operations.daxko.com Open in urlscan Pro
2606:4700::6812:1f9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ibit.ly/Buda1
Effective URL:
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_...
Submission: On August 29 via manual (August 29th 2023, 5:21:44 pm UTC) from IN — Scanned from DE

Summary HTTP 67 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 21 domains to perform 67 HTTP transactions. The main IP is 2606:4700::6812:1f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is operations.daxko.com. The Cisco Umbrella rank of the primary domain is 128560.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 16th 2022. Valid for: a year.

This is the only time operations.daxko.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	168.220.91.95 168.220.91.95	40509 (FLY) (FLY)
3 23	2606:4700::68... 2606:4700::6812:1f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:cb16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	13.32.121.100 13.32.121.100	16509 (AMAZON-02) (AMAZON-02)
5	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.60 108.138.7.60	16509 (AMAZON-02) (AMAZON-02)
67	15

2 168.220.91.95 (United States) 2 redirects

ASN40509 (FLY, US)

ibit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:1f9 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

operations.daxko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cb16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.100 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-100.fra60.r.cloudfront.net

www.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

static.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
daxkomarketing.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-60.fra56.r.cloudfront.net

cdn.signalfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	daxko.com 3 redirects operations.daxko.com — Cisco Umbrella Rank: 128560	1 MB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	23 KB
6	wufoo.com 1 redirects www.wufoo.com — Cisco Umbrella Rank: 100280 static.wufoo.com — Cisco Umbrella Rank: 36677 daxkomarketing.wufoo.com — Cisco Umbrella Rank: 303430	283 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3101 www.google.com — Cisco Umbrella Rank: 2	935 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	455 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	90 KB
2	ibit.ly 2 redirects ibit.ly	1 KB
1	signalfx.com cdn.signalfx.com — Cisco Umbrella Rank: 14101	38 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 1951	29 KB
1	instana.io eum.instana.io — Cisco Umbrella Rank: 7070	10 KB
0	google.de Failed www.google.de Failed
0	adnxs.com Failed secure.adnxs.com Failed
0	sc-static.net Failed sc-static.net Failed
0	bing.com Failed bat.bing.com Failed
0	tiktok.com Failed analytics.tiktok.com Failed
0	serving-sys.com Failed secure-ds.serving-sys.com Failed
0	adsrvr.org Failed js.adsrvr.org Failed
0	ads-twitter.com Failed static.ads-twitter.com Failed
0	licdn.com Failed snap.licdn.com Failed
67	21

	Domain	Requested by
23	operations.daxko.com	3 redirects operations.daxko.com ajax.aspnetcdn.com
5	www.google-analytics.com	operations.daxko.com www.google-analytics.com
5	www.googletagmanager.com	operations.daxko.com www.googletagmanager.com www.google-analytics.com
3	static.wufoo.com	operations.daxko.com daxkomarketing.wufoo.com
3	www.google.com	operations.daxko.com
3	region1.google-analytics.com	www.googletagmanager.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	daxkomarketing.wufoo.com	www.wufoo.com daxkomarketing.wufoo.com
2	www.facebook.com	operations.daxko.com
2	region1.analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	operations.daxko.com connect.facebook.net
2	ibit.ly	2 redirects
1	cdn.signalfx.com	daxkomarketing.wufoo.com
1	www.wufoo.com	1 redirects
1	ajax.aspnetcdn.com	operations.daxko.com
1	eum.instana.io	operations.daxko.com
0	www.google.de Failed	operations.daxko.com
0	secure.adnxs.com Failed	operations.daxko.com
0	sc-static.net Failed	operations.daxko.com
0	bat.bing.com Failed	operations.daxko.com
0	analytics.tiktok.com Failed	operations.daxko.com
0	secure-ds.serving-sys.com Failed	operations.daxko.com
0	js.adsrvr.org Failed	www.googletagmanager.com
0	static.ads-twitter.com Failed	operations.daxko.com
0	snap.licdn.com Failed	www.googletagmanager.com
67	26

This site contains links to these domains. Also see Links.

Domain
maps.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-16` - `2023-11-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
wufoo.co.uk Amazon RSA 2048 M01	`2023-07-13` - `2024-08-11`	a year	crt.sh
*.signalfx.com Go Daddy Secure Certificate Authority - G2	`2022-11-09` - `2023-12-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
Frame ID: 06B15384B00E47A032388EFB17E83AAA
Requests: 62 HTTP requests in this frame

Frame: https://daxkomarketing.wufoo.com/embed/z17nfj7w1ps3yd9?embedKey=z17nfj7w1ps3yd9777158&entsource=&referrer=&Field11=2021&Field12=/Online/2021/ProgramsV2/OfferingDetails.mvc&Field13=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.110%20Safari/537.36&Field16=hdc_prod&
Frame ID: D6003E657BBFDFA2E054991C6249D8F7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offering Detailsbarcodebasketballcalendarcartchange-statuscheckchevron-downchevron-leftchevron-rightchevron-upcircle-xclockdaxkoedit-personemailfacebookgeargiveglobehearthistoryhouselocklogoutmeatball-menumegaphonepaper-airplanepen-invertedpenpeopleperson-cardphonepinprinterprofilequestion-marksearchtrashtwitteruploadusers-groupversion

Page URL History Show full URLs

http://ibit.ly/Buda1 HTTP 308
https://ibit.ly/Buda1 HTTP 302
https://operations.daxko.com/programs/redirector.aspx?cid=2021&pid=117964&sid=3031662 HTTP 302
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=... HTTP 302
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingLocations.mvc?program_id=TMP117964&offering_i... HTTP 302
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

