a5359244bcb4e9a7c9e5ab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 24 Apr 2023 15:31:47 GMT
host-header
WordPress.com
link
<https://ondexx.com/wp-json/>; rel="https://api.w.org/" <https://ondexx.com/wp-json/wp/v2/pages/3076>; rel="alternate"; type="application/json" <https://ondexx.com/?p=3076>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-ac
5.ams _atomic_ams BYPASS
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7bcf65291b659bd7-FRA
date
Mon, 24 Apr 2023 15:31:46 GMT
link
<https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022>; rel="canonical"
location
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-hubspot-correlation-id
8402c4e5-b327-4d19-959f-9bc7518d2e10
x-robots-tag
none
slick.css
ondexx.com/wp-content/themes/Ondexx/js/slick/ 		2 KB
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.css
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 05:47:59 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"5f6ed60f-6f0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 01 May 2023 15:31:47 GMT
slick-theme.css
ondexx.com/wp-content/themes/Ondexx/js/slick/ 		3 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 05:47:53 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"5f6ed609-c49"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 01 May 2023 15:31:47 GMT
css2
fonts.googleapis.com/ 		2 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e79676652d1863f6e99bba194b19fb5b4ab2897d1052e971df4481a16a55d7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 14:11:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Apr 2023 15:31:47 GMT
style.css
ondexx.com/wp-content/themes/Ondexx/ 		44 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1682350307
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f305605b98771f02238f3f7530a6b1b4d869fe9ef23c5eb9421be86cb68af1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 03 Aug 2021 22:21:47 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"6109c17b-ae26"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
ondexx.com/_static/ 		868 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/_static/??-eJyVkt1OwzAMhV+ILCDExg3iFXgD5Kbe5s35IXZb+va4ZUW7YJN6k8Tx+WzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak/oRaIJyX/bPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O/CU/io4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k+r4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd/j29P29Wn3sn3ePf4AqdVC2w==
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
25a2d24581b1a799247167fbd55f811236d54552b6a776f30af067bb32e9ff8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 17 Apr 2023 18:32:50 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
x-page-optimize
uncached
etag
W/"e614d551839a67c5aa8460875856809b"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
host-header
WordPress.com
dashicons.min.css
ondexx.com/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-includes/css/dashicons.min.css?ver=6.2
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"603ffca6-e688"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts-api.wp.com/ 		79 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts-api.wp.com/css?family=Bitter%7CHind%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COpen+Sans%3A400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C700%2C900%7CMontserrat%7CDroid+Sans%7CRoboto%7CLora%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%7CRubik%7CMerriweather%3A300%2C400%2C700%2C900%7CPoppins%7CRopa+Sans%7CPlayfair+Display%7CRubik%7CSource+Sans+Pro%7CRoboto+Condensed%7CRoboto+Slab%3A300%2C400%2C700%7CAmatic+SC%3A400%2C700%7CQuicksand%7COswald%7CQuicksand%3A400%2C500%2C700%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CFjalla+One&ver=6.2
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2c2da0932200fc898d47f5b7d68525a944e5705a07dc0d1f85d1348b84a6a7f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-xss-protection
0
x-nc
BYPASS ams 1
last-modified
Mon, 24 Apr 2023 15:31:47 GMT
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
564404923
player.vimeo.com/video/ Frame A85F 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/564404923?color=e31f26
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e98c97873ac6b702e2da28c48988a41ed373a22b4938350b51fefbec4f54a6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ondexx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
7bcf652e2b1d39ee-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Apr 2023 15:31:47 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-fra-eddf8230133-FRA
X-Timer
S1682350308.570632,VS0,VE245
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires
Fri, 15 Dec 1985 19:30:00 GMT
link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-6699b89fcb-dhh4g
x-content-type-options
nosniff
x-host
player-backend-6699b89fcb-dhh4g
x-player-backend
g
x-xss-protection
1; mode=block
410832094
player.vimeo.com/video/ Frame CEA0 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/410832094?color=e31f26
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
363772dedfd88a0400b348b98cb8405d0f6ed8d1194057f7860de0de78e0bb09
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ondexx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
7bcf652e2c0a9243-FRA
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Apr 2023 15:31:47 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 google, 1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Content-Type-Options
nosniff
X-Host
player-backend-6699b89fcb-wb5f5
X-Player-Backend
g
X-Served-By
cache-fra-eddf8230111-FRA
X-Timer
S1682350308.563419,VS0,VE189
X-Xss-Protection
1; mode=block
f69857688e.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/f69857688e.js
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52a5ae1a52da07ddf1de6bc56a50608005cefb53d1d4e5e4b494dddba1d0907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://ondexx.com/
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7bcf652e2915bba4-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F1josPWkRz7NWcBbVvIi
jquery-3.4.1.min.js
ondexx.com/wp-content/themes/Ondexx/js/vendor/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/vendor/jquery-3.4.1.min.js
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 05:47:55 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"5f6ed60b-15851"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 01 May 2023 15:31:47 GMT
slick.min.js
ondexx.com/wp-content/themes/Ondexx/js/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.min.js
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 05:48:06 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"5f6ed616-a76f"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 01 May 2023 15:31:47 GMT
videopress-iframe-api.js
s0.wp.com/wp-content/plugins/video/assets/js/videojs/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/plugins/video/assets/js/videojs/videopress-iframe-api.js?ver=202317
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b4fbcbbf07940d1778900ccf5470efe4e5df9c8b43118d93603af1e5b791a25b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
x-ac
4.ams _dfw MISS
server
nginx
etag
W/"643ef209-2300"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 23 Apr 2024 00:00:01 GMT
jquery.min.js
ondexx.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 08 Mar 2023 18:37:33 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"6408d5ed-15ed7"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
ondexx.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-includes/js/jquery/jquery-migrate.min.js?m=1675717155
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 06 Feb 2023 20:59:15 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"63e16a23-3470"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
apbct-public-bundle.min.js
ondexx.com/wp-content/plugins/cleantalk-spam-protect/js/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.8
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3fa5a09d257141106a2523a701f2d7812686f4240c93afc02f7054d13cf32ed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 13 Apr 2023 14:49:07 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"64381663-e73a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
ondexx.com/_static/ 		203 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/_static/??-eJyVztsNwjAQRNGG8EtCiB9EC7QQ8BDW8gvvJibdE1EB/r9HM72qR8mCLKbGZabMBisaWJRQQqQME9gQFykVOvCh/yfCe0Hb9P3DkTzagKQ0zeBYJg+vE+Xx0dogst1e++cB3EsfqCHq2X6d39U1XdzJOmetOx+/BbuByA==
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a11c88618c7be080bd5c931a954b9618d7b7ed0065a069569819edee731fee97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 06:03:04 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
x-page-optimize
uncached
etag
W/"002f00f6b6a429cd859dcf4fb5dcb9cc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
host-header
WordPress.com
js
www.googletagmanager.com/gtag/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-157050359-1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
875aa1ea4554db2adf00a9258866ea9b56085c5f27c2a1d28c1c152d62938c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
61924
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 15:31:47 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-480613323
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d66eeccf08fc6ad55e1fb4cbe5e42ccda98cb890b9549c8487bcefcbb361ce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51682
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 15:31:47 GMT
plugins.js
ondexx.com/wp-content/themes/Ondexx/js/ 		662 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/plugins.js
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
03d0fd5f4159ebcdef4f514d6532f163276b8493482423efdbb5a5187d05ef59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 05:47:57 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"5f6ed60d-296"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 01 May 2023 15:31:47 GMT
main.js
ondexx.com/wp-content/themes/Ondexx/js/ 		118 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/main.js?v=1682350307
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
92a1f8ab048c0e20c473f136314fc89e84eae12ff130de142d0d44f408625345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
x-ac
5.ams _atomic_ams BYPASS
last-modified
Sat, 26 Sep 2020 05:47:42 GMT
server
nginx
etag
"5f6ed5fe-76"
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
118
expires
Thu, 31 Dec 2037 23:55:55 GMT
bilmur.min.js
s0.wp.com/wp-content/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/bilmur.min.js?m=202317
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
x-ac
4.ams _dfw MISS
server
nginx
etag
W/"63bbf1d2-1a69"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Tue, 23 Apr 2024 00:00:01 GMT
/
ondexx.com/_static/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/_static/??-eJytzkEKwkAMBdALOYZqKXUhHkWmM6GmtskwSVv09A6I4kZw4TKfz/tZkwvChmyQxrknVhjQkg9X14mova7zghwlg59NJm9G4d2jyffoQmTQXFKFdBET3g66Wb/qP7ijv9+euEKk8goVKSsGI2EnnWJeMP9/5iMo+Gk6Vk1btbvDvm4ef4pzVA==
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dec11e5e14ce67f33437fefd54a2191556e941037880965b2c7c47891eaed3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 18 Apr 2023 14:49:06 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
x-page-optimize
uncached
etag
W/"ddefdbbc74ddf49598f50099906f3963"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
host-header
WordPress.com
e-202317.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202317.js
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
server
nginx
etag
W/"62f6b688-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 22 Apr 2024 00:56:29 GMT
player.module.js
f.vimeocdn.com/p/4.23.10/js/ Frame CEA0 		486 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.23.10/js/player.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/410832094?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b721fb305fdb17c213569259140c5b5d20d44418a2117043e80295f597c609d5

