ondexx.com Open in urlscan Pro
192.0.78.251  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1661517187849%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-campaign%252F%253Futm_source%253Dst-2022%2526utm_medium%253Demail%2526utm_campaign%253Ddr2%2526utm_content%253Dtext-link2%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&liSync=true&e_ipv6=AQKH-J1XtpzLWAAAAYLaJE150NNlz7g9ql8wRuLzwob28WUy-OvgaG1zqMUKGlx0Vke5BstIdV3Ejg

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ondexx.com/hero-campaign/	45 KB 13 KB	540ms 488ms	Document text/html	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 6bcea9b0d3c36c759e1159aac6be0c4d945433f03a8b66a3a8429140f7d7f9f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Fri, 26 Aug 2022 12:33:03 GMT host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" <https://ondexx.com/wp-json/wp/v2/pages/3076>; rel="alternate"; type="application/json" <https://ondexx.com/?p=3076>; rel=shortlink server nginx strict-transport-security max-age=31536000 vary Accept-Encoding Cookie x-ac 2.hhn _atomic_ams x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
GET H2	200	slick.css ondexx.com/wp-content/themes/Ondexx/js/slick/	2 KB 602 B	186ms 185ms	Stylesheet text/css	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.css Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:59 GMT server nginx etag W/"5f6ed60f-6f0" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Fri, 02 Sep 2022 12:33:03 GMT
GET H2	200	slick-theme.css ondexx.com/wp-content/themes/Ondexx/js/slick/	3 KB 1004 B	185ms 183ms	Stylesheet text/css	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:53 GMT server nginx etag W/"5f6ed609-c49" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=604800 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Fri, 02 Sep 2022 12:33:03 GMT
GET H2	200	f69857688e.js Show response kit.fontawesome.com/	11 KB 4 KB	90ms 39ms	Script text/javascript	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/f69857688e.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c45b7e88d35f33638aa07e6537039db5f5fd17ae1846759d6e99c07de3e9789 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:03 GMT content-encoding gzip cf-cache-status REVALIDATED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 740c97fecfc39271-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id Fw7kwLvARG4PUdBBecQB
GET H2	200	jquery-3.4.1.min.js Show response ondexx.com/wp-content/themes/Ondexx/js/vendor/	86 KB 31 KB	199ms 198ms	Script application/javascript	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/vendor/jquery-3.4.1.min.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:55 GMT server nginx etag W/"5f6ed60b-15851" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Fri, 02 Sep 2022 12:33:03 GMT
GET H2	200	slick.min.js Show response ondexx.com/wp-content/themes/Ondexx/js/slick/	42 KB 11 KB	188ms 187ms	Script application/javascript	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick.min.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:48:06 GMT server nginx etag W/"5f6ed616-a76f" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Fri, 02 Sep 2022 12:33:03 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 930 B	80ms 29ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 26 Aug 2022 12:10:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 26 Aug 2022 12:33:03 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Aug 2022 12:33:03 GMT
GET H2	200	style.css ondexx.com/wp-content/themes/Ondexx/	44 KB 10 KB	188ms 187ms	Stylesheet text/css	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1661517183 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f305605b98771f02238f3f7530a6b1b4d869fe9ef23c5eb9421be86cb68af1ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 03 Aug 2021 22:21:47 GMT server nginx etag W/"6109c17b-ae26" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=315360000 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ ondexx.com/_static/	847 KB 109 KB	233ms 231ms	Stylesheet text/css	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4maayXTT6RV6BRl+HCUCUyTH5fYlzqLpIp16h9B7Aj5zdpy8TAHaedUusFrXy+jPTrgvVGqnVgWbyGnTgKf5TjhpFxGYIIhI9qvIQhXFCQby9V92693X944fk12RLNPAqd1UQMlIzk4zRZfLaPC2POCnlade2P81BrFHcJ4EKUh16o8Ik3AaOlKF3RKZOQywhyMuKFBzxhHNxKJQ4kiGVc7pc0Kpm/5LhQPKKjcXmNWP42jjKu/QIJqhY4QjkVUurj+bzHGjdZ1p7lAWMKz12mZux/HlYbYnWCZ/vkV6W1/R9/i23e+fX192293+G97BIfo= Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7fcc4e996bb06c5a46c5cfea5bd9cdd4d778f209d6bc46f74cc0c9779ece3491 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br last-modified Thu, 18 Aug 2022 14:49:06 GMT server nginx x-page-optimize uncached etag W/"b1f9e0f83be5eae095ebb7660a53e415" vary Accept-Encoding content-type text/css;charset=utf-8 cache-control max-age=31536000 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams host-header WordPress.com
GET H2	200	dashicons.min.css ondexx.com/wp-includes/css/	58 KB 34 KB	189ms 187ms	Stylesheet text/css	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/css/dashicons.min.css?ver=6.0.1 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 03 Mar 2021 21:16:22 GMT server nginx etag W/"603ffca6-e688" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=315360000 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	73 KB 4 KB	76ms 29ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Bitter%7CHind%7CPlayfair+Display%3A400%2C400i%2C700%2C700i%2C900%2C900i%7COpen+Sans%3A400%2C500%2C600%2C700%2C900%7CLato%3A300%2C400%2C700%2C900%7CMontserrat%7CDroid+Sans%7CRoboto%7CLora%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%7CRubik%7CMerriweather%3A300%2C400%2C700%2C900%7CPoppins%7CRopa+Sans%7CPlayfair+Display%7CRubik%7CSource+Sans+Pro%7CRoboto+Condensed%7CRoboto+Slab%3A300%2C400%2C700%7CAmatic+SC%3A400%2C700%7CQuicksand%7COswald%7CQuicksand%3A400%2C500%2C700%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%7CFjalla+One&ver=6.0.1 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b90af3f0574da884819007d0b56228b7c87d99bd57e8960403cbdc93e526dfad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 26 Aug 2022 12:31:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 26 Aug 2022 12:33:03 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Aug 2022 12:33:03 GMT
GET H2	200	jquery.min.js Show response ondexx.com/wp-includes/js/jquery/	87 KB 31 KB	192ms 190ms	Script application/javascript	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 10 Mar 2021 15:07:24 GMT server nginx etag W/"6048e0ac-15db1" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ Show response ondexx.com/_static/	250 KB 57 KB	202ms 201ms	Script application/javascript	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/_static/??-eJyVj0tOAzEQRC9EzxARjdggrsAVPHbhOLQ/uNsxc3ucwDaRRmqpN/Xq0wuFZLk5yHwe991Qt/9HMfhqFFMMaTrLUy9kc1IknQs3H5LMlmGSGv4iKSZSqVlh9epkymqVSls5WFpbcvzIB3GFI2sYQ7iR2BNc45D8bESgt249OA+9Z3BBhShpiBgcrkCQrLlgB/G3e1p/hIND3ZMVjYdwNg7u0c77oaVCdfs4jc474J77DjWUPutN5wb1Ht8Oy/L8+nI8HJdfplzHCA== Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 8c6147279f7476c0fbe711834f1556cdb190f3724a6f9315a2ad2a0082b293da Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br last-modified Thu, 18 Aug 2022 14:49:06 GMT server nginx x-page-optimize uncached etag W/"d65b39d4494ec05b9cdeb147f841efad" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams host-header WordPress.com