81 %
HTTPS

69 %
IPv6

21
Domains

26
Subdomains

15
IPs

3
Countries

2278 kB
Transfer

4224 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://maps.google.com/?q=The%20Y%20at%20Camp%20Moody%201220%20Old%20San%20Antonio%20Rd%2078610
Title: View Map

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ibit.ly/Buda1 HTTP 308
https://ibit.ly/Buda1 HTTP 302
https://operations.daxko.com/programs/redirector.aspx?cid=2021&pid=117964&sid=3031662 HTTP 302
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662& HTTP 302
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingLocations.mvc?program_id=TMP117964&offering_id=SES3031662 HTTP 302
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://www.wufoo.com/scripts/embed/form.js HTTP 301
https://static.wufoo.com/scripts/embed/form.js

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request OfferingDetails.mvc Show response
operations.daxko.com/Online/2021/ProgramsV2/
Redirect Chain

http://ibit.ly/Buda1
https://ibit.ly/Buda1
https://operations.daxko.com/programs/redirector.aspx?cid=2021&pid=117964&sid=3031662
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingLocations.mvc?program_id=TMP117964&offering_id=SES3031662
https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

51 KB
14 KB

312ms
312ms

Document
text/html

2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4d3052999aa5c817c502f46c4a629859329aeafb6e8a8eb22d896cbf41f804ed

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors http://www.austinymca.org https://www.austinymca.org http://austinymca.org https://austinymca.org http://austy.829-devl3.com https://austy.829-devl3.com http://www.austy.829-devl3.com https://www.austy.829-devl3.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7fe678b36bcf040c-FRA
content-encoding: gzip
content-security-policy: frame-ancestors http://www.austinymca.org https://www.austinymca.org http://austinymca.org https://austinymca.org http://austy.829-devl3.com https://austy.829-devl3.com http://www.austy.829-devl3.com https://www.austy.829-devl3.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-type: text/html; charset=iso-8859-1
date: Tue, 29 Aug 2023 17:21:38 GMT
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-dax-clientid: 2021
x-dax-username: Online
x-ops-instance: blue
x-powered-by: ASP.NET

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7fe678b20918040c-FRA
content-security-policy: frame-ancestors http://www.austinymca.org https://www.austinymca.org http://austinymca.org https://austinymca.org http://austy.829-devl3.com https://austy.829-devl3.com http://www.austy.829-devl3.com https://www.austy.829-devl3.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-type: text/html; charset=iso-8859-1
date: Tue, 29 Aug 2023 17:21:37 GMT
location: /Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-dax-clientid: 2021
x-dax-username: Online
x-ops-instance: blue
x-powered-by: ASP.NET

GET
H2 200 fontawesome.min.cc318c.css
operations.daxko.com/Online/assets/fontawesome/css/ 171 KB
45 KB 19ms
16ms Stylesheet
text/css 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/fontawesome/css/fontawesome.min.cc318c.css

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a3eeec63f63abe67e21f8dd5c5ab93523f1b12dd56fc790e624b6c36a3563afe

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 6604
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 45876
x-ops-instance: blue
last-modified: Thu, 02 Mar 2023 21:35:27 GMT
server: cloudflare
etag: "daf1fee74e4dd91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f7c040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 regular.min.4f79e7.css
operations.daxko.com/Online/assets/fontawesome/css/ 568 B
435 B 32ms
29ms Stylesheet
text/css 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/fontawesome/css/regular.min.4f79e7.css

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

728f5fb229024fc0d453dfa1039c81ebb8ed600aac7ecad2dfdece986b43a346

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 282
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 365
x-ops-instance: blue
last-modified: Thu, 02 Mar 2023 21:35:27 GMT
server: cloudflare
etag: "daf1fee74e4dd91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f83040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 main.min.59a50e.css
operations.daxko.com/Online/assets/css/ 404 KB
96 KB 23ms
20ms Stylesheet
text/css 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/css/main.min.59a50e.css

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf203c23de8ad0c5151ca1ae2feb6b032d10891bd61eb1b494d2c72e45844aa2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 282
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 98476
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:50 GMT
server: cloudflare
etag: "ed359a5788dad91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f85040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 modals.min.ae65ac.css
operations.daxko.com/Online/assets/css/ 2 KB
1 KB 28ms
25ms Stylesheet
text/css 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/css/modals.min.ae65ac.css

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fb09d65f99c22334ac02750d6213d6490cd2140a9137fe289ae08cbf5d3fd45b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 6150
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 1054
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:50 GMT
server: cloudflare
etag: "ed359a5788dad91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f87040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
94 KB 70ms
46ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-88DQE4DC1H

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6802b673eff629054aa143c8589ac4cc9bc505a04ec8c54a9d8c3840fd01f675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:21:38 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ 26 KB
10 KB 64ms
15ms Script
application/javascript 2606:4700::6810:cb16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04857d263d127bca083f9036ffcb2c030cd12b943cf4cde1a71daf4da22fcdde

Request headers

Referer: https://operations.daxko.com/
Origin: https://operations.daxko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 1 Jan 1970 00:00:01 GMT
server: cloudflare
age: 5253
etag: 937898923--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *
cf-ray: 7fe678b63f6a4d56-FRA

GET
H2 200 default.css
operations.daxko.com/online/assets/stylesheets/themes/ 1 KB
770 B 722ms
719ms Stylesheet
text/css 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/online/assets/stylesheets/themes/default.css?v=638289000765567941