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100143-IAD, cache-hhn-etou8220048-HHN
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
343883
x-timer
S1682350308.823430,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
120160
x-cache-hits
37, 110204
vendor.module.js
f.vimeocdn.com/p/4.23.10/js/ Frame CEA0 		386 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.23.10/js/vendor.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/410832094?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a986b0af377c464deeaf682546bb449ee6f512497a266371d0e2e6d7b63772e1

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000137-IAD, cache-hhn-etou8220048-HHN
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
343882
x-timer
S1682350308.823440,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
95282
x-cache-hits
34, 120463
player.css
f.vimeocdn.com/p/4.23.10/css/ Frame CEA0 		211 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.23.10/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/410832094?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1a67a879f6681e21951fcf6096243b131949444125928bcb4c0590c0f6aa7b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200166-IAD, cache-hhn-etou8220076-HHN
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
343882
x-timer
S1682350308.821632,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21715
x-cache-hits
37, 121659
Ondex_Horizontal.svg
ondexx.com/hero-campaign/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondexx.com/hero-campaign/images/Ondex_Horizontal.svg
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a805f303a94f6c75eecb235f4b56cb859aac3404d7453aed6bb57f177d7c457b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Mon, 24 Apr 2023 15:31:48 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-ac
5.ams _atomic_ams BYPASS
server
nginx
vary
Accept-Encoding, Cookie
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
host-header
WordPress.com
link
<https://ondexx.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg
i0.wp.com/ondexx.com/wp-content/uploads/2021/06/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/ondexx.com/wp-content/uploads/2021/06/silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg?fit=6000%2C4000&ssl=1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1b01841d89c56808032d76b9906e9deb286cf1f19f2b86653969986bb70be045
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Apr 2023 13:21:40 GMT
server
nginx
etag
"86a5570d0ddf6ef5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://ondexx.com/wp-content/uploads/2021/06/silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg>; rel="canonical"
content-length
155094
expires
Wed, 23 Apr 2025 01:21:40 GMT
Screenshot-2021-07-13-222711.png
i0.wp.com/ondexx.com/wp-content/uploads/2021/08/ 		747 KB
748 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/ondexx.com/wp-content/uploads/2021/08/Screenshot-2021-07-13-222711.png?fit=2560%2C1440&ssl=1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b795ff547ba7087b815983b82ac98387d765c9b0f0eb3c18c0dedd0c9058e1b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 8
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Apr 2023 13:21:38 GMT
server
nginx
etag
"ae72eb8dc4c942e5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://ondexx.com/wp-content/uploads/2021/08/Screenshot-2021-07-13-222711.png>; rel="canonical"
content-length
765262
expires
Wed, 23 Apr 2025 01:21:38 GMT
truncated
/ 		250 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8da020dda5f6255fa92b7991ad7ccf5b9ed5b9fd9708fd874848eca81d6b3ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
Screenshot-2021-03-08-234416.png
i0.wp.com/ondexx.com/wp-content/uploads/2021/03/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/ondexx.com/wp-content/uploads/2021/03/Screenshot-2021-03-08-234416.png?fit=1446%2C812&ssl=1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
c5c40ee083473ad259f28bd8ed9f6c91c834ef9a3a8338e9d624dafa8e13c498
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 3
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Apr 2023 13:21:38 GMT
server
nginx
etag
"e9f4d2bf17490e51"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://ondexx.com/wp-content/uploads/2021/03/Screenshot-2021-03-08-234416.png>; rel="canonical"
content-length
179206
expires
Wed, 23 Apr 2025 01:21:38 GMT
dictionary-success-magnified-PXJEDEE.jpg
i0.wp.com/ondexx.com/wp-content/uploads/2021/06/ 		876 KB
877 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/ondexx.com/wp-content/uploads/2021/06/dictionary-success-magnified-PXJEDEE.jpg?fit=2516%2C2856&ssl=1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8e929b549d4e32f28ffdb1c16ec320a20dd978707dc4c1093555bcbb966b1f4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 5
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Apr 2023 13:21:39 GMT
server
nginx
etag
"866407da6784b4b3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://ondexx.com/wp-content/uploads/2021/06/dictionary-success-magnified-PXJEDEE.jpg>; rel="canonical"
content-length
896656
expires
Wed, 23 Apr 2025 01:21:39 GMT
portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg
i0.wp.com/ondexx.com/wp-content/uploads/2020/06/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/ondexx.com/wp-content/uploads/2020/06/portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg?fit=2560%2C1707&ssl=1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
22efd5b4c3328b655a4056628cc81f6af001240a4d0a928cae88eb1bf576a731
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Apr 2023 13:21:39 GMT
server
nginx
etag
"789cfe99240f6555"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://ondexx.com/wp-content/uploads/2020/06/portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg>; rel="canonical"
content-length
122252
expires
Wed, 23 Apr 2025 01:21:39 GMT
high-five-27SLYDW.jpg
i0.wp.com/ondexx.com/wp-content/uploads/2021/06/ 		21 MB
21 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/ondexx.com/wp-content/uploads/2021/06/high-five-27SLYDW.jpg?fit=7952%2C5304&ssl=1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ab6163361c1f99aa0387f78f7afe3285a9a28b1e1f1b22a97a7fd2a3cc241d44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
x-bytes-saved
2584839
content-length
21733087
x-nc
HIT ams 3
last-modified
Sun, 23 Apr 2023 13:21:42 GMT
server
nginx
etag
"52bbbea7d759177a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://ondexx.com/wp-content/uploads/2021/06/high-five-27SLYDW.jpg>; rel="canonical"
expires
Wed, 23 Apr 2025 01:21:42 GMT
vintage-red-clock.jpg
i0.wp.com/ondexx.com/wp-content/uploads/2020/04/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/ondexx.com/wp-content/uploads/2020/04/vintage-red-clock.jpg?fit=2000%2C1331&ssl=1
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a27196ee6d70bad9636defc80c02b05d56f13b051c5412386955d04361070cc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 4
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Apr 2023 13:21:40 GMT
server
nginx
etag
"d3968d0f8f5f880b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://ondexx.com/wp-content/uploads/2020/04/vintage-red-clock.jpg>; rel="canonical"
content-length
94256
expires
Wed, 23 Apr 2025 01:21:40 GMT
rwo-power.png
ondexx.com/wp-content/themes/Ondexx/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondexx.com/wp-content/themes/Ondexx/images/rwo-power.png
Requested by
Host: ondexx.com
URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1682350307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ca853d2acc14c2fb7c88c0a9d87502691b0a12aba40532d074178a0ff754c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1682350307
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
x-ac
5.ams _atomic_ams BYPASS
last-modified
Sat, 26 Sep 2020 05:47:50 GMT
server
nginx
etag
"5f6ed606-1f73"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
8051
expires
Mon, 01 May 2023 15:31:47 GMT
Ondexx_master_White_buyline.svg
ondexx.com/wp-content/themes/Ondexx/images/ 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondexx.com/wp-content/themes/Ondexx/images/Ondexx_master_White_buyline.svg
Requested by
Host: ondexx.com
URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1682350307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
87332c922795402d5a79ca50a97c78da9c072ba141ccc38e6e734b5d1b0e5537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1682350307
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 05:48:16 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"5f6ed620-2ca3"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 01 May 2023 15:31:47 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.wp.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.wp.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Bitter%7CHind%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COpen+Sans%3A400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C700%2C900%7CMontserrat%7CDroid+Sans%7CRoboto%7CLora%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%7CRubik%7CMerriweather%3A300%2C400%2C700%2C900%7CPoppins%7CRopa+Sans%7CPlayfair+Display%7CRubik%7CSource+Sans+Pro%7CRoboto+Condensed%7CRoboto+Slab%3A300%2C400%2C700%7CAmatic+SC%3A400%2C700%7CQuicksand%7COswald%7CQuicksand%3A400%2C500%2C700%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CFjalla+One&ver=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts-api.wp.com/
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
nginx
age
533350
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
23580
x-xss-protection
0
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.wp.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.wp.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Bitter%7CHind%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COpen+Sans%3A400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C700%2C900%7CMontserrat%7CDroid+Sans%7CRoboto%7CLora%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%7CRubik%7CMerriweather%3A300%2C400%2C700%2C900%7CPoppins%7CRopa+Sans%7CPlayfair+Display%7CRubik%7CSource+Sans+Pro%7CRoboto+Condensed%7CRoboto+Slab%3A300%2C400%2C700%7CAmatic+SC%3A400%2C700%7CQuicksand%7COswald%7CQuicksand%3A400%2C500%2C700%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CFjalla+One&ver=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts-api.wp.com/
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Mon, 24 Apr 2023 15:31:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
nginx
age
245279
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
23040
x-xss-protection
0
fa-solid-900.woff2
ondexx.com/wp-content/plugins/everest-timeline/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff2
Requested by
Host: ondexx.com
URL: https://ondexx.com/_static/??-eJyVkt1OwzAMhV+ILCDExg3iFXgD5Kbe5s35IXZb+va4ZUW7YJN6k8Tx+WzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak/oRaIJyX/bPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O/CU/io4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k+r4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd/j29P29Wn3sn3ePf4AqdVC2w==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ondexx.com/_static/??-eJyVkt1OwzAMhV+ILCDExg3iFXgD5Kbe5s35IXZb+va4ZUW7YJN6k8Tx+WzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak/oRaIJyX/bPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O/CU/io4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k+r4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd/j29P29Wn3sn3ePf4AqdVC2w==
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Mon, 24 Apr 2023 15:31:48 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-ac
5.ams _atomic_ams BYPASS
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ondexx.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
host-header
WordPress.com
link
<https://ondexx.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=f69857688e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f69857688e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
"610ae215-1003"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7bcf65302d7ebba4-FRA
content-length
4099
pro.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		40 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=f69857688e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f69857688e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
513123
etag
"610ae215-37b8"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7bcf65302d7cbba4-FRA
content-length
14264
player.module.js
f.vimeocdn.com/p/4.23.10/js/ Frame A85F 		486 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.23.10/js/player.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/564404923?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b721fb305fdb17c213569259140c5b5d20d44418a2117043e80295f597c609d5