GET H2	200	js Show response www.googletagmanager.com/gtag/	107 KB 42 KB	106ms 38ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-157050359-1 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 803dee4af056464d08350d1baa026d9fb60793737306fc37749fbf66e5ee3b20 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42093 x-xss-protection 0 last-modified Fri, 26 Aug 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Aug 2022 12:33:04 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	114 KB 45 KB	50ms 49ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c7cf422dde02d472b73ea9091b25386f99a74eb66681273c349ab33b9550adf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45668 x-xss-protection 0 last-modified Fri, 26 Aug 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Aug 2022 12:33:04 GMT
GET H2	200	plugins.js Show response ondexx.com/wp-content/themes/Ondexx/js/	662 B 411 B	186ms 185ms	Script application/javascript	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/plugins.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 03d0fd5f4159ebcdef4f514d6532f163276b8493482423efdbb5a5187d05ef59 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:57 GMT server nginx etag W/"5f6ed60d-296" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=604800 date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams expires Fri, 02 Sep 2022 12:33:03 GMT
GET H2	200	main.js Show response ondexx.com/wp-content/themes/Ondexx/js/	118 B 193 B	185ms 185ms	Script application/javascript	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/main.js?v=1661517183 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 92a1f8ab048c0e20c473f136314fc89e84eae12ff130de142d0d44f408625345 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:03 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:42 GMT server nginx etag "5f6ed5fe-76" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 118 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	71ms 21ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 5464 date Fri, 26 Aug 2022 11:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 26 Aug 2022 13:02:00 GMT
GET H2	200	bilmur.min.js Show response s0.wp.com/wp-content/js/	6 KB 2 KB	75ms 21ms	Script application/javascript	192.0.77.32 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://s0.wp.com/wp-content/js/bilmur.min.js?m=202234 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9e038ad8d6f4e0982fc74aa17e251982a487d9e7326ab37ae739d146236593b3 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn 2 date Fri, 26 Aug 2022 12:33:04 GMT content-encoding br server nginx etag W/"6246db7c-16da" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 x-ac 2.hhn _dfw timing-allow-origin * expires Tue, 22 Aug 2023 00:00:00 GMT
GET H2	200	e-202234.js Show response stats.wp.com/	9 KB 3 KB	76ms 22ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202234.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-nc HIT hhn date Fri, 26 Aug 2022 12:33:04 GMT content-encoding br server nginx etag W/"62f6b688-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Sun, 13 Aug 2023 23:03:42 GMT
GET H2	200	pro-v4-shims.min.js Show response ka-p.fontawesome.com/releases/v5.15.4/js/	14 KB 4 KB	48ms 37ms	Fetch application/javascript	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=f69857688e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f69857688e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:03 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare age 57942 etag "610ae215-1003" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 740c97ffb9189271-FRA content-length 4099
GET H2	200	pro.min.js Show response ka-p.fontawesome.com/releases/v5.15.4/js/	40 KB 14 KB	44ms 34ms	Fetch application/javascript	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=f69857688e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/f69857688e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:03 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare age 57942 etag "610ae215-37b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 740c97ffb91b9271-FRA content-length 14264
GET H2	200	wp-emoji-release.min.js Show response ondexx.com/wp-includes/js/	18 KB 5 KB	187ms 186ms	Script application/javascript	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 12 Apr 2022 05:56:23 GMT server nginx etag W/"62551487-48b9" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	91 KB 35 KB	44ms 43ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N4GX5F3 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4db01b0d670b91022de85bb773b92de89db0a9a8137062884d158e96d5c2937f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35978 x-xss-protection 0 last-modified Fri, 26 Aug 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Aug 2022 12:33:04 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	91 KB 35 KB	38ms 37ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N79F75T Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0f77de5d08cd2bb2c1aac0fcd2b48b8d650c422c8c06a9468c1aff29cfb19808 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35999 x-xss-protection 0 last-modified Fri, 26 Aug 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Aug 2022 12:33:04 GMT
GET H2	200	Ondex_Horizontal.svg ondexx.com/wp-content/themes/Ondexx/images/	5 KB 2 KB	194ms 193ms	Image image/svg+xml	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/Ondex_Horizontal.svg Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1661517183 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9c1a15bed2e7bcd5a535fb0fe69ef2b0be90da9a3f2e1218dbb52c0ae27bec2f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1661517183 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:47:43 GMT server nginx etag W/"5f6ed5ff-134e" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg ondexx.com/wp-content/uploads/2021/06/	363 KB 363 KB	217ms 217ms	Image image/jpeg	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/silhouette-of-smart-successful-males-man-wearing-l-64UHUPQ_v3.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 919acbbc8643239878739433a76b5f767a96cc6e62063cb9f1ea262e259d730d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 15 Jun 2021 06:50:08 GMT server nginx etag "60c84da0-5aab7" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 371383 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	88ms 39ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 17:08:09 GMT x-content-type-options nosniff age 242695 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Aug 2023 17:08:09 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	70ms 21ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 17:08:09 GMT x-content-type-options nosniff age 242695 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Aug 2023 17:08:09 GMT
