www.ondutytow.savingsconsultantsinc.com Open in urlscan Pro
192.185.225.20  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ondutytow.savingsconsultantsinc.com/	75 KB 22 KB	722ms 195ms	Document text/html	192.185.225.20 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.225.20 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS buildinghub.biz Software Apache / Resource Hash e9336dc599fd3bd0a666928385504644b885cdfe899cfeb976194e4e0039229f Request headers :method GET :authority www.ondutytow.savingsconsultantsinc.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 06 Oct 2020 22:04:20 GMT server Apache last-modified Tue, 06 Oct 2020 22:04:19 GMT accept-ranges bytes cache-control max-age=300 expires Tue, 06 Oct 2020 22:09:20 GMT vary Accept-Encoding content-encoding gzip x-endurance-cache-level 2 content-type text/html
GET H2	200	base.css ondutytow.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/	704 B 358 B	587ms 555ms	Stylesheet text/css	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.6.0.3 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40e6200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:21 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 5de2ad748f531e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	style.min.css ondutytow.com/wp-includes/css/dist/block-library/	53 KB 7 KB	571ms 539ms	Stylesheet text/css	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40e7200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:15 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 5de2ad748f551e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	thrive_flat.css ondutytow.com/wp-content/plugins/thrive-visual-editor/editor/css/	718 KB 69 KB	940ms 908ms	Stylesheet text/css	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.6.0.3 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c604c4e78d24e09470261b53d1b67e1f612f1dd290452480c428fe3452f9ba86 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40e8200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 5de2ad748f561e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	landingpage-inner-frame.css ondutytow.com/wp-content/themes/thrive-theme/inc/assets/dist/	4 KB 1 KB	576ms 545ms	Stylesheet text/css	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/themes/thrive-theme/inc/assets/dist/landingpage-inner-frame.css?ver=1.8.1.2 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a54e7ed25533c1da7605ccccc232e036b1ba398ff110ed497bff803db3c49322 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40e9200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 5de2ad748f571e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	style.css ondutytow.com/wp-content/themes/thrive-theme/	122 KB 19 KB	734ms 702ms	Stylesheet text/css	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/themes/thrive-theme/style.css?ver=1.8.1.2 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa6e8a8061c4fd5e1cb2d69ccf220aa4d9ad9a560508ba8b207e714d35c6b760 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40ea200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 5de2ad748f591e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	checkout.css ondutytow.com/wp-content/plugins/thrive-apprentice/css/	4 KB 886 B	584ms 553ms	Stylesheet text/css	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-apprentice/css/checkout.css?ver=2.3.2.3 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 692f6f364bbd9accd6866c67deb823580f463e1b7ea1fc81071abc2d5015ad26 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40eb200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:12 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 5de2ad748f5a1e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	header.min.js Show response ondutytow.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/	2 KB 1 KB	577ms 546ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/header.min.js?ver=1.3.2.1 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c1dfe49de50604e869729525a265c459ab79731f9e24c73b94379a296009f0e Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40ee200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:31:51 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad748f5e1e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	jquery.js Show response ondutytow.com/wp-includes/js/jquery/	95 KB 32 KB	875ms 844ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40ef200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 18:53:46 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad748f5f1e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	moxie.min.js Show response ondutytow.com/wp-includes/js/plupload/	86 KB 26 KB	754ms 723ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/plupload/moxie.min.js?ver=1.3.5 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea8f6fb79fa2083c0b68b0a618446767c7bdf2d6aafc07d54a1c80e06a838c1c Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40ed200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad748f5d1e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	plupload.min.js Show response ondutytow.com/wp-includes/js/plupload/	15 KB 6 KB	533ms 503ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/plupload/plupload.min.js?ver=2.1.9 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1985f2d29e27f6c8a54b740b8b384fab214215c090e16d6652295e4911db0fdd Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18abcd300001e47a40ec200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021861"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad748f5c1e47-FRA expires Wed, 07 Oct 2020 22:04:20 GMT