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100143-IAD, cache-hhn-etou8220048-HHN
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
343883
x-timer
S1682350308.865545,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
120160
x-cache-hits
37, 110205
vendor.module.js
f.vimeocdn.com/p/4.23.10/js/ Frame A85F 		386 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.23.10/js/vendor.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/564404923?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a986b0af377c464deeaf682546bb449ee6f512497a266371d0e2e6d7b63772e1

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000137-IAD, cache-hhn-etou8220048-HHN
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
343883
x-timer
S1682350308.866615,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
95282
x-cache-hits
34, 120464
player.css
f.vimeocdn.com/p/4.23.10/css/ Frame A85F 		211 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.23.10/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/564404923?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1a67a879f6681e21951fcf6096243b131949444125928bcb4c0590c0f6aa7b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200166-IAD, cache-hhn-etou8220076-HHN
date
Mon, 24 Apr 2023 15:31:47 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
343882
x-timer
S1682350308.868599,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21715
x-cache-hits
37, 121660
wp-emoji-release.min.js
ondexx.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"63db0985-4904"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame CEA0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/410832094?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000106-IAD, cache-hhn-etou8220076-HHN
date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
636874
x-timer
S1682350308.071887,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
985
x-cache-hits
90, 197982
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CEA0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.10/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 15:31:48 GMT
910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d
i.vimeocdn.com/video/ Frame CEA0 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f512098128635776fcf4cf19cb7bbe99562f24a52f7b40ef618177993ac93e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
430938
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, MISS
x-backend-server
varnish
content-length
66129
viewmaster-server
viewmaster-us-east1-vzm5
x-served-by
cache-dfw-kdfw8210127-DFW, cache-hhn-etou8220076-HHN
x-timer
S1682350308.140772,VS0,VE124
etag
c898df306d9b8b1ce9207ab543520825
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
9, 0
player-stats
fresnel.vimeocdn.com/add/ Frame CEA0 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=92cddcd7081c0554c0b532e0853a7ba0759091e91682350307
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.10/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 24 Apr 2023 15:31:48 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame A85F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/564404923?color=e31f26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000106-IAD, cache-hhn-etou8220076-HHN
date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
636874
x-timer
S1682350308.223035,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
985
x-cache-hits
90, 197983
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A85F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.10/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 15:31:48 GMT
1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d
i.vimeocdn.com/video/ Frame A85F 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cf885c9fde12f66d288c45e014bce810b6fd4213f1fa3d444374994e20e30f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
349461
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, MISS
x-backend-server
varnish
content-length
22049
viewmaster-server
viewmaster-us-central1-q7nx
x-served-by
cache-dfw-kdfw8210038-DFW, cache-hhn-etou8220076-HHN
x-timer
S1682350308.233232,VS0,VE126
etag
41b8941d1a1896a385934e478c7fce64
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
10, 0
player-stats
fresnel.vimeocdn.com/add/ Frame A85F 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=80fa1f75ff14f947fe9f989fe2e4b80c35f8031d1682350307
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.10/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 24 Apr 2023 15:31:48 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N79F75T
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
adcd0e3486190a32faab8eaacee1a530d3c3aa710c7d41f1e9aa26f86d03e26d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40873
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 15:31:48 GMT
7063729.js
js.hs-analytics.net/analytics/1682350500000/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1682350500000/7063729.js
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d657dae013128070fb4149ed3c7aa2b8711fad7b3502b6e30f1861d2faf8836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
30PC044901GVGKDF
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
28
x-amz-id-2
KsbjxaI6UXI+tpSqxDW7OayoV4cbzleb2fk894kVfXoIRZx3kGXpBm+1mPJ8WiMaYPTk8q1U09SUF7mQ0HZ0Ug==
x-evy-trace-listener
listener_https
x-request-id
00b4c3b6-ebfc-43ca-917a-c92f2aaa03c4
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 18 Apr 2023 14:09:31 GMT
server
cloudflare
etag
W/"7da9d078ac80f687c4abad0d6e9cbee5"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6b586b4cf9-54869
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7bcf6532e8512c5f-FRA
expires
Mon, 24 Apr 2023 15:36:48 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=172565319&post=3076&tz=-4&srv=ondexx.com&hp=atomic&ac=2&amp=0&j=1%3A12.1-a.7&host=ondexx.com&ref=&fcp=1133&rand=0.7496652254871099
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 15:31:48 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
play-circle.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/ 		607 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/play-circle.svg?token=f69857688e
Requested by
Host: t.sidekickopen86.com
URL: https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1427373d63486672985cc1a4c61d7dfe81f4ec37919b6064ad202670b1001af6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:47 GMT
server
cloudflare
etag
W/"610ae23b-25f"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7bcf6532daacbba4-FRA
phone-volume.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/ 		1 KB
704 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/phone-volume.svg?token=f69857688e
Requested by
Host: t.sidekickopen86.com
URL: https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fbcb0906cf302e36acad1d89ad92b8d2e6f36db432c3bca8cfcb51610d4c2a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:47 GMT
server
cloudflare
etag
W/"610ae23b-4a1"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7bcf6532dab0bba4-FRA
at.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 		1 KB
727 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/at.svg?token=f69857688e
Requested by
Host: t.sidekickopen86.com
URL: https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc312dd10b9367e654099cd966f54c2405a64bc47f740b30a0fb2219809e445