GET H/1.1	200 OK	564404923 Show response player.vimeo.com/video/ Frame 79CB	16 KB 9 KB	308ms 252ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/564404923?color=e31f26 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c21161fa259a3592ce7ae36e63ba4e926d03942bc042f6028a890bd0c0e81df Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://* Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ondexx.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 740c98026f93925c-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 26 Aug 2022 12:33:04 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-fra19170-FRA X-Timer S1661517184.399882,VS0,VE215 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://* expires Fri, 15 Dec 1985 19:30:00 GMT link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy10 x-bapp-server player-fc4db77c5-lpvbw x-content-type-options nosniff x-host player-fc4db77c5-lpvbw x-varnish-cache 0 x-vserver playproxy-rollout-prod-varnish-9 x-xss-protection 1; mode=block
GET H/1.1	200 OK	410832094 Show response player.vimeo.com/video/ Frame 39F2	16 KB 9 KB	297ms 238ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/410832094?color=e31f26 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4debc6f8e4f4a6e0c35141fa48a1ca968288605c29b3c732c21048f2afd0e61b Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ondexx.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 0 CF-Cache-Status DYNAMIC CF-RAY 740c980269559a18-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 26 Aug 2022 12:33:04 GMT Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS X-Cache-Hits 0 X-Player-Backend p X-Served-By cache-hhn4078-HHN X-Timer S1661517184.401384,VS0,VE194 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp expires Fri, 15 Dec 1985 19:30:00 GMT link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 varnish, 1.1 varnish x-backend-proxy playproxy6 x-bapp-server player-fc4db77c5-n9mkk x-content-type-options nosniff x-host player-fc4db77c5-n9mkk x-varnish-cache 0 x-vserver playproxy-rollout-prod-varnish-5 x-xss-protection 1; mode=block
GET H2	200	Screenshot-2021-07-13-222711.png ondexx.com/wp-content/uploads/2021/08/	1000 KB 1001 KB	380ms 380ms	Image image/png	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/08/Screenshot-2021-07-13-222711.png Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e80163c34bbbf05c2809d6058bb838ce44f88d89ceb4978683ccf39de59838ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 03 Aug 2021 17:52:48 GMT server nginx etag "61098270-f9e04" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 1023492 expires Fri, 02 Sep 2022 12:33:04 GMT
GET DATA	200 OK	truncated /	250 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e8da020dda5f6255fa92b7991ad7ccf5b9ed5b9fd9708fd874848eca81d6b3ab Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	605 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56b98b83138a32bc18b90afb94b16f4d8dd32c24cc06b0e5caad09c862ad8e2b Request headers Referer Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Screenshot-2021-03-08-234416.png ondexx.com/wp-content/uploads/2021/03/	216 KB 217 KB	185ms 185ms	Image image/png	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/03/Screenshot-2021-03-08-234416.png Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 908400519fa42964c72b4182456acf7e4e1c3126466b3d1c247d401b04b24513 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 09 Mar 2021 04:45:26 GMT server nginx etag "6046fd66-3617a" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 221562 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	dictionary-success-magnified-PXJEDEE.jpg ondexx.com/wp-content/uploads/2021/06/	5 MB 5 MB	212ms 211ms	Image image/jpeg	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/dictionary-success-magnified-PXJEDEE.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f63c397b823a0c16ff12c425b6b33ba288c1a7656ba9c68d019a01bcf54c2446 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 19 Jun 2021 00:07:40 GMT server nginx etag "60cd354c-500cd9" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 5246169 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg ondexx.com/wp-content/uploads/2020/06/	246 KB 246 KB	253ms 250ms	Image image/jpeg	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2020/06/portrait-of-business-team-posing-in-office-NLFAGE9-scaled.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash a59d5f74dc3410d33c91f7bf20c78bfde2fdb6c8e490d16d9289f218fce05737 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 06:18:28 GMT server nginx etag "5f6edd34-3d872" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 252018 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	high-five-27SLYDW.jpg ondexx.com/wp-content/uploads/2021/06/	23 MB 23 MB	721ms 719ms	Image image/jpeg	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2021/06/high-five-27SLYDW.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 14293a71a55ed97de24a979f463b49744fa1d25e2a459b9c5330024c6825a67c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT x-ac 2.hhn _atomic_ams last-modified Tue, 15 Jun 2021 07:12:09 GMT server nginx etag "60c852c9-1730fe6" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 24317926 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	vintage-red-clock.jpg ondexx.com/wp-content/uploads/2020/04/	164 KB 165 KB	254ms 252ms	Image image/jpeg	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/uploads/2020/04/vintage-red-clock.jpg Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 63bdeac35cbb3b234612fcbb6a3983ee916ad155f58f489397ddb3843d1a4f95 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 06:11:00 GMT server nginx etag "5f6edb74-291c8" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 168392 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	rwo-power.png ondexx.com/wp-content/themes/Ondexx/images/	8 KB 8 KB	190ms 188ms	Image image/png	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/rwo-power.png Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1661517183 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0ca853d2acc14c2fb7c88c0a9d87502691b0a12aba40532d074178a0ff754c68 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1661517183 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:50 GMT server nginx etag "5f6ed606-1f73" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 8051 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	Ondexx_master_White_buyline.svg ondexx.com/wp-content/themes/Ondexx/images/	11 KB 3 KB	190ms 189ms	Image image/svg+xml	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/images/Ondexx_master_White_buyline.svg Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1661517183 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 87332c922795402d5a79ca50a97c78da9c072ba141ccc38e6e734b5d1b0e5537 