GET H2	200	css fonts.googleapis.com/	14 KB 943 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Literata:400,400i,600,600i,700,700i&subset=latin&display=swap Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f71e96b81a402208fd3cd5308f7b247d824322952acea946abbc36ced2c54df3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 06 Oct 2020 22:04:20 GMT server ESF date Tue, 06 Oct 2020 22:04:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Oct 2020 22:04:20 GMT
GET H2	200	css fonts.googleapis.com/	12 KB 709 B	18ms 16ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Muli:400,400i,800,800i,700,700i,500,500i,600,300,200,900&subset=latin&display=swap Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2e8c3f249eadb21fd17d7baec9b6905f0a9dab3b87d31ea610075511d31486db Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 06 Oct 2020 22:04:20 GMT server ESF date Tue, 06 Oct 2020 22:04:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Oct 2020 22:04:20 GMT
GET H2	200	css fonts.googleapis.com/	6 KB 771 B	24ms 23ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin&display=swap Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ba9134895931936a3b11f211a8f097fdd6689c24b5c3e8d9e671cabc59b2c5b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 06 Oct 2020 22:04:20 GMT server ESF date Tue, 06 Oct 2020 22:04:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Oct 2020 22:04:20 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 506 B	25ms 24ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Gentium+Basic:400,700&subset=latin Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0bb5e27a3738dc6a9b562c6a2d66c3868a2868a623f546823295d80b27cc5301 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 06 Oct 2020 22:04:20 GMT server ESF date Tue, 06 Oct 2020 22:04:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Oct 2020 22:04:20 GMT
GET H2	200	wp-emoji-release.min.js Show response ondutytow.com/wp-includes/js/	14 KB 4 KB	526ms 525ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a412a200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa661e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	ATK-Logo.png ondutytow.com/wp-content/uploads/2020/10/	25 KB 25 KB	686ms 685ms	Image image/png	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ondutytow.com/wp-content/uploads/2020/10/ATK-Logo.png Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b09bdc0a2b4099b1cf4ec9668cd97fdce20244fc83b89c1e9018e50054ae3cb Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 25727 cf-request-id 05a18ac0d700001e47a412b200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:34:58 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 5de2ad7afa681e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	triggers.min.js Show response ondutytow.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/	4 KB 2 KB	527ms 527ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-headline-optimizer/frontend/js/triggers.min.js?ver=1.3.2.1 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75569745ae983322668ba0ed5e14c5afe9e291ed0bb78b469cbcb61c6cabaf14 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:21 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac02200001e47a4118200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:31:51 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad79d8791e47-FRA expires Wed, 07 Oct 2020 22:04:21 GMT
GET H2	200	imagesloaded.min.js Show response ondutytow.com/wp-includes/js/	5 KB 2 KB	493ms 493ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0b000001e47a411c200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:15 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7ab9e11e47-FRA expires Wed, 07 Oct 2020 22:04:21 GMT