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:57:01 GMT
server
cloudflare
etag
W/"610ae2fd-45a"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7bcf6532dab7bba4-FRA
calendar-edit.svg
ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/ 		1 KB
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/calendar-edit.svg?token=f69857688e
Requested by
Host: t.sidekickopen86.com
URL: https://t.sidekickopen86.com/Ctc/U*23284/cRTpQ04/Jl23pr47W7lCdLW6lZ3ngW6YByjj29JymtW63YR-C1rWRJ-N43THRQnV0-LW9lcNYT4pBtHFW7yhbKY1NP7LmW7V5WJ02pGjyqW3y76gr5K2mDbW2HXQSg909s9zW720xnT4wGzctW6MMR6P8DYZMcN44V8Bh2B3YvW4B6hJR6v9K06N85g6vNf6M0sW7yP1kp7_ypsGW3D9F6_3qcp40W99KRtV3_vpbBV-lxvM5vpxGVN80DmV1YVnzgW5j016T50KysvW92JMHf5fSH37W2yL3sG7ZdG2_W456K6X7lkfHzW4nl-Ls4K0-_PVVT4CM8LGfq0f8h-3-d04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0973c3031fef0c0b53d5fb0bc68e91c7f1d82c353235e6852b08618a57522b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:30 GMT
server
cloudflare
etag
W/"610ae22a-520"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7bcf6532dabdbba4-FRA
vuid
vimeo.com/ablincoln/ Frame CEA0 		0
902 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=92cddcd7081c0554c0b532e0853a7ba0759091e91682350307
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Mon, 24 Apr 2023 03:31:48 GMT
Date
Mon, 24 Apr 2023 15:31:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Via
1.1 varnish, 1.1 varnish
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kcgs7200109-IAD, cache-fra-eddf8230078-FRA
x-ua-compatible
IE=edge
x-vimeo-device
d
Server
cloudflare
X-Timer
S1682350308.375469,VS0,VE129
x-backend-proxy
webproxy32
x-frame-options
sameorigin
Vary
User-Agent
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-955dd8bcd-ncblh
Accept-Ranges
bytes
CF-RAY
7bcf653349529131-FRA
X-Cache-Hits
0, 0
js
www.googletagmanager.com/gtag/ 		244 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HVZCPGWLZ9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157050359-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6bd4049756cc2a3604f864f5ae091aebeee67cd87c767c4fc1a59740d353bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84342
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 15:31:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157050359-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 14:35:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3364
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 24 Apr 2023 16:35:44 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1682350308318&cv=11&fst=1682350308318&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&hn=www.googleadservices.com&frm=0&tiba=Hero-Campaign&did=dZTNiMT&gdid=dZTNiMT&auid=320824958.1682350308&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-480613323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7576aadf61de96736d6beda797357f0c783b485bbb7d2d9d24f5f0cded8810a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ajax-loader.gif
ondexx.com/wp-content/themes/Ondexx/js/slick/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/slick/ajax-loader.gif
Requested by
Host: ondexx.com
URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
strict-transport-security
max-age=31536000
x-ac
5.ams _atomic_ams BYPASS
last-modified
Sat, 26 Sep 2020 05:48:02 GMT
server
nginx
etag
"5f6ed612-1052"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4178
expires
Mon, 01 May 2023 15:31:48 GMT
slick.woff
ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/slick.woff
Requested by
Host: ondexx.com
URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
strict-transport-security
max-age=31536000
x-ac
5.ams _atomic_ams BYPASS
last-modified
Sat, 26 Sep 2020 05:47:54 GMT
server
nginx
etag
"5f6ed60a-564"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1380
expires
Mon, 01 May 2023 15:31:48 GMT
38866357_60x60
i.vimeocdn.com/portrait/ Frame CEA0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/portrait/38866357_60x60
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9260e25dc5195b39f4e2b8f7b570ab9f9c79c9ca733e54676185727ab2a9b62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
497726
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
2465
viewmaster-server
viewmaster-us-central1-vv6g
x-served-by
cache-dfw-kdfw8210059-DFW, cache-hhn-etou8220076-HHN
x-timer
S1682350308.415490,VS0,VE1
etag
02863afbb46c3670480e77cf12dc9415
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
36, 1
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame CEA0 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Mon, 24 Apr 2023 15:31:48 GMT
cast_sender.js
www.gstatic.com/eureka/clank/112/ Frame CEA0 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:31:48 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame A85F 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Mon, 24 Apr 2023 15:31:48 GMT
cast_sender.js
www.gstatic.com/eureka/clank/112/ Frame A85F 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:31:48 GMT
38866357_60x60
i.vimeocdn.com/portrait/ Frame A85F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/portrait/38866357_60x60
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.10/js/vendor.module.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9260e25dc5195b39f4e2b8f7b570ab9f9c79c9ca733e54676185727ab2a9b62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:48 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
497726
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
2465
viewmaster-server
viewmaster-us-central1-vv6g
x-served-by
cache-dfw-kdfw8210059-DFW, cache-hhn-etou8220076-HHN
x-timer
S1682350308.449201,VS0,VE0
etag
02863afbb46c3670480e77cf12dc9415
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
36, 2
collect
www.google-analytics.com/j/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1347891763&t=pageview&_s=1&dl=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&ul=en-us&de=UTF-8&dt=Hero-Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1733017882&gjid=1066473745&cid=2054563701.1682350308&tid=UA-157050359-1&_gid=807965376.1682350308&_r=1&gtm=457e34j0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1484301249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ondexx.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ondexx.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HVZCPGWLZ9&gtm=45je34j0&_p=1347891763&_gaz=1&cid=2054563701.1682350308&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682350308&sct=1&seg=0&dl=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&dt=Hero-Campaign&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVZCPGWLZ9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ondexx.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HVZCPGWLZ9&cid=2054563701.1682350308&gtm=45je34j0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVZCPGWLZ9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ondexx.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HVZCPGWLZ9&cid=2054563701.1682350308&gtm=45je34j0&aip=1&z=1364306489
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/480613323/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/480613323/?random=1682350308318&cv=11&fst=1682348400000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&frm=0&tiba=Hero-Campaign&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2856284719&rmt_tld=0&ipr=y
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/480613323/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/480613323/?random=1682350308318&cv=11&fst=1682348400000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&frm=0&tiba=Hero-Campaign&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2856284719&rmt_tld=1&ipr=y
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-solid-900.woff
ondexx.com/wp-content/plugins/everest-timeline/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff
Requested by
Host: ondexx.com
URL: https://ondexx.com/_static/??-eJyVkt1OwzAMhV+ILCDExg3iFXgD5Kbe5s35IXZb+va4ZUW7YJN6k8Tx+WzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak/oRaIJyX/bPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O/CU/io4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k+r4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd/j29P29Wn3sn3ePf4AqdVC2w==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ondexx.com/_static/??-eJyVkt1OwzAMhV+ILCDExg3iFXgD5Kbe5s35IXZb+va4ZUW7YJN6k8Tx+WzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak/oRaIJyX/bPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O/CU/io4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k+r4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd/j29P29Wn3sn3ePf4AqdVC2w==
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Mon, 24 Apr 2023 15:31:49 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-ac
5.ams _atomic_ams BYPASS
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ondexx.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
host-header
WordPress.com
link
<https://ondexx.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-157050359-1&cid=2054563701.1682350308&jid=1733017882&gjid=1066473745&_gid=807965376.1682350308&_u=YGBACUAABAAAACAAI~&z=981023173
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ondexx.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 24 Apr 2023 15:31:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ondexx.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-157050359-1&cid=2054563701.1682350308&jid=1733017882&_u=YGBACUAABAAAACAAI~&z=1451750054
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-157050359-1&cid=2054563701.1682350308&jid=1733017882&_u=YGBACUAABAAAACAAI~&z=1451750054
Requested by
Host: ondexx.com
URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-solid-900.ttf
ondexx.com/wp-content/plugins/everest-timeline/webfonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.ttf
Requested by
Host: ondexx.com
URL: https://ondexx.com/_static/??-eJyVkt1OwzAMhV+ILCDExg3iFXgD5Kbe5s35IXZb+va4ZUW7YJN6k8Tx+WzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak/oRaIJyX/bPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O/CU/io4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k+r4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd/j29P29Wn3sn3ePf4AqdVC2w==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ondexx.com/_static/??-eJyVkt1OwzAMhV+ILCDExg3iFXgD5Kbe5s35IXZb+va4ZUW7YJN6k8Tx+WzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak/oRaIJyX/bPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O/CU/io4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k+r4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd/j29P29Wn3sn3ePf4AqdVC2w==
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Mon, 24 Apr 2023 15:31:50 GMT
strict-transport-security
max-age=31536000
content-encoding
br
x-ac
5.ams _atomic_ams BYPASS
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ondexx.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
host-header
WordPress.com
link
<https://ondexx.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
Ondex_Horizontal.svg
ondexx.com/wp-content/themes/Ondexx/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ondexx.com/wp-content/themes/Ondexx/images/Ondex_Horizontal.svg
Requested by
Host: ondexx.com
URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1682350307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.144 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9c1a15bed2e7bcd5a535fb0fe69ef2b0be90da9a3f2e1218dbb52c0ae27bec2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1682350307
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:50 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 26 Sep 2020 05:47:43 GMT
server
nginx
x-ac
5.ams _atomic_ams BYPASS
etag
W/"5f6ed5ff-134e"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 01 May 2023 15:31:50 GMT
truncated
/ 		605 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56b98b83138a32bc18b90afb94b16f4d8dd32c24cc06b0e5caad09c862ad8e2b