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c23836c2e8bd4d7c0ee2edaf950f35a786848abf318f159941d1035ad08d017c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-dax-clientid: 0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 649
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:49 GMT
server: cloudflare
etag: "f91ed25688dad91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f88040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 survey.min.4af6ea.css
operations.daxko.com/Online/assets/css/ 478 B
632 B 22ms
20ms Stylesheet
text/css 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/css/survey.min.4af6ea.css

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

307da7f600c1478fed93c0af017c38634c9c7ca4940fb5a3626493d5cf03e32d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 5334
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 386
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:50 GMT
server: cloudflare
etag: "17a2ac5788dad91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f89040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 email-decode.min.js Show response
operations.daxko.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
830 B 12ms
10ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
etag: W/"64e60500-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fe678b56f8b040c-FRA
expires: Thu, 31 Aug 2023 17:21:38 GMT

GET
H2 200 jquery-2.1.3.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 82 KB
29 KB 60ms
8ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFD) /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30131145
x-cache: HIT
content-length: 29585
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:11:05 GMT
server: ECAcc (frc/4CFD)
etag: "808a18ecc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 event-tracking.min.e73d6a.js Show response
operations.daxko.com/Online/assets/js/ 6 KB
2 KB 26ms
24ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/js/event-tracking.min.e73d6a.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6119e5759c5acc7676d0a4e949d7caca54f389188667a2566141190f17ed28be

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 279
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 2066
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:54 GMT
server: cloudflare
etag: "f585225a88dad91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f8c040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 hammer.min.6dc4f3.js Show response
operations.daxko.com/Online/javascript/ 20 KB
9 KB 21ms
19ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/javascript/hammer.min.6dc4f3.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

86190e5e8be7fbfc1aabf3edbb7cf7c0366361c35e6f326330ca74a1914d12f7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 6384
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 9199
x-ops-instance: blue
last-modified: Thu, 02 Mar 2023 21:35:28 GMT
server: cloudflare
etag: "67c01fe84e4dd91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f8e040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 jquery.hammer.fc9092.js Show response
operations.daxko.com/Online/javascript/ 1021 B
579 B 27ms
24ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/javascript/jquery.hammer.fc9092.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

80506d24fc094582fd61e8ff0dc8906b74a4002f40c7c7cb4c2f4d3b36a2a89b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 5333
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 505
x-ops-instance: blue
last-modified: Thu, 02 Mar 2023 21:35:28 GMT
server: cloudflare
etag: "67c01fe84e4dd91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f90040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 svg4everybody.min.01b0db.js Show response
operations.daxko.com/Online/assets/js/ 1 KB
1 KB 49ms
47ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/js/svg4everybody.min.01b0db.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c2bd0d0490a71ba1ebe7201ca958998ad86f745e35d426c4c48ba2ee3f127812

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 3248
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 993
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:55 GMT
server: cloudflare
etag: "c592895a88dad91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f92040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 main.min.9d3f6a.js Show response
operations.daxko.com/Online/assets/js/ 1 KB
752 B 27ms
25ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/js/main.min.9d3f6a.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

85b5e64098381c20c50bbc312253937315330c038f166aa2e7ffc3c8a8bdc789

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 280
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 663
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:55 GMT
server: cloudflare
etag: "8389715a88dad91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f95040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 modal.min.eb58a5.js Show response
operations.daxko.com/Online/assets/js/ 2 KB
932 B 27ms
25ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/js/modal.min.eb58a5.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b1ba82970aa063865abed9c189d656381e0684d474bbbe961644125e8517b898

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 5323
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 802
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:55 GMT
server: cloudflare
etag: "97ec735a88dad91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f97040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 offering_details.min.11eddf.js Show response
operations.daxko.com/Online/assets/js/area/OnlineProgramsV2/ 2 KB
1 KB 761ms
759ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/js/area/OnlineProgramsV2/offering_details.min.11eddf.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e4d1f48b1b2a85a0407fb950cb85ad68085ae7af221f5f269562b208b4d65630

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: EXPIRED
x-dax-clientid: 0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 1078
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:54 GMT
server: cloudflare
etag: "2a57bd5988dad91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f99040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 dropdown.min.f381f8.js Show response
operations.daxko.com/Online/assets/js/area/OnlineProgramsV2/ 2 KB
1 KB 29ms
27ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/js/area/OnlineProgramsV2/dropdown.min.f381f8.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a7542ff187686b74e3b622ddbb75ae2e0f01833a7453bfc88d3447622a494244

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 280
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 1320
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:53 GMT
server: cloudflare
etag: "bb3ba5988dad91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f9a040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 header_banner.min.6ec130.js Show response
operations.daxko.com/Online/assets/js/area/Header/ 1 KB
1 KB 49ms
47ms Script
application/javascript 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/js/area/Header/header_banner.min.6ec130.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

178703061b091c0ab76889052a28aa921e22e566eabca46dd1c1d76a6deeece2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 5172
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 491
x-ops-instance: blue
last-modified: Tue, 29 Aug 2023 14:51:53 GMT
server: cloudflare
etag: "806a6f5988dad91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b56f9c040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Aug 2023 15:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5835
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 29 Aug 2023 17:44:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 29 Aug 2023 17:21:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: xEwUfNymezJDFmBFSBwK+O6tMBDL3vfQen+eq+1qKkdzq35Q5auczzTPq8ctdDWTU1U9KiG3iU0u2L/TlYxB6A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
94 KB 55ms
32ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXDRKTV

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f336b1769c6bf53fc40e1d87cae6ee7ffd8d7c618e29c2c6cecbc6bb88f89a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95832
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 17:21:38 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
962 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 29 Aug 2023 17:59:36 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:26:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 29 Aug 2023 17:26:04 GMT