GET H2	200	masonry.min.js Show response ondutytow.com/wp-includes/js/	24 KB 7 KB	515ms 512ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/masonry.min.js?ver=4.2.2 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d300001e47a411e200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7aea391e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	jquery.masonry.min.js Show response ondutytow.com/wp-includes/js/jquery/	2 KB 735 B	555ms 552ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d300001e47a411f200000001 x-endurance-cache-level 2 last-modified Wed, 30 Jan 2019 15:57:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7aea3f1e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	frontend.min.js Show response ondutytow.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/	188 KB 50 KB	868ms 865ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.6.0.3 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de51050f75fcc260efdbd1f603aeb6f4aaa161a6d1f4e8097cb800b5c842d235 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d300001e47a4120200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7aea451e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	frontend.min.js Show response ondutytow.com/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/	3 KB 1 KB	499ms 497ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/frontend.min.js?ver=2.3.2.3 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96cd14a2f15d1df04b2d20efe837976eaba9259c83275a9c9fc616162b516a43 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4121200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa491e47-FRA expires Wed, 07 Oct 2020 22:04:21 GMT
GET H2	200	core.min.js Show response ondutytow.com/wp-includes/js/jquery/ui/	4 KB 2 KB	543ms 540ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4122200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:15 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa4b1e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	widget.min.js Show response ondutytow.com/wp-includes/js/jquery/ui/	7 KB 2 KB	533ms 531ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4123200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:15 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa4d1e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	mouse.min.js Show response ondutytow.com/wp-includes/js/jquery/ui/	3 KB 987 B	542ms 540ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4124200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:15 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa521e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	resizable.min.js Show response ondutytow.com/wp-includes/js/jquery/ui/	18 KB 5 KB	543ms 541ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c92c6a06a05ebbc74655d4d596a2e169f97f1ad070ee073e4024106654441a7c Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4125200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:15 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa571e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	frontend.min.js Show response ondutytow.com/wp-content/themes/thrive-theme/inc/assets/dist/	15 KB 5 KB	510ms 508ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=1.8.1.2 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eba704d58887214988ecd61e0f5e0b4798ef4730fbd2b34b4b2794ff64572eb0 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4126200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa5c1e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	tva-tcb-frontend.min.js Show response ondutytow.com/wp-content/plugins/thrive-apprentice/tcb-bridge/assets/js/	1 KB 611 B	525ms 523ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-apprentice/tcb-bridge/assets/js/tva-tcb-frontend.min.js?ver=2.3.2.3 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d88a2669db6709b783150924428229ac89dcc0298b8d6f1a290cd8426661ae4 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4127200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:32:12 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa5d1e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	wp-embed.min.js Show response ondutytow.com/wp-includes/js/	1 KB 754 B	552ms 551ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-includes/js/wp-embed.min.js?ver=5.5.1 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4128200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:26:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa601e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	no-campaign.min.js Show response ondutytow.com/wp-content/plugins/thrive-ultimatum/js/dist/	583 B 465 B	528ms 527ms	Script application/javascript	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ondutytow.com/wp-content/plugins/thrive-ultimatum/js/dist/no-campaign.min.js?v=2.3.2.3 Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 070cd1c118a7c4fee39c76fb5f3575dc227a230eeadfbc763e5548425f2e5228 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 cf-request-id 05a18ac0d700001e47a4129200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 19:31:55 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 5de2ad7afa611e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H3-Q050	200	css fonts.googleapis.com/	3 KB 493 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,700,400,900&subset=latin Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 06 Oct 2020 22:04:21 GMT server ESF date Tue, 06 Oct 2020 22:04:21 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Oct 2020 22:04:21 GMT