Request headers

Referer
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
7063729.js
js-na1.hs-scripts.com/ 		2 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/7063729.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1682350500000/7063729.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f163d037400b8f676569cc73dc0afb79d3c6073ffd16e72d796b5e6af5da63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 24 Apr 2023 15:31:50 GMT
server
cloudflare
x-hubspot-correlation-id
28c1ec43-57a8-4526-a4eb-284e1bb5f221
x-trace
2B10B52CFBD21A4A7B141DAC5CF90DF32D9AA66AB7000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://ondexx.com
cache-control
public, max-age=30
access-control-allow-credentials
true
cf-ray
7bcf65420d79699f-FRA
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=7063729&rcu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F&pu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&t=Hero-Campaign&cts=1682350310706&vi=fd60f09573daa149fdc6d30c9f4c4532&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a2e59d76-54df-4448-8ea7-cc383e1918d4
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a3d2cc51-e86a-4b4f-8414-cdc9773e35b8
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1K3SjrnppZo%2BQNe0z0TjOSaqHPWOZ45s2sDrpkWw2CyQagtDeycqvsg3wrN33X8cdR%2BOSK8Ak9cRFvB3N%2FLpaqCStNugLPqgipsklbmGUxpTsLi4XpCZUA7GtKYSz3bWM13k9OjYiHbBf8H5Swf"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-gvxkh
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7bcf65421f6c3a43-FRA
x-robots-tag
none
banner.js
js.hs-banner.com/v2/7063729/ 		208 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/7063729/banner.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/7063729.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d0ef35af4a2e26d8907f46397ffb20f4be2687b8585a05c9267304970ee3a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:51 GMT
x-amz-version-id
Z33CJ7dVjY9.U3oV7zMavC0sBO.bzH8B
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
CJA81YJA6W69VVV2
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
120
x-amz-id-2
ApiCc4ywGcF1HXIHjDa8VofNlrPOzGfUiJNrxWO9JAuyhkqmYdyahwCj4aM19XdM7ElNEQTrZrg=
x-evy-trace-listener
listener_https
x-request-id
3f8b3c11-0554-445c-b1a0-9d0a8d9f5b2f
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 17 Apr 2023 16:00:24 GMT
server
cloudflare
etag
W/"febd986983ae22a9ede9c86f4568a19b"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://ondexx.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6b586b4cf9-vnnqv
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7bcf65431e743808-FRA
expires
Mon, 24 Apr 2023 15:36:51 GMT
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/7063729.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3896d7f290c7d0517b49387537619d16697a856032f7b32ab1e5d59e146ab874