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/style.css?v=1661517183 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 26 Sep 2020 05:48:16 GMT server nginx etag W/"5f6ed620-2ca3" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800 date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	404	fa-solid-900.woff2 ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	487ms 486ms	Font text/html	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff2 Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4maayXTT6RV6BRl+HCUCUyTH5fYlzqLpIp16h9B7Aj5zdpy8TAHaedUusFrXy+jPTrgvVGqnVgWbyGnTgKf5TjhpFxGYIIhI9qvIQhXFCQby9V92693X944fk12RLNPAqd1UQMlIzk4zRZfLaPC2POCnlade2P81BrFHcJ4EKUh16o8Ik3AaOlKF3RKZOQywhyMuKFBzxhHNxKJQ4kiGVc7pc0Kpm/5LhQPKKjcXmNWP42jjKu/QIJqhY4QjkVUurj+bzHGjdZ1p7lAWMKz12mZux/HlYbYnWCZ/vkV6W1/R9/i23e+fX192293+G97BIfo= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4maayXTT6RV6BRl+HCUCUyTH5fYlzqLpIp16h9B7Aj5zdpy8TAHaedUusFrXy+jPTrgvVGqnVgWbyGnTgKf5TjhpFxGYIIhI9qvIQhXFCQby9V92693X944fk12RLNPAqd1UQMlIzk4zRZfLaPC2POCnlade2P81BrFHcJ4EKUh16o8Ik3AaOlKF3RKZOQywhyMuKFBzxhHNxKJQ4kiGVc7pc0Kpm/5LhQPKKjcXmNWP42jjKu/QIJqhY4QjkVUurj+bzHGjdZ1p7lAWMKz12mZux/HlYbYnWCZ/vkV6W1/R9/i23e+fX192293+G97BIfo= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Fri, 26 Aug 2022 12:33:04 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	7063729.js Show response js.hs-analytics.net/analytics/1661517300000/	63 KB 20 KB	212ms 165ms	Script text/javascript	2606:4700::6811:46b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1661517300000/7063729.js Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e00eca74474a17eedb4565eb454044e64b9797abb0df2f5212d0737f45424ce6 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding br cf-cache-status MISS x-amz-request-id HT9W1BS40YF5KM5N x-amz-server-side-encryption AES256 cf-ray 740c980289876997-FRA x-amz-id-2 N5KmR2XX1mpx/CHvdgeppEsSJvdXh/bFNl9vrC44RbCFtvoZ5T/QUWjnJfSvG6u9NfKP+ghxJkY= last-modified Tue, 23 Aug 2022 21:00:41 GMT server cloudflare etag W/"b681cc5c3b28341a71c096bfe0700825" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id null cache-control max-age=300, public access-control-allow-credentials false content-type text/javascript expires Fri, 26 Aug 2022 12:38:04 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 16 KB	138ms 90ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-480613323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15682 x-xss-protection 0 server cafe etag 14097944420163075165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 26 Aug 2022 12:33:04 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	29ms 22ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3-a.11&blog=172565319&post=3076&tz=-4&srv=ondexx.com&hp=atomic&ac=2&amp=0&host=ondexx.com&ref=&fcp=1124&rand=0.9449650032458825 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 26 Aug 2022 12:33:04 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H2	200	play-circle.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	607 B 403 B	36ms 35ms	Fetch image/svg+xml	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/play-circle.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1427373d63486672985cc1a4c61d7dfe81f4ec37919b6064ad202670b1001af6 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 04 Aug 2021 18:53:47 GMT server cloudflare age 57940 etag W/"610ae23b-25f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 740c98028ca89271-FRA
GET H2	200	phone-volume.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	1 KB 711 B	32ms 31ms	Fetch image/svg+xml	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/phone-volume.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fbcb0906cf302e36acad1d89ad92b8d2e6f36db432c3bca8cfcb51610d4c2a5 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 04 Aug 2021 18:53:47 GMT server cloudflare age 57940 etag W/"610ae23b-4a1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 740c98028caa9271-FRA
GET H2	200	at.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/	1 KB 729 B	39ms 39ms	Fetch image/svg+xml	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/at.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dc312dd10b9367e654099cd966f54c2405a64bc47f740b30a0fb2219809e445 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 04 Aug 2021 18:57:01 GMT server cloudflare age 57940 etag W/"610ae2fd-45a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 740c98028cab9271-FRA
GET H2	200	calendar-edit.svg Show response ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/	1 KB 646 B	34ms 34ms	Fetch image/svg+xml	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/calendar-edit.svg?token=f69857688e Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d0973c3031fef0c0b53d5fb0bc68e91c7f1d82c353235e6852b08618a57522b Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 04 Aug 2021 18:53:30 GMT server cloudflare age 57940 etag W/"610ae22a-520" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type image/svg+xml access-control-allow-origin * cache-control max-age=31556926 cf-ray 740c98028cac9271-FRA
GET H2	200	ajax-loader.gif ondexx.com/wp-content/themes/Ondexx/js/slick/	4 KB 4 KB	185ms 184ms	Image image/gif	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/ajax-loader.gif Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:48:02 GMT server nginx etag "5f6ed612-1052" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/gif access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 4178 expires Fri, 02 Sep 2022 12:33:04 GMT
GET H2	200	slick.woff ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/	1 KB 1 KB	184ms 184ms	Font application/font-woff	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/themes/Ondexx/js/slick/fonts/slick.woff Requested by Host: ondexx.com URL: https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/wp-content/themes/Ondexx/js/slick/slick-theme.css Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:04 GMT x-ac 2.hhn _atomic_ams last-modified Sat, 26 Sep 2020 05:47:54 GMT server nginx etag "5f6ed60a-564" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type application/font-woff access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 1380 expires Fri, 02 Sep 2022 12:33:04 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	74ms 29ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1666317600&t=pageview&_s=1&dl=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&ul=en-us&de=UTF-8&dt=Hero-Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=255001862&gjid=1278218816&cid=374667894.1661517184&tid=UA-XXXXX-Y&_gid=1699839033.1661517184&_r=1&z=1115563503 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ondexx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	70ms 29ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1666317600&t=pageview&_s=1&dl=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&ul=en-us&de=UTF-8&dt=Hero-Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAC~&jid=1996033782&gjid=2104036172&cid=374667894.1661517184&tid=UA-157050359-1&_gid=1699839033.1661517184&_r=1&gtm=2ou8o0&did=dZTNiMT&gdid=dZTNiMT&z=1290141614 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ondexx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 438 B	87ms 29ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-157050359-1&cid=374667894.1661517184&jid=1996033782&gjid=2104036172&_gid=1699839033.1661517184&_u=YGDACUABBAAAAC~&z=1209400454 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 26 Aug 2022 12:33:04 GMT content-type text/plain access-control-allow-origin https://ondexx.