GET
H2 200 898365510319862 Show response
connect.facebook.net/signals/config/ 149 KB
39 KB 146ms
145ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/898365510319862?v=2.9.125&r=stable&domain=operations.daxko.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a2fa1281d5bd275c235ab2fe7fea2b3da0ec807bcb86c2a3a5fa0f30ad9b6ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 29 Aug 2023 17:21:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: tEyNp+hJEzh3Xg4YlCL4T2ilMoL/DrRcrvMtJFXLFkyFeEXE6ol0Ov6D08Do+tLkIyXt/GtRxv4q+8vJEUNlCQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2123164867&t=pageview&_s=1&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&ul=en-us&de=windows-1252&dt=Offering%20Details&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEIbAAAAACAAY~&jid=650789694&gjid=1261076374&cid=1676257246.1693329698&tid=UA-29163973-1&_gid=2088766275.1693329698&_r=1&_slc=1&z=1246046846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b852691335b42afc85f45a5fdbe0b03bf6f79c7e5a155fec3573c184a0212fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://operations.daxko.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2123164867&t=pageview&_s=1&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&ul=en-us&de=windows-1252&dt=Offering%20Details&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEIbBAAAACAMY~&jid=1924389237&gjid=1952603954&cid=1676257246.1693329698&tid=UA-20923344-1&_gid=2088766275.1693329698&_r=1&_slc=1&z=877208851

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://operations.daxko.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/985949215/ 3 KB
2 KB 113ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985949215/?random=1693329698320&cv=11&fst=1693329698320&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&hn=www.googleadservices.com&frm=0&tiba=Offering%20Details&auid=1400404993.1693329698&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXDRKTV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c77f1a70fb809624f7d230384d69dc25494bd8cdbc809450d46d688a0488ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961476911/ 3 KB
1 KB 112ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961476911/?random=1693329698323&cv=11&fst=1693329698323&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&hn=www.googleadservices.com&frm=0&tiba=Offering%20Details&auid=1400404993.1693329698&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXDRKTV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea8c1a540fecd030a25de38819bbbc17e147ae642a2249a8248088024ba91ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET insight.min.js
snap.licdn.com/li.lms-analytics/ 0
0

GET uwt.js
static.ads-twitter.com/ 0
0

GET up_loader.1.1.0.js
js.adsrvr.org/ 0
0

GET ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 0
0

GET events.js
analytics.tiktok.com/i18n/pixel/ 0
0

GET bat.js
bat.bing.com/ 0
0

GET scevent.min.js
sc-static.net/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
93 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TJFS8NHHY9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXDRKTV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dccb55c1164a742f115d14f407b64ba4cf41830f78f7d95e750ebc272d167c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94709
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:21:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
93 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-88DQE4DC1H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXDRKTV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0d84d97a1bcb31c48b5e078c4e7e2006581f95dc7711d19ad39cd4dbbe0c516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:21:38 GMT

GET seg
secure.adnxs.com/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TJFS8NHHY9&gtm=45je38n0&_p=2123164867&_gaz=1&cid=1676257246.1693329698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693329698&sct=1&seg=0&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&dt=Offering%20Details&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88DQE4DC1H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TJFS8NHHY9&cid=1676257246.1693329698&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88DQE4DC1H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-88DQE4DC1H&gtm=45je38n0&_p=2123164867&cid=1676257246.1693329698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693329698&sct=1&seg=0&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&dt=Offering%20Details&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88DQE4DC1H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 39ms
20ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-29163973-1&cid=1676257246.1693329698&jid=650789694&gjid=1261076374&_gid=2088766275.1693329698&_u=KGBAAEIaAAAAACAAY~&z=1446230903

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://operations.daxko.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Aug 2023 17:21:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
82 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C0GH5Q141M&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9288ec3fdd998e6f44d9870e7978fcafb9ade55006eb9c2263d54c920266a3ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83875
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:21:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 37ms
20ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20923344-1&cid=1676257246.1693329698&jid=1924389237&gjid=1952603954&_gid=2088766275.1693329698&_u=aGDACEIbBAAAACAMY~&z=1296954519

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://operations.daxko.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Aug 2023 17:21:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 69ms
46ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20923344-1&cid=1676257246.1693329698&jid=1924389237&_u=aGDACEIbBAAAACAMY~&z=1945983893

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-C0GH5Q141M&gtm=45je38n0&_p=2123164867&ul=en-us&sr=1600x1200&cid=1676257246.1693329698&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&dt=Offering%20Details&sid=1693329698&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0GH5Q141M&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/985949215/ 42 B
154 B 19ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/985949215/?random=1693329698320&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&frm=0&tiba=Offering%20Details&fmt=3&is_vtc=1&random=320551273&rmt_tld=0&ipr=y

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/985949215/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/961476911/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961476911/?random=1693329698323&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&frm=0&tiba=Offering%20Details&fmt=3&is_vtc=1&random=976288597&rmt_tld=0&ipr=y

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/961476911/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=898365510319862&ev=PageView&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&rl=&if=false&ts=1693329698497&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693329698494.577590768&cs_est=true&it=1693329698287&coo=false&rqm=GET

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 29 Aug 2023 17:21:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

form.js Show response
static.wufoo.com/scripts/embed/
Redirect Chain

https://www.wufoo.com/scripts/embed/form.js
https://static.wufoo.com/scripts/embed/form.js

6 KB
6 KB

280ms
196ms

Script
text/javascript

52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wufoo.com/scripts/embed/form.js