Request headers

Referer
https://ondexx.com/
Origin
https://ondexx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:50 GMT
x-amz-version-id
RRXUnHVzHJq1aZcQLM_lvgLsL.pkL5b0
via
1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
153
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.351/bundles/project.js&cfRay=7bcf61814cb791ea-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a3c3abc1-7963-41b8-b509-19dc9e3cda8c
last-modified
Tue, 18 Apr 2023 10:07:51 UTC
server
cloudflare
etag
W/"bacdce2e1da562c87f37454206c81c80"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-85bc9dfc4b-624j7
cf-ray
7bcf6543283230d0-FRA
x-amz-cf-id
h5mWWdhX4fl0IvMDia7cvakxbpa8tgfnkEm-LtfF84d3FJlkdnFG4A==
x-hs-target-asset
collected-forms-embed-js/static-1.351/bundles/project.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/7063729.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:76be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:50 GMT
x-amz-version-id
.SjrrXgKPXt.4Z9u7JrAeq5b0ko7RK6Q
via
1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
400
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.360/bundles/pixels-release.js&cfRay=7bcf5b7a1beb9b8e-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c545fb6b-a2a3-4814-b727-0d4380e2bf73
last-modified
Mon, 17 Apr 2023 03:30:21 UTC
server
cloudflare
etag
W/"1ecc18fb1c2090998fc7361c029fa6a1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-85bc9dfc4b-h8sdv
cf-ray
7bcf65432c819ba7-FRA
x-amz-cf-id
tx6pxa1lZ1F10FIWR1xotzdPzPFAEvwOdlPHtW1xca3p2gWSQ8mmIw==
x-hs-target-asset
adsscriptloaderstatic/static-1.360/bundles/pixels-release.js
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		115 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7063729&utk=fd60f09573daa149fdc6d30c9f4c4532
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b840b22a40dde046cd42876a5f9477b01cade9c7c19b791d5eef75a702f5b24c

Request headers

Accept
application/json, text/plain, */*
Referer
https://ondexx.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
60523aa5-e971-41bd-93af-a74c7988a121
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3b76d71e-88d5-493c-9b9e-55e4794e6a78
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ondexx.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-85bc9dfc4b-nwwwk
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7bcf654388dc30d0-FRA
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		180 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7063729
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e6e4fa24bde7dd1fc9bfff103a6d00764a8f58867ff617cef09cdaea3dde086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
901a034a-403b-4694-a893-4b109c48561f
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B40A69A65F389EB9DB2703082ECE8DF18F40BC224000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ondexx.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lePyjWcvdt%2FFySFW06SHqb7Z25Wa0I4LnACnUZD5rPpycouhi1OuCn9XsxFhn2h0FQAqs2HGkLR3rYlZvK3dsMPr8F3FVFJcbg2Jr0eG8unJ7n9UOlvWZuVokkzc5lpjw6BmKKzra09Nf74c"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
cf-ray
7bcf6545ee02912e-FRA
access-control-allow-headers
*
js
www.googletagmanager.com/gtag/ 		132 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-480613323
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d66eeccf08fc6ad55e1fb4cbe5e42ccda98cb890b9549c8487bcefcbb361ce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51682
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 15:31:51 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1682350311487&cv=11&fst=1682350311487&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&hn=www.googleadservices.com&frm=0&tiba=Hero-Campaign&did=dZTNiMT%2CdZTQ1Zm&gdid=dZTNiMT.dZTQ1Zm&auid=320824958.1682350308&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-480613323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0033b9e77708545a79b0919bd8134e5a02dbd56f84cb4aab6bcdf05a780eafde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1250
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=82419
accept-ranges
bytes
content-length
4777
token
cdn.linkedin.oribi.io/partner/3828668/domain/ondexx.com/ 		36 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3828668/domain/ondexx.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://ondexx.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:29:18 GMT
content-encoding
gzip
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
153
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=12930
x-amz-cf-id
EqNF0Kjkk7eZvaT9SBZi6yAKhlm2_UPBeXDpn6RMpi9DZ5ReJvGPDg==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1682350311546%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-ca...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%2...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&liSync=true&e_ipv6=AQJ-co6UWEu7MQAAAYez5IpX-X_KPe-LgA5PmKdKLOjYwupsJHZg-Dyr5Z9kF5O2K5-Ojrnp3NhR5xsSol7URY-8Ahm_7A
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:31:52 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4A1697414CB7436BA9D20E5BCF0A674E Ref B: FRAEDGE1321 Ref C: 2023-04-24T15:31:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6FrS/y0TNRs3pnJqRrg==

Redirect headers

date
Mon, 24 Apr 2023 15:31:51 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A7469C788A10437788A918F517886D16 Ref B: FRAEDGE1916 Ref C: 2023-04-24T15:31:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1682350311546&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&liSync=true&e_ipv6=AQJ-co6UWEu7MQAAAYez5IpX-X_KPe-LgA5PmKdKLOjYwupsJHZg-Dyr5Z9kF5O2K5-Ojrnp3NhR5xsSol7URY-8Ahm_7A
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6FrS8Rf9B5j+G4njWUA==
/
www.google.com/pagead/1p-user-list/480613323/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/480613323/?random=1682350311487&cv=11&fst=1682348400000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&frm=0&tiba=Hero-Campaign&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2738962278&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/480613323/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/480613323/?random=1682350311487&cv=11&fst=1682348400000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022&frm=0&tiba=Hero-Campaign&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2738962278&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:31:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
boom.gif
pixel.wp.com/ 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.001&largest_contentful_paint=1475&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=0&downlink=10000&host_name=ondexx.com&url_path=%2Fhero-campaign%2F&nt_fetchStart=138&nt_domainLookupStart=139&nt_domainLookupEnd=147&nt_connectStart=147&nt_connectEnd=175&nt_secureConnectionStart=159&nt_requestStart=175&nt_responseStart=736&nt_responseEnd=805&nt_domLoading=739&nt_domInteractive=1553&nt_domContentLoadedEventStart=1558&nt_domContentLoadedEventEnd=1567&nt_domComplete=3960&nt_loadEventStart=3960&nt_loadEventEnd=3983&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=1133&first_contentful_paint=1133&resource_size=3862040&resource_transferred=2551207&js_size=549467&js_transferred=158145&resource_cache_percent=0&js_cache_percent=0&last_resource_end=5631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ondexx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Apr 2023 15:31:54 GMT
cache-control
no-cache
server
nginx