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/	2 KB 2 KB	89ms 35ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1661517184523&cv=9&fst=1661517184523&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&tiba=Hero-Campaign&auid=1735555189.1661517184&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 239e65b3a6a76a005f8c63d6709af7efdb64f1686647c26ad0e5e91c1fe17942 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:04 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1079 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	107ms 57ms	Image image/gif	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-157050359-1&cid=374667894.1661517184&jid=1996033782&_u=YGDACUABBAAAAC~&z=483055955 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	108ms 58ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-157050359-1&cid=374667894.1661517184&jid=1996033782&_u=YGDACUABBAAAAC~&z=483055955 Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	_csp player.vimeo.com/ Frame 39F2	0 1 KB	159ms 158ms	Other text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/_csp Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://player.vimeo.com/video/410832094?color=e31f26 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/csp-report Response headers Date Fri, 26 Aug 2022 12:33:04 GMT Via 1.1 varnish x-content-type-options nosniff CF-Cache-Status DYNAMIC X-Cache MISS p3p CP="This is not a P3P policy! See https://vimeo.com/privacy" x-host player-fc4db77c5-vgtmz Connection keep-alive Vary Accept-Encoding x-xss-protection 1; mode=block X-Served-By cache-fra19133-FRA X-Player-Backend p Server cloudflare X-Timer S1661517185.767775,VS0,VE123 x-backend-proxy playproxy2 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload Content-Type text/html; charset=UTF-8 expires Fri, 15 Dec 1985 19:30:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server player-fc4db77c5-vgtmz content-security-policy default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com Accept-Ranges bytes CF-RAY 740c9804ba9d925c-FRA X-Cache-Hits 0
GET H2	200	910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d.jpg i.vimeocdn.com/video/ Frame 39F2	1 KB 2 KB	85ms 21ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5c8efb76f3ee2b86931c4f8a0ce0c015e602100f5b99371deb9c7a108caf97b5 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 169547 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1495 viewmaster-server viewmaster-us-central1-9dqz x-served-by cache-dfw-kdfw8210028-DFW, cache-fra19135-FRA x-timer S1661517185.140157,VS0,VE1 etag da95d4c1f147a8aecbd47dad54f33c6d access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/4.9.4/js/ Frame 39F2	884 KB 208 KB	83ms 21ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.9.4/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3bf127617902e77d9707e6090f5ac8627a406d83cd0cf4ce4f46e7419e620a21 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 varnish, 1.1 varnish age 65360 x-served-by cache-iad-kcgs7200084-IAD, cache-fra19168-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1661517185.137494,VS0,VE0 content-length 212508 x-cache-hits 1, 8521
GET H2	200	player.css f.vimeocdn.com/p/4.9.4/css/ Frame 39F2	184 KB 19 KB	79ms 16ms	Stylesheet text/css	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.9.4/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 38afa8894daa43eb2f66ea74127a16f7cdc857033e8673acdac75d93ea7a2eb9 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 varnish, 1.1 varnish age 65361 x-served-by cache-iad-kcgs7200041-IAD, cache-fra19168-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1661517185.137089,VS0,VE0 content-length 19363 x-cache-hits 1, 32415
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame 39F2	2 KB 1 KB	102ms 40ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 varnish, 1.1 varnish age 501346 x-timer S1661517185.137479,VS0,VE0 x-served-by cache-iad-kiad7000173-IAD, cache-fra19168-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 997 x-cache-hits 1, 205500
GET H2	200	1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d.jpg i.vimeocdn.com/video/ Frame 79CB	1 KB 1 KB	83ms 21ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d04e732e137cc1b650a13c59ccd15af244c322827084b040835d3fdc4f3ad362 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2080392 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1183 viewmaster-server viewmaster-us-central1-q37q x-served-by cache-dfw-kdfw8210063-DFW, cache-fra19135-FRA x-timer S1661517185.140293,VS0,VE1 etag 4924f46843f2b4e7d32d1881ed59895c access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/4.9.4/js/ Frame 79CB	884 KB 208 KB	81ms 21ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.9.4/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3bf127617902e77d9707e6090f5ac8627a406d83cd0cf4ce4f46e7419e620a21 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 varnish, 1.1 varnish age 65360 x-served-by cache-iad-kcgs7200084-IAD, cache-fra19168-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1661517185.137460,VS0,VE0 content-length 212508 x-cache-hits 1, 8521
GET H2	200	player.css f.vimeocdn.com/p/4.9.4/css/ Frame 79CB	184 KB 19 KB	100ms 40ms	Stylesheet text/css	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/4.9.4/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 38afa8894daa43eb2f66ea74127a16f7cdc857033e8673acdac75d93ea7a2eb9 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 varnish, 1.1 varnish age 65361 x-served-by cache-iad-kcgs7200041-IAD, cache-fra19168-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type text/css access-control-allow-origin * content-encoding br cache-control max-age=1209600 accept-ranges bytes x-timer S1661517185.137515,VS0,VE0 content-length 19363 x-cache-hits 1, 32416
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame 79CB	2 KB 1 KB	100ms 40ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 varnish, 1.1 varnish age 501346 x-timer S1661517185.137457,VS0,VE0 x-served-by cache-iad-kiad7000173-IAD, cache-fra19168-FRA vary Accept-Encoding,x-http-method-override x-cache HIT, HIT content-type application/javascript content-encoding gzip cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * content-length 997 x-cache-hits 1, 205500