GET DATA	200 OK	truncated /	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H3-Q050	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,700,400,900&subset=latin Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ondutytow.savingsconsultantsinc.com Referer https://fonts.googleapis.com/css?family=Lato:300,700,400,900&subset=latin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 18:24:58 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:59 GMT server sffe age 13163 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Wed, 06 Oct 2021 18:24:58 GMT
GET H3-Q050	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,700,400,900&subset=latin Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ondutytow.savingsconsultantsinc.com Referer https://fonts.googleapis.com/css?family=Lato:300,700,400,900&subset=latin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 18:23:58 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:25 GMT server sffe age 13223 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 expires Wed, 06 Oct 2021 18:23:58 GMT
GET H3-Q050	200	WnzgHAw9aB_JD2VGQVR80We3JLasnT0ebaiLbBQ.woff2 fonts.gstatic.com/s/gentiumbasic/v12/	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/gentiumbasic/v12/WnzgHAw9aB_JD2VGQVR80We3JLasnT0ebaiLbBQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Gentium+Basic:400,700&subset=latin Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9bc31df30598c948a1e0a27eea420322cc16d38334a114a9fa62c96ff10a22d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ondutytow.savingsconsultantsinc.com Referer https://fonts.googleapis.com/css?family=Gentium+Basic:400,700&subset=latin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 20:07:45 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 04:36:30 GMT server sffe age 6996 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15916 x-xss-protection 0 expires Wed, 06 Oct 2021 20:07:45 GMT
GET H3-Q050	200	S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,700,400,900&subset=latin Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ondutytow.savingsconsultantsinc.com Referer https://fonts.googleapis.com/css?family=Lato:300,700,400,900&subset=latin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 18:27:28 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:14 GMT server sffe age 13013 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13912 x-xss-protection 0 expires Wed, 06 Oct 2021 18:27:28 GMT
GET H3-Q050	200	Wnz9HAw9aB_JD2VGQVR80We3LA2JiBA8YII.woff2 fonts.gstatic.com/s/gentiumbasic/v12/	15 KB 15 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/gentiumbasic/v12/Wnz9HAw9aB_JD2VGQVR80We3LA2JiBA8YII.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Gentium+Basic:400,700&subset=latin Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4225224ecdb476c4a5ff4e1224924a1320899cbdac37f3c8ab003c6c47bd75f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ondutytow.savingsconsultantsinc.com Referer https://fonts.googleapis.com/css?family=Gentium+Basic:400,700&subset=latin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 12:38:41 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 04:36:14 GMT server sffe age 33940 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15392 x-xss-protection 0 expires Wed, 06 Oct 2021 12:38:41 GMT
GET H3-Q050	200	7Auwp_0qiz-afTLGLQjUwkQ.woff2 fonts.gstatic.com/s/muli/v22/	24 KB 24 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Muli:400,400i,800,800i,700,700i,500,500i,600,300,200,900&subset=latin&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.ondutytow.savingsconsultantsinc.com Referer https://fonts.googleapis.com/css?family=Muli:400,400i,800,800i,700,700i,500,500i,600,300,200,900&subset=latin&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 02 Oct 2020 10:34:43 GMT x-content-type-options nosniff last-modified Wed, 15 Jul 2020 20:49:47 GMT server sffe age 386978 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24884 x-xss-protection 0 expires Sat, 02 Oct 2021 10:34:43 GMT
GET H2	200	Car-in-tow.jpg ondutytow.com/wp-content/uploads/2020/10/	28 KB 28 KB	673ms 672ms	Image image/jpeg	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ondutytow.com/wp-content/uploads/2020/10/Car-in-tow.jpg Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37d419d0862bfb2c624a36efb7b25d34c8512d86dbdf1ff6eac6549e12d3c98c Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 28983 cf-request-id 05a18ac12100001e47a412f200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 20:15:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 5de2ad7b6b001e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