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| FontAwesomeKitConfig function| $ function| jQuery function| apbct_attach_event_handler__backend object| _wpemojiSettings function| VideoPressIframeApi function| a object| ___FONT_AWESOME___ object| fontawesome-pro-shims object| FontAwesomeConfig object| FontAwesome function| ownKeys function| _objectSpread function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| _toPropertyKey function| _toPrimitive function| ApbctCore function| ctProcessError function| apbct function| ApbctXhr function| ApbctAjax function| ApbctRest function| ctSetCookie function| ctDetectForcedAltCookiesForms function| ctSetAlternativeCookie function| ctGetCookie function| ctDeleteCookie function| apbct_public_sendAJAX function| apbct_public_sendREST function| apbctGenerateUniqueID object| apbctLocalStorage object| apbctSessionStorage object| ct_date number| ctTimeMs boolean| ctMouseEventTimerFlag object| ctMouseData number| ctMouseDataCounter object| ctCheckedEmails function| apbct_attach_event_handler function| apbct_remove_event_handler number| ctMouseReadInterval number| ctMouseWriteDataInterval function| ctFunctionFirstKey function| ctFunctionMouseMove function| ctMouseStopData function| ctKeyStopStopListening function| checkEmail function| ctSetPixelImg function| ctGetPixelUrl function| ctSetHasScrolled function| ctSetMouseMoved function| ctStartFieldsListening function| ctStopFieldsListening function| ctFunctionHasInputFocused function| ctFunctionHasKeyUp function| ctSetHasInputFocused function| ctSetHasKeyUp function| ctPreloadLocalStorage function| apbct_ready function| ctFillDecodedEmailHandler function| apbctAjaxEmailDecodeBulk function| apbctEmailEncoderCallbackBulk function| resetEncodedNodes function| getJavascriptClientData function| removeDoubleJsonEncoding function| ctProcessDecodedDataResult function| ctFillDecodedEmail function| ctShowDecodeComment function| apbct_collect_visible_fields function| apbct_visible_fields_set_cookie function| apbct_js_keys__set_input_value function| apbctGetScreenInfo function| ctParseBlockMessage function| ctSetPixelUrlLocalstorage function| ctNoCookieConstructHiddenField function| ctGetPageForms function| ctNoCookieFormIsExcludedFromNcField function| ctNoCookieAttachHiddenFieldsToForms function| defaultFetch function| defaultSend function| checkFormsExistForCatching function| isFormThatNeedCatch function| checkFormsExistForCatchingXhr function| isFormThatNeedCatchXhr function| getNoCookieData object| cleantalkModal object| buttonsToHandle function| apbctGDPRHandleButtons function| ct_protect_external function| formIsExclusion function| apbctProcessIframes function| apbctProcessExternalForm function| apbct_replace_inputs_values_from_other_form function| isIntegratedForm function| sendAjaxCheckingFormData function| catchDynamicRenderedForm function| catchDynamicRenderedFormHandler function| sendAjaxCheckingDynamicFormData function| apbct_prev function| apbct_val function| ctCheckInternal function| ctCheckInternalIsExcludedForm object| et_frontend_js_params function| gtag object| dataLayer object| campaignID object| jetpackLazyImagesL10n object| _stq object| google_tag_manager object| google_tag_data boolean| pp_alreadyInitialized function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| imagesLoaded function| WOW function| st_go function| linktracker_init object| wpcom object| twemoji object| wp string| GoogleAnalyticsObject function| ga object| GooglebQhCsO boolean| doresize object| scroll_pos boolean| hashtag object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime object| e boolean| PIXELS_RAN object| enabledEventSettings object| __hsCollectedFormsDebug boolean| _hspb_loaded boolean| _hspb_ran object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk

35 Cookies

Domain/Path Name / Value
.ondexx.com/ Name: apbct_site_referer
Value: UNKNOWN
.vimeo.com/ Name: __cf_bm
Value: JaiY3WCyQ4EYkyoJ7ZdQF4BarwpIQQgK6p1ItWTDOaw-1682350307-0-AcAUBd/mlxWOJ1VKPKtVuXLcSMZjCBL+jH6H4BWYWwjRLzI6nKjqHAME4KUZ2Q426YddNOe20O2pDtVnqUNx4Bg=
ondexx.com/ Name: ct_ps_timestamp
Value: 1682350308
ondexx.com/ Name: ct_fkp_timestamp
Value: 0
ondexx.com/ Name: ct_timezone
Value: 0
ondexx.com/ Name: ct_screen_info
Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A6832%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
ondexx.com/ Name: apbct_headless
Value: false
ondexx.com/ Name: ct_checked_emails
Value: 0
ondexx.com/ Name: ct_checkjs
Value: 1158719660
.vimeo.com/ Name: vuid
Value: pl597565394.1814217088
.ondexx.com/ Name: _gcl_au
Value: 1.1.320824958.1682350308
.ondexx.com/ Name: _gid
Value: GA1.2.807965376.1682350308
.ondexx.com/ Name: _gat_gtag_UA_157050359_1
Value: 1
ondexx.com/ Name: apbct_site_landing_ts
Value: 1682350308
ondexx.com/ Name: apbct_prev_referer
Value: https%3A%2F%2Fondexx.com%2F_static%2F%3F%3F-eJyVkt1OwzAMhV%2BILCDExg3iFXgD5Kbe5s35IXZb%2Bva4ZUW7YJN6k8Tx%2BWzrJENxlAJ3LYoPIr4lUd9wDmfH1FSooxcdGTeR0sYED0NxISfFpL5wd6Ak%2FoRaIJyX%2FbPH1ObqodMcQZXCknE9tZhLRWvUdMTtpRO2pAbMgfhZZCsOS8O%2FCU%2Fio4kBGeM0wXVQGEasjvEAYbwe9yZtuev4X2byJDCIUHB6NJ3ccyIwQlLgs5MC0ZWaFYNeiiyp0jVM4V4Z7NE8UqcUkSnhXAASmZu4ijl9dVjHTfMtbKbWVaw9k%2Br4ccyaV3F7E8GAkiM6YF7F4vR6SR2ZWtaR6vZ1FrZrObss1o76m94uH3y29Pc8Sd%2Fj29P29Wn3sn3ePf4AqdVC2w%3D%3D
.ondexx.com/ Name: _ga_HVZCPGWLZ9
Value: GS1.1.1682350308.1.0.1682350308.60.0.0
.ondexx.com/ Name: _ga
Value: GA1.1.2054563701.1682350308
ondexx.com/ Name: ct_pointer_data
Value: %5B%5D
ondexx.com/ Name: apbct_timestamp
Value: 1682350310
ondexx.com/ Name: apbct_page_hits
Value: 3
ondexx.com/ Name: apbct_cookies_test
Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25228a09bff01dfaec4d84a78bf75514b449%2522%257D
.ondexx.com/ Name: apbct_urls
Value: %7B%22ondexx.com%2Fhero-campaign%2F%3Futm_campaign%3Ddr1%26utm_medium%3Demail%26utm_content%3Dimage-link%26utm_source%3Dst-2022%22%3A%5B1682350307%5D%2C%22ondexx.com%2Fwp-content%2Fplugins%2Feverest-timeline%2Fwebfonts%2Ffa-solid-900.woff2%22%3A%5B1682350308%5D%2C%22ondexx.com%2Fwp-content%2Fplugins%2Feverest-timeline%2Fwebfonts%2Ffa-solid-900.woff%22%3A%5B1682350309%5D%2C%22ondexx.com%2Fwp-content%2Fplugins%2Feverest-timeline%2Fwebfonts%2Ffa-solid-900.ttf%22%3A%5B1682350310%5D%7D
.hubspot.com/ Name: __cf_bm
Value: HV_tdjQSCYYGlgMksiAowJjotbTByXHn.A6Qilq349Y-1682350310-0-Adm6h8/vJWegst1ZesJXcSJykuYk0GamxHoym6pR+62f/RBMt1RvDGeJztU8DeUW7oUV+H5CnaoHEebMO50uQM8=
.ondexx.com/ Name: __hstc
Value: 229265987.fd60f09573daa149fdc6d30c9f4c4532.1682350310703.1682350310703.1682350310703.1
.ondexx.com/ Name: hubspotutk
Value: fd60f09573daa149fdc6d30c9f4c4532
.ondexx.com/ Name: __hssrc
Value: 1
.ondexx.com/ Name: __hssc
Value: 229265987.1.1682350310703
.doubleclick.net/ Name: IDE
Value: AHWqTUlcvUHsCv_crXxyOH8thD8Dj104dccsOKdmgVLlZ6BNe0qufl0xjFgnWHLh
ondexx.com/ Name: ln_or
Value: eyIzODI4NjY4IjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQKsL9pSYYvrowAAAYez5IjpH5P0kYdtO0kXhq3Eaa9qjlY8vg94Un2GvyuEOEuefrhtytV6p-t_3A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIvz_Tdw8-v7gAAAYez5Ijp9EQbPIMbppDStTMnb0J4rBBWGAbf6dCd1QHdVaPVEJtV3nJz5AyEDzYjSKhUcg
.linkedin.com/ Name: bcookie
Value: "v=2&84151a33-646b-461c-8c74-8bc89f630ff1"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2554:u=1:x=1:i=1682350311:t=1682436711:v=2:sig=AQEjOiwj11BXU1UQJTICVzmt0ehHUEiy"
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230424153151ebb8f144-c086-4c05-80d4-421a00ff3123AQE0TuSOTeuetPKtyYNjs5amzuXMchTy"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODIzNTAzMTE7MjswMjFP6Mr59SZmUqvsWroWF0eEv1prnzQFE14WQoEcnv3mIA==