GET H2	404	fa-solid-900.woff ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	527ms 526ms	Font text/html	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.woff Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4maayXTT6RV6BRl+HCUCUyTH5fYlzqLpIp16h9B7Aj5zdpy8TAHaedUusFrXy+jPTrgvVGqnVgWbyGnTgKf5TjhpFxGYIIhI9qvIQhXFCQby9V92693X944fk12RLNPAqd1UQMlIzk4zRZfLaPC2POCnlade2P81BrFHcJ4EKUh16o8Ik3AaOlKF3RKZOQywhyMuKFBzxhHNxKJQ4kiGVc7pc0Kpm/5LhQPKKjcXmNWP42jjKu/QIJqhY4QjkVUurj+bzHGjdZ1p7lAWMKz12mZux/HlYbYnWCZ/vkV6W1/R9/i23e+fX192293+G97BIfo= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4maayXTT6RV6BRl+HCUCUyTH5fYlzqLpIp16h9B7Aj5zdpy8TAHaedUusFrXy+jPTrgvVGqnVgWbyGnTgKf5TjhpFxGYIIhI9qvIQhXFCQby9V92693X944fk12RLNPAqd1UQMlIzk4zRZfLaPC2POCnlade2P81BrFHcJ4EKUh16o8Ik3AaOlKF3RKZOQywhyMuKFBzxhHNxKJQ4kiGVc7pc0Kpm/5LhQPKKjcXmNWP42jjKu/QIJqhY4QjkVUurj+bzHGjdZ1p7lAWMKz12mZux/HlYbYnWCZ/vkV6W1/R9/i23e+fX192293+G97BIfo= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Fri, 26 Aug 2022 12:33:05 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/480613323/	42 B 64 B	83ms 34ms	Image image/gif	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/480613323/?random=1661517184523&cv=9&fst=1661515200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=2391484567&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/480613323/	42 B 64 B	78ms 33ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/480613323/?random=1661517184523&cv=9&fst=1661515200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=2391484567&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: ondexx.com URL: https://ondexx.com/hero-campaign/?utm_source=st-2022&utm_medium=email&utm_campaign=dr2&utm_content=text-link2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	vuid vimeo.com/ablincoln/ Frame 39F2	0 994 B	233ms 167ms	Ping text/plain	162.159.128.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/ablincoln/vuid?pid=61864cff11e382bd214f9a574ee0883995e27dfb1661517184 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 26 Aug 2022 12:33:05 GMT Via 1.1 varnish, 1.1 varnish x-content-type-options nosniff CF-Cache-Status DYNAMIC content-security-policy-report-only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS Connection keep-alive Vary User-Agent x-xss-protection 1; mode=block X-Served-By cache-iad-kcgs7200051-IAD, cache-fra19145-FRA x-vimeo-device d Server cloudflare X-Timer S1661517185.279952,VS0,VE125 x-frame-options sameorigin x-backend-proxy webproxy6 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload expires Fri, 26 Aug 2022 00:33:05 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-bapp-server pweb-8d4f8c5dd-s7mtn x-ua-compatible IE=edge Accept-Ranges bytes CF-RAY 740c9807eda99054-FRA X-Cache-Hits 0, 0
GET H2	200	441516.png i.vimeocdn.com/player/ Frame 39F2	2 KB 2 KB	26ms 26ms	Image image/png	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/player/441516.png?mw=100&mh=100 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ea87e8ba6aa7c23610322ef8f6c629570aeb35c190465dd38735e8853459b2ac Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 838341 x-viewmaster-lossless-format lossless x-cache miss, HIT, HIT x-backend-server varnish content-length 2123 viewmaster-server viewmaster-us-central1-8qdh x-served-by cache-dfw-kdfw8210046-DFW, cache-fra19135-FRA x-timer S1661517185.294172,VS0,VE1 etag 76b0963a70b6616c2fbe89fb95910c2f access-control-max-age 86400 content-type image/png access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
POST H2	200	player-test-impression fresnel.vimeocdn.com/add/ Frame 39F2	0 40 B	178ms 123ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.9.4/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d i.vimeocdn.com/video/ Frame 39F2	72 KB 72 KB	158ms 158ms	Image image/avif	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/910942679-e9525de7c622d0ba55da7efd42b7240ee6e07cd26677c2cea0f2f0fcf3a5244e-d Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7ff317e15400cb002f7fda77e9a21e2e9a4b9021aa604690c1b4475bc4ac10ce Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 262082 x-viewmaster-lossless-format automatic x-cache miss, HIT, MISS access-control-max-age 86400 x-backend-server varnish content-length 73455 viewmaster-server viewmaster-us-central1-chpx x-served-by cache-dfw-kdfw8210042-DFW, cache-fra19135-FRA x-timer S1661517185.319530,VS0,VE135 etag ade9f8b1cc4d755e7e91967fb7e35dbc vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 0
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame 39F2	0 40 B	199ms 152ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=61864cff11e382bd214f9a574ee0883995e27dfb1661517184 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.9.4/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	200	player-test-impression fresnel.vimeocdn.com/add/ Frame 79CB	0 142 B	127ms 123ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.9.4/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d i.vimeocdn.com/video/ Frame 79CB	24 KB 25 KB	166ms 165ms	Image image/avif	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1166738769-2b59ccd88ac24a641f18be651dd0c59573e507c9540dd1de3230d7384baa2349-d Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/564404923?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0402a5997fbbbc6c47f9058c2be569b580f1269c7a327776ec15df2239ea2861 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2056721 x-viewmaster-lossless-format automatic x-cache miss, HIT, MISS access-control-max-age 86400 x-backend-server varnish content-length 24964 viewmaster-server viewmaster-us-central1-841b x-served-by cache-dfw-kdfw8210070-DFW, cache-fra19135-FRA x-timer S1661517185.367062,VS0,VE121 etag a5db37c2246b9d8da430fd2d6565854c vary Accept content-type image/avif access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 0
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame 79CB	0 40 B	288ms 287ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=3a4efe1b08666a79cf06ff1cb596814abd7f3d481661517184 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.9.4/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Fri, 26 Aug 2022 12:33:05 GMT via 1.1 google access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	38866357_60x60.jpg i.vimeocdn.com/portrait/ Frame 39F2	2 KB 2 KB	30ms 30ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/portrait/38866357_60x60.jpg Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/410832094?color=e31f26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c76df176e902e72c31b191cb8aab908e57e469cd78dddd34905ea96070cd5a49 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2087959 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1923 viewmaster-server viewmaster-us-central1-6drx x-served-by cache-dfw-kdfw8210102-DFW, cache-fra19135-FRA x-timer S1661517186.568374,VS0,VE4 etag 2469d76f6c89f333cda421c3ae39d20f access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 71, 1