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

nginx/1.22.0 /

Resource Hash

26209e905611974d8e2a31c9280cfc343925c3be347b8e31586ee2bdf973871d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
server: nginx/1.22.0
x-amz-cf-pop: FRA56-P4
etag: c3b1a3577301f5b459a13b8f6261dbf8
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=600; must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type, authorization
x-amz-cf-id: tD2-CSqxaXZ8rxCdEXvArDLSlDLC73BlE9o7CSFlTG2qq-Z3V1WxeA==

Redirect headers

date: Tue, 29 Aug 2023 17:21:38 GMT
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://static.wufoo.com/scripts/embed/form.js
content-length: 0
x-amz-cf-id: yCR1bZdHzjkGMd5zC-Vx5obeToCrFvJ_fD0jamNtkUCX0PEugIHkHQ==

GET
H2 200 fa-regular-400.woff2
operations.daxko.com/Online/assets/fontawesome/webfonts/ 380 KB
380 KB 18ms
18ms Font
application/font-woff2 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/assets/fontawesome/css/regular.min.4f79e7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Referer: https://operations.daxko.com/Online/assets/fontawesome/css/regular.min.4f79e7.css
Origin: https://operations.daxko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 5333
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 388900
x-ops-instance: blue
last-modified: Thu, 02 Mar 2023 21:35:27 GMT
server: cloudflare
etag: "88c60e84e4dd91:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b9ff7d040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

GET
H2 200 Inter.ttf
operations.daxko.com/Online/assets/css/fonts/ 785 KB
786 KB 27ms
27ms Font
application/octet-stream 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/assets/css/fonts/Inter.ttf

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/assets/css/main.min.59a50e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b9a8e5e213977665be2a56db66945a16c686da3d9861af1e7851322cf15495ea

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Referer: https://operations.daxko.com/Online/assets/css/main.min.59a50e.css
Origin: https://operations.daxko.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:38 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dax-clientid: 0
age: 6148
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 803384
x-ops-instance: blue
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: "09a3818ba6daf1:0"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7fe678b9ff81040c-FRA
expires: Tue, 29 Aug 2023 21:21:38 GMT

POST
H2 200 related_offerings Show response
operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc/ 21 B
864 B 219ms
219ms XHR
application/json 2606:4700::6812:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc/related_offerings

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.1.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8d13df115ccf9f70d59416b1a751e9e0e3324cdb5038c62f9f622887b5dd2605

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-dax-username: Online
date: Tue, 29 Aug 2023 17:21:39 GMT
content-security-policy: frame-ancestors http://www.austinymca.org https://www.austinymca.org http://austinymca.org https://austinymca.org http://austy.829-devl3.com https://austy.829-devl3.com http://www.austy.829-devl3.com https://www.austy.829-devl3.com; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com *.google-analytics.com *.pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com *.wufoo.com code.jquery.com *.googleapis.com *.gstatic.com *.facebook.net *.hotjar.com www.googletagmanager.com *.salesforceliveagent.com *.amazonaws.com *.google.com *.twitter.com *.daxko.com *.birst.com *.bootstrapcdn.com *.facebook.com *.angularjs.org *.newrelic.com *.hotjar.io *.sigwebtablet.com:47290 *.clover.com blob: wss: *.instana.io *.getbee.io *.groupexpro.com groupexpro.com *.gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net *.nr-data.net *.googleadservices.com *.doubleclick.net;
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-dax-clientid: 2021
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMa OUR IND ONL UNI FIN COM NAV INT PRE"
content-length: 45
x-ops-instance: blue
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=iso-8859-1
cache-control: private
cf-ray: 7fe678ba4815040c-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=898365510319862&ev=Microdata&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&rl=&if=false&ts=1693329699001&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Offering%20Details%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748%22%2C%22og%3Atitle%22%3A%22Project%20SAFE%22%2C%22og%3Adescription%22%3A%22The%20YMCA%20of%20Austin%20-%20in%20collaboration%20with%20Colin%27s%20Hope%20-%20is%20working%20toward%20the%20goal%20of%20providing%20area%20pre-k%2C%20kinder%2C%20and%20first%20graders%20with%20critical%20safety%2C%20aquatics%2C%20and%20fitness%20education.%20The%20program%20is%20Project%20SAFE%20(Safety%2C%20Aquatics%2C%20and%20Fitness%20Education).%3Cbr%3E%3Cbr%3EThe%20YMCA%20of%20Austin%20will%20provide%20swim%20instruction%2C%20safety%20education%20and%20fitness%20activities%20at%20no%20charge%20to%20parents.%20Classes%20take%20place%20at%20YMCA%20of%20Austin%20branches.%3Cbr%3E---------%3Cbr%3EEl%20YMCA%20de%20Austin%2C%20en%20colaboraci%C3%B3n%20con%20Colin%27s%20Hope%2C%20%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Foperations.daxko.com%2FOnline%2FMemberJoin%2FGetLogo.aspx%3Fcid%3D2021%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693329698494.577590768&it=1693329698287&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: operations.daxko.com
URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 29 Aug 2023 17:21:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 z17nfj7w1ps3yd9 Show response
daxkomarketing.wufoo.com/embed/ Frame D600 11 KB
12 KB 782ms
746ms Document
text/html 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://daxkomarketing.wufoo.com/embed/z17nfj7w1ps3yd9?embedKey=z17nfj7w1ps3yd9777158&entsource=&referrer=&Field11=2021&Field12=/Online/2021/ProgramsV2/OfferingDetails.mvc&Field13=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.110%20Safari/537.36&Field16=hdc_prod&