GET H2	200	Wreck.png ondutytow.com/wp-content/uploads/2020/10/	474 KB 475 KB	847ms 847ms	Image image/png	2606:4700:3037::ac43:ba16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ondutytow.com/wp-content/uploads/2020/10/Wreck.png Requested by Host: www.ondutytow.savingsconsultantsinc.com URL: https://www.ondutytow.savingsconsultantsinc.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3037::ac43:ba16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a73515888935be1e785ed5d3f49f00af826ccd87216dfc1a6e475f3c51bf3963 Request headers Referer https://www.ondutytow.savingsconsultantsinc.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 06 Oct 2020 22:04:22 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} status 200 content-length 485558 cf-request-id 05a18ac12100001e47a4130200000001 x-endurance-cache-level 2 last-modified Tue, 06 Oct 2020 20:45:43 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021862"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 5de2ad7b6b021e47-FRA expires Wed, 07 Oct 2020 22:04:22 GMT
POST		admin-ajax.php ondutytow.com/wp-admin/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ondutytow.com

URL

https://ondutytow.com/wp-admin/admin-ajax.php

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings object| THO_Head function| tho_change_titles function| tho_brute_search_replace function| tho_get_title_variation function| tho_output_title function| tho_random_key function| tho_get_cookie function| tho_set_cookie string| THO_Titles object| THO_Variations number| tho_title_interval undefined| $ function| jQuery boolean| MXI_DEBUG object| moxie object| mOxie object| o object| plupload object| THO_Front object| ThriveGlobal function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| twemoji object| wp object| tve_frontend_options function| ownKeys function| _objectSpread function| _defineProperty function| _possibleConstructorReturn function| _assertThisInitialized function| _get function| _superPropBase function| _getPrototypeOf function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| _typeof object| TVE_jQFn object| TCB_Front function| tve_add_http function| tve_is_email function| tve_unserialize object| tve_dash_front object| TVE_Dash object| thrive_front_localize object| ThriveTheme object| tcb_post_lists object| TL_Const object| TVE_Ult_Data undefined| __thrive_$oJ object| jQuery1124023054587639605173 object| tcb_autofill number| TCB_PAGE_INDEX

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ondutytow.com
www.ondutytow.savingsconsultantsinc.com
ondutytow.com
192.185.225.20
2606:4700:3037::ac43:ba16
2a00:1450:4001:800::200a
2a00:1450:4001:808::2003
2a00:1450:4001:81c::200a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
070cd1c118a7c4fee39c76fb5f3575dc227a230eeadfbc763e5548425f2e5228
0bb5e27a3738dc6a9b562c6a2d66c3868a2868a623f546823295d80b27cc5301
1985f2d29e27f6c8a54b740b8b384fab214215c090e16d6652295e4911db0fdd
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f
2e8c3f249eadb21fd17d7baec9b6905f0a9dab3b87d31ea610075511d31486db
37d419d0862bfb2c624a36efb7b25d34c8512d86dbdf1ff6eac6549e12d3c98c
4225224ecdb476c4a5ff4e1224924a1320899cbdac37f3c8ab003c6c47bd75f5
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251
4d88a2669db6709b783150924428229ac89dcc0298b8d6f1a290cd8426661ae4
550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741
692f6f364bbd9accd6866c67deb823580f463e1b7ea1fc81071abc2d5015ad26
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
75569745ae983322668ba0ed5e14c5afe9e291ed0bb78b469cbcb61c6cabaf14
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
8b09bdc0a2b4099b1cf4ec9668cd97fdce20244fc83b89c1e9018e50054ae3cb
8c1dfe49de50604e869729525a265c459ab79731f9e24c73b94379a296009f0e
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
96cd14a2f15d1df04b2d20efe837976eaba9259c83275a9c9fc616162b516a43
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9bc31df30598c948a1e0a27eea420322cc16d38334a114a9fa62c96ff10a22d7
a54e7ed25533c1da7605ccccc232e036b1ba398ff110ed497bff803db3c49322
a73515888935be1e785ed5d3f49f00af826ccd87216dfc1a6e475f3c51bf3963
ba9134895931936a3b11f211a8f097fdd6689c24b5c3e8d9e671cabc59b2c5b4
c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c604c4e78d24e09470261b53d1b67e1f612f1dd290452480c428fe3452f9ba86
c92c6a06a05ebbc74655d4d596a2e169f97f1ad070ee073e4024106654441a7c
d16400e6b2166cf4a5b37b2216cde40c8637e6693cf623abbee9f8cd21a7dc33
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
de51050f75fcc260efdbd1f603aeb6f4aaa161a6d1f4e8097cb800b5c842d235
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e9336dc599fd3bd0a666928385504644b885cdfe899cfeb976194e4e0039229f
ea8f6fb79fa2083c0b68b0a618446767c7bdf2d6aafc07d54a1c80e06a838c1c
eba704d58887214988ecd61e0f5e0b4798ef4730fbd2b34b4b2794ff64572eb0
f71e96b81a402208fd3cd5308f7b247d824322952acea946abbc36ced2c54df3
fa6e8a8061c4fd5e1cb2d69ccf220aa4d9ad9a560508ba8b207e714d35c6b760
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869