GET H2	200	38866357_60x60.jpg i.vimeocdn.com/portrait/ Frame 79CB	2 KB 2 KB	269ms 268ms	Image image/jpeg	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/portrait/38866357_60x60.jpg Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/4.9.4/js/player.de-DE.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c76df176e902e72c31b191cb8aab908e57e469cd78dddd34905ea96070cd5a49 Request headers accept-language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:05 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 2087959 x-viewmaster-lossless-format lossy x-cache miss, HIT, HIT x-backend-server varnish content-length 1923 viewmaster-server viewmaster-us-central1-6drx x-served-by cache-dfw-kdfw8210102-DFW, cache-fra19135-FRA x-timer S1661517186.818061,VS0,VE0 etag 2469d76f6c89f333cda421c3ae39d20f access-control-max-age 86400 content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Viewmaster-Status cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 71, 2
GET H2	404	fa-solid-900.ttf ondexx.com/wp-content/plugins/everest-timeline/webfonts/	0 0	815ms 814ms	Font text/html	192.0.78.251 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://ondexx.com/wp-content/plugins/everest-timeline/webfonts/fa-solid-900.ttf Requested by Host: ondexx.com URL: https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4maayXTT6RV6BRl+HCUCUyTH5fYlzqLpIp16h9B7Aj5zdpy8TAHaedUusFrXy+jPTrgvVGqnVgWbyGnTgKf5TjhpFxGYIIhI9qvIQhXFCQby9V92693X944fk12RLNPAqd1UQMlIzk4zRZfLaPC2POCnlade2P81BrFHcJ4EKUh16o8Ik3AaOlKF3RKZOQywhyMuKFBzxhHNxKJQ4kiGVc7pc0Kpm/5LhQPKKjcXmNWP42jjKu/QIJqhY4QjkVUurj+bzHGjdZ1p7lAWMKz12mZux/HlYbYnWCZ/vkV6W1/R9/i23e+fX192293+G97BIfo= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.251 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ondexx.com/_static/??-eJyVkUFywyAMRS9U4maayXTT6RV6BRl+HCUCUyTH5fYlzqLpIp16h9B7Aj5zdpy8TAHaedUusFrXy+jPTrgvVGqnVgWbyGnTgKf5TjhpFxGYIIhI9qvIQhXFCQby9V92693X944fk12RLNPAqd1UQMlIzk4zRZfLaPC2POCnlade2P81BrFHcJ4EKUh16o8Ik3AaOlKF3RKZOQywhyMuKFBzxhHNxKJQ4kiGVc7pc0Kpm/5LhQPKKjcXmNWP42jjKu/QIJqhY4QjkVUurj+bzHGjdZ1p7lAWMKz12mZux/HlYbYnWCZ/vkV6W1/R9/i23e+fX192293+G97BIfo= Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. strict-transport-security max-age=31536000 content-encoding br server nginx date Fri, 26 Aug 2022 12:33:06 GMT vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://ondexx.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-ac 2.hhn _atomic_ams host-header WordPress.com link <https://ondexx.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	7063729.js Show response js-na1.hs-scripts.com/	2 KB 972 B	205ms 154ms	Script application/javascript	2606:4700::6811:d3cc
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/7063729.js Requested by Host: js.hs-analytics.net URL: https://js.hs-analytics.net/analytics/1661517300000/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d3cc -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 0625b677f3d993fb6d642e130e5f5c92d6992e7fc21e2be021126b1005e5efcf Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 25 Aug 2022 20:27:40 GMT server cloudflare x-hubspot-correlation-id a332b2e1-d307-45d5-a91d-2a42ba6066ab x-trace 2B196D17049221A9B1BBAB5D0A8E48EFAF08A6015A000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://ondexx.com access-control-max-age 3600 cache-control public, max-age=30 access-control-allow-credentials true cf-ray 740c9810eb1a690f-FRA
GET H2	200	__ptq.gif track.hubspot.com/	45 B 962 B	190ms 147ms	Image image/gif	2606:4700::6813:9a53
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=7063729&rcu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F&pu=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&t=Hero-Campaign&cts=1661517186641&vi=94787d24c44f098ed0bd9d4a32162477&nc=true&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:06 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id e9b186d1-7825-4433-a071-d529b804f457 cf-ray 740c9810dc17bbbb-FRA p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3pwe4l9Ju3LFGIBdzfhrSxV%2FwuVCc72hmLtZOkmTwJjLb9jpY7biQhvHqqrDPO4j9ofSDFlfekHBIoDXgIpgNjLHxQMEabDhE13qWs8D2p%2FXD%2BjRB5pYX95pGHnpe5p%2FAE9nQt5ym6YkySdwBKO"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none
GET H2	200	fb.js Show response js.hsadspixel.net/	5 KB 3 KB	183ms 28ms	Script application/javascript	2606:4700::6811:70b0
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:70b0 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash ea2ffede896a8727d9691452b1314e64ac7d2932896e89920599392ba33dd6f1 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:07 GMT via 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront) cf-cache-status HIT age 273 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.290/bundles/pixels-release.js&cfRay=740c91696e829954-IAD x-cache Hit from cloudfront cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod content-type application/javascript; charset=utf-8 x-amz-replication-status COMPLETED content-encoding br last-modified Wed, 10 Aug 2022 01:59:54 UTC server cloudflare etag W/"4f0b2f5f5adcb58be2f46e95ab35e280" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id .CBGOpqVu8zaE1sKV5DacDTNZHwT9f6j cache-control max-age=600 x-hs-cache-status HIT x-amz-cf-pop IAD89-P1 cf-ray 740c9813fe07696f-FRA x-amz-cf-id 29a2iwTON_uCBr_7SW6F6sjG4H59K5uUIEmhQfQWcMjRzn8VkJnVtw== x-hs-target-asset adsscriptloaderstatic/static-1.290/bundles/pixels-release.js
GET H2	200	7063729.js Show response js.hs-banner.com/	60 KB 16 KB	542ms 387ms	Script text/javascript	2606:4700:4400::6812:21ab
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/7063729.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21ab -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 20635b8b608a8e2431071a91a03fcae49f7f19e2abe0eaf9428398a12c9bb458 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:07 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id F612GQT1NR2BPTB7 x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-id-2 2ADUb2TPVTuY8hCeyP6MVEZfdN8eC1ZSRnEOPR4WjtjXgPYudU0MvepZx7SeJXjYyJWTIuYXg7Y= timing-allow-origin * last-modified Tue, 23 Aug 2022 21:47:21 GMT server cloudflare etag W/"7896ec98f7da127ec36a4354ccf713a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id kWVMCw7BF01Z2Y.usG0.XhRmHGbP3rRb access-control-allow-origin https://ondexx.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 740c9813fb489231-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Fri, 26 Aug 2022 12:38:07 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	72 KB 25 KB	298ms 144ms	Script application/javascript	2606:4700::6811:7fab
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/7063729.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:7fab -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088 Request headers Referer https://ondexx.com/ Origin https://ondexx.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:07 GMT via 1.1 a7a1b4c19abc42d237405ce4c4069f10.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-cf-pop IAD89-P1 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=740c9813fff49170-IAD x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod access-control-max-age 3000 x-amz-replication-status COMPLETED content-encoding br cf-ray 740c9813fff49170-FRA last-modified Mon, 18 Jul 2022 02:17:32 UTC server cloudflare etag W/"877e5f54a66a69786dec54038d0864c4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET x-amz-version-id gdKWpz_yvObw8s97wY_QgOhrdmJzIElp access-control-allow-origin * cache-control s-maxage=86400, max-age=0 x-hs-cache-status MISS content-type application/javascript; charset=utf-8 x-amz-cf-id aBi5oiIZ4iQKAYRBKFpRXs6dtoF8BAmQ6hJoe5VN3SukKlwfBBKjjQ== x-hs-target-asset collected-forms-embed-js/static-1.285/bundles/project.js