Requested by

Host: www.wufoo.com
URL: https://www.wufoo.com/scripts/embed/form.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

nginx/1.22.0 /

Resource Hash

e6f0b591a917c660bf3ffce6a98f742315b8df2a6a17bdd46668d0ab1758d891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://operations.daxko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, authorization
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
content-type: text/html;charset=UTF-8
date: Tue, 29 Aug 2023 17:21:39 GMT
server: nginx/1.22.0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
x-amz-cf-id: zYgLJqFS_UoVgL0JdzBlHbdqid6SXkptVwB65UQfOKWeGiaNcjgIEg==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

GET
H2 200 splunk-otel-web.js Show response
cdn.signalfx.com/o11y-gdi-rum/latest/ Frame D600 165 KB
38 KB 50ms
8ms Script
application/javascript 108.138.7.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
Requested by: Host: daxkomarketing.wufoo.com
URL: https://daxkomarketing.wufoo.com/embed/z17nfj7w1ps3yd9?embedKey=z17nfj7w1ps3yd9777158&entsource=&referrer=&Field11=2021&Field12=/Online/2021/ProgramsV2/OfferingDetails.mvc&Field13=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.110%20Safari/537.36&Field16=hdc_prod&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04777f9242a476f8a1ad3b1488943bf771ecc84e3b9c83dc472a3133364a7c84

Request headers

Referer: https://daxkomarketing.wufoo.com/
Origin: https://daxkomarketing.wufoo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:17:02 GMT
content-encoding: br
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 02 Aug 2023 15:38:01 GMT
server: AmazonS3
etag: W/"71b6a257f70f17f76e8905332025a5a2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: wb-PUy2P5pgBcDLmfbsjQvgPSqeHzGnWmozZ1UY4p4mmGLDBVYziQg==

GET
H2 200 index.0686.css
static.wufoo.com/stylesheets/public/forms/css/ Frame D600 35 KB
35 KB 198ms
197ms Stylesheet
text/css 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wufoo.com/stylesheets/public/forms/css/index.0686.css

Requested by

Host: daxkomarketing.wufoo.com
URL: https://daxkomarketing.wufoo.com/embed/z17nfj7w1ps3yd9?embedKey=z17nfj7w1ps3yd9777158&entsource=&referrer=&Field11=2021&Field12=/Online/2021/ProgramsV2/OfferingDetails.mvc&Field13=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.110%20Safari/537.36&Field16=hdc_prod&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

nginx/1.22.0 /

Resource Hash

02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daxkomarketing.wufoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
server: nginx/1.22.0
x-amz-cf-pop: FRA56-P4
etag: 5080a1b10ee1c2bc97d964923c5d253f
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=600; must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type, authorization
x-amz-cf-id: NgP_fA9l1PUEWqlbrCkxN_wUpFiQyXRwMve0T5sjb2_gHnZBBEO30Q==

GET
H2 200 theme.css
daxkomarketing.wufoo.com/css/custom/3/ Frame D600 13 KB
14 KB 648ms
648ms Stylesheet
text/css 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://daxkomarketing.wufoo.com/css/custom/3/theme.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

nginx/1.22.0 /

Resource Hash

2034cd3bee4be417918735966054031e1ba3c6f57df989e31d01a85c3654004b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daxkomarketing.wufoo.com/embed/z17nfj7w1ps3yd9?embedKey=z17nfj7w1ps3yd9777158&entsource=&referrer=&Field11=2021&Field12=/Online/2021/ProgramsV2/OfferingDetails.mvc&Field13=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.110%20Safari/537.36&Field16=hdc_prod&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
server: nginx/1.22.0
x-amz-cf-pop: FRA56-P4
etag: 608392e9f71ea074fccf0cfbae75b7f7
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=600; must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type, authorization
x-amz-cf-id: YtRAunVrFjOQjqlfuGmVDC_DHH7nrBsWUbt16JMUrDKvXVNWZGr9MA==

GET
H2 200 dynamic.0686.js Show response
static.wufoo.com/scripts/public/ Frame D600 215 KB
216 KB 199ms
199ms Script
text/javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wufoo.com/scripts/public/dynamic.0686.js?language=english

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

nginx/1.22.0 /

Resource Hash

e27348d56d8727cbeaafbc744d670de3be8169e1b4ac20b5e526c5afec8fb634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daxkomarketing.wufoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 19:24:57GMT
server: nginx/1.22.0
x-amz-cf-pop: FRA56-P4
etag: f464c622c14e307edae0450a11bc67ca
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=600; must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type, authorization
x-amz-cf-id: cpygH-ildzfX45Q48oFQq26o4FGJPuFdAgktZ9jpeJ-czOU0ZLbvJQ==

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TJFS8NHHY9&gtm=45je38n0&_p=2123164867&cid=1676257246.1693329698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1693329698&sct=1&seg=0&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&dt=Offering%20Details&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88DQE4DC1H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-88DQE4DC1H&gtm=45je38n0&_p=2123164867&cid=1676257246.1693329698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1693329698&sct=1&seg=0&dl=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&dt=Offering%20Details&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88DQE4DC1H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://operations.daxko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:21:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://operations.daxko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Domain: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Domain: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js

Domain: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073749038

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEBL9QBC77UFTJ8G80QG&lib=ttq

Domain: bat.bing.com
URL: https://bat.bing.com/bat.js

Domain: sc-static.net
URL: https://sc-static.net/scevent.min.js

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/seg?add=29042735&t=2&gtmcb=1112665706

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TJFS8NHHY9&cid=1676257246.1693329698&gtm=45je38n0&aip=1&z=1649818677

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20923344-1&cid=1676257246.1693329698&jid=1924389237&_u=aGDACEIbBAAAACAMY~&z=1945983893