5 Console Messages

Source Level URL
Text
other warning URL: https://ondexx.com/hero-campaign/?utm_campaign=dr1&utm_medium=email&utm_content=image-link&utm_source=st-2022(Line 208)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://ondexx.com/hero-campaign/images/Ondex_Horizontal.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
cdn.linkedin.oribi.io
f.vimeocdn.com
fonts-api.wp.com
fonts.googleapis.com
fonts.wp.com
forms.hscollectedforms.net
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.vimeocdn.com
i0.wp.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
ka-p.fontawesome.com
kit.fontawesome.com
ondexx.com
pixel.wp.com
player.vimeo.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s0.wp.com
snap.licdn.com
stats.g.doubleclick.net
stats.wp.com
t.sidekickopen86.com
track.hubspot.com
vimeo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
146.75.122.109
162.159.128.61
162.159.138.60
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.144
2001:4860:4802:32::36
2600:9000:20eb:800:2:53b2:240:93a1
2606:4700::6810:76be
2606:4700::6810:8ace
2606:4700::6811:69c7
2606:4700::6811:cbcc
2606:4700::6812:1734
2606:4700::6812:18c4
2606:4700::6812:5b7
2606:4700::6812:853b
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:80b::2008
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:148d
34.120.202.204
0033b9e77708545a79b0919bd8134e5a02dbd56f84cb4aab6bcdf05a780eafde
03d0fd5f4159ebcdef4f514d6532f163276b8493482423efdbb5a5187d05ef59
06e98c97873ac6b702e2da28c48988a41ed373a22b4938350b51fefbec4f54a6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ca853d2acc14c2fb7c88c0a9d87502691b0a12aba40532d074178a0ff754c68
0df60d15ee1b87cc9007f1d50ea2d9fd8560ac1b7cf143a51208f20b27a59fa7
1427373d63486672985cc1a4c61d7dfe81f4ec37919b6064ad202670b1001af6
1b01841d89c56808032d76b9906e9deb286cf1f19f2b86653969986bb70be045
22c5c51f271e0a0e16e0c11c222341eec59893351a5359244bcb4e9a7c9e5ab5
22efd5b4c3328b655a4056628cc81f6af001240a4d0a928cae88eb1bf576a731
25a2d24581b1a799247167fbd55f811236d54552b6a776f30af067bb32e9ff8f
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2c2da0932200fc898d47f5b7d68525a944e5705a07dc0d1f85d1348b84a6a7f0
2dc312dd10b9367e654099cd966f54c2405a64bc47f740b30a0fb2219809e445
363772dedfd88a0400b348b98cb8405d0f6ed8d1194057f7860de0de78e0bb09
3896d7f290c7d0517b49387537619d16697a856032f7b32ab1e5d59e146ab874
3fa5a09d257141106a2523a701f2d7812686f4240c93afc02f7054d13cf32ed1
48d0ef35af4a2e26d8907f46397ffb20f4be2687b8585a05c9267304970ee3a8
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4d657dae013128070fb4149ed3c7aa2b8711fad7b3502b6e30f1861d2faf8836
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51dc1ea3b9642d966bbdf2c63346e4d2d3f668a693fa8e7f1e31bf6acbe48860
56b98b83138a32bc18b90afb94b16f4d8dd32c24cc06b0e5caad09c862ad8e2b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e6e4fa24bde7dd1fc9bfff103a6d00764a8f58867ff617cef09cdaea3dde086
7576aadf61de96736d6beda797357f0c783b485bbb7d2d9d24f5f0cded8810a8
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87332c922795402d5a79ca50a97c78da9c072ba141ccc38e6e734b5d1b0e5537
875aa1ea4554db2adf00a9258866ea9b56085c5f27c2a1d28c1c152d62938c24
8e929b549d4e32f28ffdb1c16ec320a20dd978707dc4c1093555bcbb966b1f4a
8fbcb0906cf302e36acad1d89ad92b8d2e6f36db432c3bca8cfcb51610d4c2a5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92a1f8ab048c0e20c473f136314fc89e84eae12ff130de142d0d44f408625345
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9c1a15bed2e7bcd5a535fb0fe69ef2b0be90da9a3f2e1218dbb52c0ae27bec2f
9cf885c9fde12f66d288c45e014bce810b6fd4213f1fa3d444374994e20e30f2
9d0973c3031fef0c0b53d5fb0bc68e91c7f1d82c353235e6852b08618a57522b
a11c88618c7be080bd5c931a954b9618d7b7ed0065a069569819edee731fee97
a1a67a879f6681e21951fcf6096243b131949444125928bcb4c0590c0f6aa7b0
a27196ee6d70bad9636defc80c02b05d56f13b051c5412386955d04361070cc1
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a805f303a94f6c75eecb235f4b56cb859aac3404d7453aed6bb57f177d7c457b
a986b0af377c464deeaf682546bb449ee6f512497a266371d0e2e6d7b63772e1
ab6163361c1f99aa0387f78f7afe3285a9a28b1e1f1b22a97a7fd2a3cc241d44
adcd0e3486190a32faab8eaacee1a530d3c3aa710c7d41f1e9aa26f86d03e26d
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b4fbcbbf07940d1778900ccf5470efe4e5df9c8b43118d93603af1e5b791a25b
b6bd4049756cc2a3604f864f5ae091aebeee67cd87c767c4fc1a59740d353bd4
b721fb305fdb17c213569259140c5b5d20d44418a2117043e80295f597c609d5
b795ff547ba7087b815983b82ac98387d765c9b0f0eb3c18c0dedd0c9058e1b2
b840b22a40dde046cd42876a5f9477b01cade9c7c19b791d5eef75a702f5b24c
b9260e25dc5195b39f4e2b8f7b570ab9f9c79c9ca733e54676185727ab2a9b62
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c52a5ae1a52da07ddf1de6bc56a50608005cefb53d1d4e5e4b494dddba1d0907
c5c40ee083473ad259f28bd8ed9f6c91c834ef9a3a8338e9d624dafa8e13c498
d66eeccf08fc6ad55e1fb4cbe5e42ccda98cb890b9549c8487bcefcbb361ce74
d7f163d037400b8f676569cc73dc0afb79d3c6073ffd16e72d796b5e6af5da63
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec11e5e14ce67f33437fefd54a2191556e941037880965b2c7c47891eaed3ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79676652d1863f6e99bba194b19fb5b4ab2897d1052e971df4481a16a55d7be
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8da020dda5f6255fa92b7991ad7ccf5b9ed5b9fd9708fd874848eca81d6b3ab
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f305605b98771f02238f3f7530a6b1b4d869fe9ef23c5eb9421be86cb68af1ac
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f512098128635776fcf4cf19cb7bbe99562f24a52f7b40ef618177993ac93e53
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f