GET H2	200	json Show response forms.hubspot.com/collected-forms/v1/config/	115 B 1 KB	212ms 163ms	XHR application/json	2606:4700::6813:9a53
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7063729&utk=94787d24c44f098ed0bd9d4a32162477 Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b840b22a40dde046cd42876a5f9477b01cade9c7c19b791d5eef75a702f5b24c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://ondexx.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:07 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 8324ffa0-f923-40ec-a776-7adc0bb0bd81 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHhRcidMatYe1B8JUvLfGfwzESKRSbHAgVtSf5rNMXn3NIxHVWwHYwTcN%2BSuKJAUb1vxFBPoJFzqm%2FK5HRPULeQ4Qc1gMEYMnMMN9skWYQ5dQkppLQwP82X8p9yXrxFQd8t9mdAgxyl8Vf0NEz3L"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://ondexx.com x-robots-tag none access-control-allow-credentials false cf-ray 740c98155e839c04-FRA access-control-allow-headers *
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixel/	132 B 936 B	191ms 144ms	XHR application/json	2606:4700::6811:cccc
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7063729 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:cccc -, , ASN (), Reverse DNS Software cloudflare / Resource Hash f66ee1414f2b6711e5ce530849b42196e752ab6a93cf2193d422b289567625c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:07 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id da7188a5-b64f-4237-a8a7-4119f8018c0b access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-trace 2B148B14FA2E9AD1F2FBB72116464F5C71C74C6E2A000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZSd%2B9XDuUYVA%2BS9KVyYoYBzQrghzMQvo2N608z8h8KZ2Vns4jNgQOdAZ3g%2F2MuY6niSdnkHrc64UXfP0egRP4MAx8xwN1%2B5Nfc7MUv678gVmLha8TzddHEg%2BIDxkAE%2BiLlN4daOyzUojnhs"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://ondexx.com access-control-allow-credentials false cf-ray 740c9816bce59225-FRA access-control-allow-headers *
GET H3	200	js Show response www.googletagmanager.com/gtag/	114 KB 45 KB	31ms 31ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-480613323 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c7cf422dde02d472b73ea9091b25386f99a74eb66681273c349ab33b9550adf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:07 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45668 x-xss-protection 0 last-modified Fri, 26 Aug 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Aug 2022 12:33:07 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/	2 KB 1 KB	117ms 72ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480613323/?random=1661517187773&cv=9&fst=1661517187773&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&tiba=Hero-Campaign&auid=1735555189.1661517184&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef8fecea61281ad5866435384fc2e6db6f39a45988cdf3a9d601bb3ab82837ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:07 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1078 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	72ms 20ms	Script application/x-javascript	2a02:26f0:3500:16::215:149b
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b -, , ASN (), Reverse DNS Software / Resource Hash b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:07 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 20:23:36 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=72526 accept-ranges bytes content-length 3063
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3828668%26time%3D1661517187849%26url%3Dhttps%253A%252F%252Fondexx.com%252Fhero-ca... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm...	0 264 B	389ms 214ms	Image application/javascript	13.107.43.14
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&liSync=true&e_ipv6=AQKH-J1XtpzLWAAAAYLaJE150NNlz7g9ql8wRuLzwob28WUy-OvgaG1zqMUKGlx0Vke5BstIdV3Ejg Protocol H2 Server 13.107.43.14 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 26 Aug 2022 12:33:08 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: FCF922F608664A68AD504EC38AAAE887 Ref B: VIEEDGE2211 Ref C: 2022-08-26T12:33:08Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXnJB3Ucm18fwCvEIw06A== x-li-fabric prod-lor1 Redirect headers date Fri, 26 Aug 2022 12:33:07 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: C718C0AAEBDF4C4B8909DE8C12755BFC Ref B: VIEEDGE2206 Ref C: 2022-08-26T12:33:08Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3828668&time=1661517187849&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&liSync=true&e_ipv6=AQKH-J1XtpzLWAAAAYLaJE150NNlz7g9ql8wRuLzwob28WUy-OvgaG1zqMUKGlx0Vke5BstIdV3Ejg x-li-proto http/2 content-length 0 x-li-uuid AAXnJB3Odxk0P6pokyMoRw==
GET H3	200	/ www.google.com/pagead/1p-user-list/480613323/	42 B 64 B	34ms 34ms	Image image/gif	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/480613323/?random=1661517187773&cv=9&fst=1661515200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=1022195055&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/480613323/	42 B 64 B	45ms 45ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/480613323/?random=1661517187773&cv=9&fst=1661515200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fondexx.com%2Fhero-campaign%2F%3Futm_source%3Dst-2022%26utm_medium%3Demail%26utm_campaign%3Ddr2%26utm_content%3Dtext-link2&tiba=Hero-Campaign&async=1&fmt=3&is_vtc=1&random=1022195055&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 26 Aug 2022 12:33:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	boom.gif pixel.wp.com/	0 37 B	22ms 22ms	Image text/plain	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.003&largest_contentful_paint=1868&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=ondexx.com&url_path=%2Fhero-campaign%2F&nt_fetchStart=0&nt_domainLookupStart=2&nt_domainLookupEnd=10&nt_connectStart=10&nt_connectEnd=54&nt_secureConnectionStart=29&nt_requestStart=54&nt_responseStart=541&nt_responseEnd=559&nt_domLoading=544&nt_domInteractive=1153&nt_domContentLoadedEventStart=1187&nt_domContentLoadedEventEnd=1196&nt_domComplete=3437&nt_loadEventStart=3437&nt_loadEventEnd=3443&nt_redirectCount=0&nt_api_level=2&start_render=1124&first_contentful_paint=1124&resource_size=1535497&resource_transferred=301145&js_size=482935&js_transferred=137551&resource_cache_percent=0&js_cache_percent=0&last_resource_end=5768 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ondexx.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 26 Aug 2022 12:33:11 GMT cache-control no-cache server nginx