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/985949215/?random=1693329698320&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&frm=0&tiba=Offering%20Details&fmt=3&is_vtc=1&random=320551273&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/961476911/?random=1693329698323&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&frm=0&tiba=Offering%20Details&fmt=3&is_vtc=1&random=976288597&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ibit.ly/	1970-01-20 14:42:19	Name: XSRF-TOKEN Value: eyJpdiI6Ilp2Y2dJdm1OMlR3cEdQR2FXbHlEUWc9PSIsInZhbHVlIjoieTluM0VEWDBBbFZ3TWo1ZStpbEtiRXVqZXZoSDZTeHRzWWZyRXA0SHh4RGw2aUxNM0pPRURjc3E0bWFHb01YTG5mNDJtZC9Da2tJd1RDczhDSHVBUzdvbk5iQkIxVHVtajFFYTd0TDFiVTdhV3dXS2s4YVNlbzB0TDQ1OSt2QTEiLCJtYWMiOiJhYmEyZjhhYWM4ZmI0ZDExNGM3NmQyZjc4Y2JlNWZiODk5Nzg3NjdmMjNkZDU0YTRiMmY5NjM2ODdmZGJlMTFiIiwidGFnIjoiIn0%3D
ibit.ly/	1970-01-20 14:42:19	Name: tly_session Value: eyJpdiI6IkFqdEZ1L0QwVnhzdXFoRDE0Um5LeEE9PSIsInZhbHVlIjoiaDJQZ0YvR1FNT1dER3ppMmhXajJGcGVRMTJTSG1RQ21qSGlmQ2dGT0l3Nmp2UDNZL0ZFYkNCbURsblRqWkdpcWxOclZGSUdwR3NETjhPN2JHV04wT3Y4bmhuTStkbG43UjEzTXNSNjd5VGhYSDRYNmZRSmIyallQN2p3QkdjL3QiLCJtYWMiOiJiYTJmZTYxNzA0ZjQ2YmM3MGNmNTliMWVkYWU0MDc0MjcxNWU2Y2Q4MzExZDY4ODgxZmYzZWU0MzFiNDlkNDYxIiwidGFnIjoiIn0%3D
operations.daxko.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3sy3mv0wft0uj0lne1abgnvf
.daxko.com/	1970-01-20 14:22:52	Name: 6f707372617465 Value: 172.70.250.38-1693329697
.daxko.com/	1970-01-20 14:23:36	Name: _gid Value: GA1.2-2.2088766275.1693329698
.daxko.com/	1970-01-20 14:22:09	Name: _gat Value: 1
.daxko.com/	1970-01-20 14:22:09	Name: _gat_client Value: 1
.daxko.com/	1970-01-20 16:31:45	Name: _gcl_au Value: 1.1.1400404993.1693329698
.daxko.com/	1970-01-20 23:58:09	Name: _ga Value: GA1.1.1676257246.1693329698
.daxko.com/	1970-01-20 23:58:09	Name: _ga_TJFS8NHHY9 Value: GS1.1.1693329698.1.0.1693329698.60.0.0
.daxko.com/	1970-01-20 23:58:09	Name: _ga_88DQE4DC1H Value: GS1.1.1693329698.1.0.1693329698.0.0.0
.doubleclick.net/	1970-01-20 14:22:10	Name: test_cookie Value: CheckForPermission
.daxko.com/	1970-01-20 23:58:09	Name: _ga_C0GH5Q141M Value: GS1.2-2.1693329698.1.0.1693329698.0.0.0
.daxko.com/	1970-01-20 16:31:45	Name: _fbp Value: fb.1.1693329698494.577590768
.wufoo.com/	1970-01-20 14:22:11	Name: ep201 Value: ou2eiwQdSBIkmmSP67FC/hVKv6o=
daxkomarketing.wufoo.com/	1970-01-20 14:22:10	Name: _splunk_rum_sid Value: %7B%22id%22%3A%225feb6fa8c417bb22ceda7b8c76c8a3ec%22%2C%22startTime%22%3A1693329700145%7D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXDRKTV(Line 85) Message: Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://static.ads-twitter.com/uwt.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXDRKTV(Line 552) Message: Refused to load the script 'https://js.adsrvr.org/up_loader.1.1.0.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073749038' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	(Line 1) Message: Refused to load the script 'https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEBL9QBC77UFTJ8G80QG&lib=ttq' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://bat.bing.com/bat.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://sc-static.net/scevent.min.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748(Line 103) Message: Refused to load the image 'https://secure.adnxs.com/seg?add=29042735&t=2&gtmcb=1112665706' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748(Line 103) Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TJFS8NHHY9&cid=1676257246.1693329698&gtm=45je38n0&aip=1&z=1649818677' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748(Line 103) Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20923344-1&cid=1676257246.1693329698&jid=1924389237&_u=aGDACEIbBAAAACAMY~&z=1945983893' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748(Line 103) Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/985949215/?random=1693329698320&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&frm=0&tiba=Offering%20Details&fmt=3&is_vtc=1&random=320551273&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://operations.daxko.com/Online/2021/ProgramsV2/OfferingDetails.mvc?program_id=TMP117964&offering_id=SES3031662&location_id=B748(Line 103) Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/961476911/?random=1693329698323&cv=11&fst=1693328400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foperations.daxko.com%2FOnline%2F2021%2FProgramsV2%2FOfferingDetails.mvc%3Fprogram_id%3DTMP117964%26offering_id%3DSES3031662%26location_id%3DB748&frm=0&tiba=Offering%20Details&fmt=3&is_vtc=1&random=976288597&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: ajax.aspnetcdn.com .google-analytics.com .pendo.io stats.g.doubleclick.net cdnjs.com cdnjs.cloudflare.com .wufoo.com code.jquery.com .googleapis.com .gstatic.com .facebook.net .hotjar.com www.googletagmanager.com .salesforceliveagent.com .amazonaws.com .google.com .twitter.com .daxko.com .birst.com .bootstrapcdn.com .facebook.com .angularjs.org .newrelic.com .hotjar.io .sigwebtablet.com:47290 .clover.com blob: wss: .instana.io .getbee.io .groupexpro.com groupexpro.com .gainspro.com raptorsor.blob.core.windows.net cdn.jsdelivr.net .nr-data.net .googleadservices.com *.doubleclick.net". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
analytics.tiktok.com
bat.bing.com
cdn.signalfx.com
connect.facebook.net
daxkomarketing.wufoo.com
eum.instana.io
googleads.g.doubleclick.net
ibit.ly
js.adsrvr.org
operations.daxko.com
region1.analytics.google.com
region1.google-analytics.com
sc-static.net
secure-ds.serving-sys.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.wufoo.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.wufoo.com
analytics.tiktok.com
bat.bing.com
js.adsrvr.org
sc-static.net
secure-ds.serving-sys.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
www.google.de
108.138.7.60
13.32.121.100
152.199.19.160
168.220.91.95
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700::6810:cb16
2606:4700::6812:1f9
2a00:1450:4001:80e::2008
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c0b::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.222.236.107
02ba007a52f99c4781627d0140a02052ad8578e7c47124493511c06c7c1e53b0
04777f9242a476f8a1ad3b1488943bf771ecc84e3b9c83dc472a3133364a7c84
04857d263d127bca083f9036ffcb2c030cd12b943cf4cde1a71daf4da22fcdde
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
178703061b091c0ab76889052a28aa921e22e566eabca46dd1c1d76a6deeece2
1c77f1a70fb809624f7d230384d69dc25494bd8cdbc809450d46d688a0488ac7
2034cd3bee4be417918735966054031e1ba3c6f57df989e31d01a85c3654004b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26209e905611974d8e2a31c9280cfc343925c3be347b8e31586ee2bdf973871d
307da7f600c1478fed93c0af017c38634c9c7ca4940fb5a3626493d5cf03e32d
4d3052999aa5c817c502f46c4a629859329aeafb6e8a8eb22d896cbf41f804ed
6119e5759c5acc7676d0a4e949d7caca54f389188667a2566141190f17ed28be
6802b673eff629054aa143c8589ac4cc9bc505a04ec8c54a9d8c3840fd01f675
6a2fa1281d5bd275c235ab2fe7fea2b3da0ec807bcb86c2a3a5fa0f30ad9b6ec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
728f5fb229024fc0d453dfa1039c81ebb8ed600aac7ecad2dfdece986b43a346
80506d24fc094582fd61e8ff0dc8906b74a4002f40c7c7cb4c2f4d3b36a2a89b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b5e64098381c20c50bbc312253937315330c038f166aa2e7ffc3c8a8bdc789
86190e5e8be7fbfc1aabf3edbb7cf7c0366361c35e6f326330ca74a1914d12f7
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8d13df115ccf9f70d59416b1a751e9e0e3324cdb5038c62f9f622887b5dd2605
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9288ec3fdd998e6f44d9870e7978fcafb9ade55006eb9c2263d54c920266a3ae
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a3eeec63f63abe67e21f8dd5c5ab93523f1b12dd56fc790e624b6c36a3563afe
a7542ff187686b74e3b622ddbb75ae2e0f01833a7453bfc88d3447622a494244
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1ba82970aa063865abed9c189d656381e0684d474bbbe961644125e8517b898
b852691335b42afc85f45a5fdbe0b03bf6f79c7e5a155fec3573c184a0212fa9
b9a8e5e213977665be2a56db66945a16c686da3d9861af1e7851322cf15495ea
c0d84d97a1bcb31c48b5e078c4e7e2006581f95dc7711d19ad39cd4dbbe0c516
c23836c2e8bd4d7c0ee2edaf950f35a786848abf318f159941d1035ad08d017c
c2bd0d0490a71ba1ebe7201ca958998ad86f745e35d426c4c48ba2ee3f127812
cf203c23de8ad0c5151ca1ae2feb6b032d10891bd61eb1b494d2c72e45844aa2
dccb55c1164a742f115d14f407b64ba4cf41830f78f7d95e750ebc272d167c59
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e27348d56d8727cbeaafbc744d670de3be8169e1b4ac20b5e526c5afec8fb634
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d1f48b1b2a85a0407fb950cb85ad68085ae7af221f5f269562b208b4d65630
e6f0b591a917c660bf3ffce6a98f742315b8df2a6a17bdd46668d0ab1758d891
ea8c1a540fecd030a25de38819bbbc17e147ae642a2249a8248088024ba91ee9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f336b1769c6bf53fc40e1d87cae6ee7ffd8d7c618e29c2c6cecbc6bb88f89a8a
fb09d65f99c22334ac02750d6213d6490cd2140a9137fe289ae08cbf5d3fd45b

operations.daxko.com Open in urlscan Pro 2606:4700::6812:1f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

81 %HTTPS

69 %IPv6

21 Domains

26 Subdomains

15 IPs

3 Countries

2278 kBTransfer

4224 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

operations.daxko.com Open in urlscan Pro
2606:4700::6812:1f9 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

81 %
HTTPS

69 %
IPv6

21
Domains

26
Subdomains

15
IPs

3
Countries

2278 kB
Transfer

4224 kB
Size

16
Cookies

67 HTTP transactions
0 data transactions